Third-party risk
Taking the sting out: exchanges and CCPs bolster scenario toolkits
As cyber threats ramp up, the world’s largest exchanges re-assume the worst
Technology is a double-edged sword for FMIs
Exchanges and clearing houses rely on third-party vendors for vital systems, but outsourcing can also lead to duplication and waste
EU banks want the cloud closer to home amid tariff wars
Fears over US executive orders prompt new approaches to critical third-party risk management
Vendor oversight splinters across FMIs
Op Risk Benchmarking: firms grapple with “chaos” of third-party rule changes, amid growing recognition of cyber and resilience threats
OCC’s security chief on generative AI with guardrails
Clearing house looks to scale technology across risk and data operations – but safety is still the watchword
Top 10 operational risks for 2025
The biggest op risks as chosen by senior practitioners – and what they’re doing about them
Banks urged to track vendor AI use, before it’s too late
Veteran third-party risk manager says contract terms and exit plans are crucial safeguards
Start planning for post-quantum risks now
Next-gen quantum computers will require all financial firms to replace the cryptography that underpins cyber defences, writes fintech expert
Expert vision, efficient execution
Why more investors are turning to third-party portfolio implementation platforms to maximise efficiency and impact
BoE warns over risk of system-wide cyber attack
Senior policy official Carolyn Wilkins also expresses concern over global fragmentation of bank regulation
As supplier risk grows, banks check their third-party guest lists
Dora forces rethink of KRI and appetite frameworks amid reappraisal of what constitutes a key counterparty
Dora flood pitches banks against vendors
Firms ask vendors for late addendums sometimes unrelated to resiliency, requiring renegotiation
Op Risk Benchmarking 2024: the banks
As threats grow and regulators bore down, focus shifts to the first line
CFTC weighs third-party risk rules for CCPs
Clearing houses could be required to formally identify and monitor critical vendors
Banks feel regulatory heat on op resilience
Op Risk Benchmarking: supervisors dial up reporting expectations and on-site inspections
An AI-first approach to model risk management
Firms must define their AI risk appetite before trying to manage or model it, says Christophe Rougeaux
MUFG blocks vendors that refuse to reveal subcontractors
Risk Live: US arm of Japanese megabank asks first line to sign written waivers when risk advisories are ignored
Banks urged to boost third-party scrutiny amid AML crackdown
Three US regulators highlight deficiencies in banks’ due diligence on fintech partners
Let’s grow the third-party risk playbook – CME security chief
CrowdStrike outage highlights need for financial sector to adjust its game plan
Between the lines: why banks are rethinking risk management
Lloyds is not the only bank wanting to reshuffle the three lines of defence as tech risks grow
Op Risk Benchmarking 2024: the G-Sibs
Eleven large banks feature in round II, with new data points on first-line risk teams, taxonomies and AI adoption
Third-party risk ‘converging with KYC’ amid regulatory drive
Risk Live: Banks seek annual supplier contract reviews to comply with new resilience requirements
Bank of America’s Kris Fador elected FS-ISAC board chair
Industry consortium for cyber security also adds new board directors from Swift, PNC, Truist and CME
Top 10 op risks: change brings challenges
Higher interest margins and a trend toward insourcing drive major tech projects