Third-party risk
Top 10 op risks: third parties stoke cyber risk
High-profile hacks on market infrastructures and vendors expose linkage between top three risks
Beware war exclusions in cyber insurance, risk managers told
Risk Live: Experts say policy wording is tightening up following rise in ransomware attacks
Top 10 op risks: AI fears drive cyber risk to record high
External fraud re-enters top 10; change management now a top five concern
LME had four-hour operational failure in Q4
First outage on record caused by connectivity issue at LMEmercury
Why cyber hack leaves EquiLend down but not out
Users turned to alternative securities lending platforms, but that may not mean lost market share
Europe’s new AI Act threatens supervisory ‘chaos’ for banks
Policy-maker says new role for European Commission could collide with ECB model risk regulation
EquiLend cyber hack exposes trade reporting dependence
Ransomware attack at securities lending platform disrupts regulatory compliance
Will generative AI crack the code for bank tech teams?
Banks could roll out tools to help translate old – or write new – code within months
FMIs look to resilience planning to keep the lights on
Wary of customer and supervisory scrutiny, bourses are pouring resources into scenario planning and controls
Generative AI is changing debate on explainability, says Deutsche
Innovation head says observability can aid regulatory acceptance
New UK fraud rules intensify global focus on third-party risk
Firms will have responsibility to ensure “associated” persons are taking steps to prevent fraud
Banks grapple with concentration risk from fourth parties
Risk Live: Third-party vendors are increasingly reliant on the same subcontractors
Regulator warns against ‘happy endings’ for op risk wargames
Risk Live: Bankers say third parties should also be at the table when simulating crisis scenarios
OCC sees cloud-based future for clearing
Risk Live: But regulated entities face a “heavy lift” when moving to the cloud, says CRO
FDIC security woes make banks sweat over supervisory data
Fears over confidential reporting after inspection urges regulator to address cyber “weaknesses”
FCA warns on third-party risk management for AI projects
UK regulator keeping close eye on use of cloud and vendor partnerships to develop new models
CME, DTCC lead CCPs on operational failures
Analysis of 15 clearing houses shows outages lasting 34 hours in the past year – highest figure since 2019
Vendors under new scrutiny in CFTC due diligence push
Planned cyber resilience regime will force dealers to subject “critical” tech vendors to stricter audit
Banks call for direct oversight of cloud providers by US regulators
Tri-opoly of cloud vendors “poses systemic risk” to financial sector, say risk managers
Third-party guidance spurs US bank rethink on fintech partners
For conventional vendors, banks say due diligence rules will be the toughest challenge
Citi cyber chief says AI providing new weapons in hacking wars
Barron-DiCamillo also urges regulators to work with industry best practice, not against it
Dora ‘critical tech vendor’ designation could cast a wide net
Experts think cloud services, data providers and software firms are all in regulators’ sights
FMIs pose greatest challenge for operational resilience tests
Risk Live: Calls for large-scale industry exercises to plan what happens if major CCPs go down
SEC cyber rules risk creating web of confusion and costs
Proposals would require breach notifications, public disclosures and annual cyber assessments