106 résultats
pour « Résilience numérique »
The FCA's proposed new regulations require firms to report operational incidents that could harm consumers or the financial system. This broadens the scope of reporting beyond traditional principles. Additionally, firms must notify the FCA of material third-party arrangements, including those that pose risks to the financial system or the firm's ability to meet regulatory obligations. This expanded regulatory focus on the entire lifecycle of services and activities highlights the increasing importance of operational resilience and third-party risk management.
The OCC reports that operational risk is elevated due to cyber threats and complex operations. Compliance risks are also significant, especially in areas like BSA/AML and fraud prevention. External fraud targeting consumers and banks is increasing, requiring strong fraud management practices. Banks should prioritize risk management, maintain sound controls, and educate customers to mitigate these risks.
The PRA’s proposals aim to enhance safety, soundness, and policyholder protection by collecting timely, accurate data on operational incidents. This data will improve monitoring, support industry feedback, and help address vulnerabilities and emerging risks, bolstering operational resilience across the sector.
This paper examines AI's transformative impact on banking and insurance, enhancing efficiency, risk management, and customer experience. It highlights generative AI's unique risks, such as hallucination, while existing frameworks address most AI risks. Key regulatory gaps include governance, model risk management, data governance, and oversight of non-traditional players and third-party providers.
This paper studies how to optimally protect electronic devices from cyberattacks. It uses mathematical models to understand the spread of attacks and determines the best times to apply protection measures. The researchers developed a complex mathematical framework to solve this problem and used numerical methods to illustrate the results. They found that the optimal protection strategy depends on the type of attack, with different strategies being effective for constant and random attacks.
“In its Opinion EIOPA is calling on the European Commission to take the necessary actions to avoid disproportionate compliance efforts from small insurance undertakings in the transition period prior to the application of the revised Solvency II Directive.”
"The first report on the state of cybersecurity in the Union provides EU policy makers with an evidence-based overview of the state of play of the cybersecurity landscape and capabilities in the EU. The report also provides policy recommendations to address identified shortcomings and increase the level of cybersecurity across the European Union. "
The UK introduced a new regulatory framework to manage risks from critical third-party providers (CTPs). CTPs must adhere to strict operational resilience requirements, including governance, risk management, and incident response. This framework aims to ensure the stability of the UK financial system by mitigating potential disruptions caused by CTP failures.
The ECB's 2024-2026 priorities for banks include enhancing resilience against economic and geopolitical shocks, improving governance, and advancing digital transformation. Key focuses are on credit risk management, internal governance, and cybersecurity to ensure stability amid rising uncertainties.
FinCEN (US Treasury Financial Crimes Enforcement Network) warns financial institutions about deepfakes, emphasizing the shift of compliance risks into operational threats affecting finances, operations, and reputation. Firms must adopt tools like metadata analysis and AI to detect fraud. Reframing compliance as operational risk management enhances resilience, aligning compliance with broader strategic and risk mitigation goals.