Third-party risk
Chicago data centre outage forced clearers to turn away clients
Friday’s cooling system failure highlights cracks in tech and concentration risk of big CCPs
How FCA could help tackle third-party risk in AI
UK regulator’s supercharged sandbox is designed to boost explainability and reduce reliance on vendors
First line of defence dominates third-party risk management
1LoD survey finds 86% of control functions think they have sole responsibility for vendors
Robinhood looks to ‘Chaos Monkey’ for op resilience playbook
Risk Live North America: US broker is ditching emails, using chaos engineering and automating everything in sight
Op risk data: 1MDB scandal still haunts Wall Street
Also: Woodford in hot water, Salesforce voice phishing hooks multiple firms. Data by ORX News
Dora delay leaves EU banks fighting for their audit rights
Regulation requires firms to expand scrutiny of critical vendors that haven’t yet been identified
Banks curb frequency of GRC vendor reviews
Data shows drop in plans to pitch or switch vendors, amid tighter third-party rules – but TPRM bucks the trend
In more than 90% of banks, second line tackles cyber risk
But some regulators would still like to see more 2 LoD risk staffing for infosec and IT disruption
ECB may force banks to rethink cloud just months after Dora
EU regulator pushes multi-cloud strategy for banks, but guidance will not be binding
Regional banks favour scenario analysis over op risk modelling
Domestic and smaller regional players favour scenarios to gauge tail exposure; G-Sibs stick to modelling, for now
Regulators zero in on third-party risk, resilience
In latest survey, 35% of banks say watchdogs have “significantly increased” focus on third-party risk, with reports of arduous inspections and growing resource strain
More than one-quarter of banks overhaul third-party KRIs
Op Risk Benchmarking data shows more flux – and less confidence – in indicators tracking vendors versus other risks
Ninety-one per cent of banks have specialist teams for resilience risk
Latest survey shows regulatory pressure is driving broader framing of resilience, beyond IT and cyber
The AI bot that left the garage
Senior operational risk exec explains how hidden third-party feature could lead to systemic risk
Risk appetite breaches test development banks
MDBs also more likely to change services or strategy to reduce risk exposure, survey shows
Glass houses: US agencies urged to shore up cyber defences
Email hack at OCC raises concerns over more widespread frailty at regulators
Algos shrugged: AI uptake still lagging in bank op risk
Risk managers acknowledge transformative potential of artificial intelligence – most, from a safe distance
FMIs create culture club for op risk
Exchanges and clearing houses seek to build risk resilience among front-line business, amid concerns of overreliance on second line of defence
Taking the sting out: exchanges and CCPs bolster scenario toolkits
As cyber threats ramp up, the world’s largest exchanges re-assume the worst
Technology is a double-edged sword for FMIs
Exchanges and clearing houses rely on third-party vendors for vital systems, but outsourcing can also lead to duplication and waste
EU banks want the cloud closer to home amid tariff wars
Fears over US executive orders prompt new approaches to critical third-party risk management