"The higher the degree of loss aversion, the lower is the likelihood to invest in other risk management activities is when self-protection is implemented. Our results help to explain the lack of demand for catastrophe insurance or cyber risk insurance and have important implications for corporate risk management and public policy."
"... as liquidity providers, well-capitalized banks support economic adaptation to climate change."
"Our evidence also implies that client firms that share the same audit office as breached firms increase their disclosure of cybersecurity risk and their demand for cybersecurity human capital. Reconciling with the Bayesian learning theory, these effects only manifest for auditors located in states that have been only sporadically exposed to data breaches."
"By comparing the decisions output by diverse settings, we find that ML algorithms can mitigate both the preference-based bias and the belief-based bias, while the effects vary for new and repeated applicants. Based on our findings, we propose a two-step human-AI collaboration framework for practitioners to reduce decision bias most effectively."
"... at least in financial terms, the associated losses can be covered by insurance contracts. The role of actuaries is to develop adequate contract structures, calculate correct premiums, and implement quantitative risk management in insurance firms."
"... the reinsurance chain with ambiguity aversions in increasing order is optimal from the perspectives of both selfish individual companies and an unselfish central planner."
"This Article is the first to examine and compare a number of recently proposed and enacted AI risk regulation regimes. It asks whether risk regulation is, in fact, the right approach."
"We document the impact of having a risk committee (RC) and a chief risk officer (CRO) on bank risk using the passage of the Dodd Frank Act as a natural experiment... Overall, we find no evidence that the RC or CRO have a causal impact on bank risk."
"Social engineering is a very common type of malicious activity conducted on cyberspace that targets both individuals and companies in order to gain access to information or systems. It is part of the broader domain of cybersecurity and the first step to mitigate this type of attack is to know its attack vectors. This way, the risk of becoming a victim of this type of attack can be reduced by technical means, proper security culture and procedural solutions..."
"We conclude that users of the Scope 3 emission datasets should consider data source, quality and prediction errors when using data from third party providers in their risk analyses."