163 résultats pour « riskmanagement »

FCA clarifies expectations on bullying, harassment and violence to deepen trust in financial services

The UK Financial Conduct Authority (FCA) has clarified that serious bullying and harassment in financial firms constitute misconduct under its rules. Previously, the classification of such behaviors as conduct breaches was often unclear for firms other than banks.
Effective September 1, 2026, these regulations will encompass approximately 37,000 additional regulated firms, aiming for consistent standards across the financial services sector. Substantial cases of poor personal behavior will also be mandated for inclusion in regulatory references, similar to financial misconduct, to prevent individuals from avoiding accountability by changing employers.
The FCA is consulting on further guidance to aid firms in implementing these changes, considering feedback on earlier drafts. This guidance addresses how firms should evaluate non-financial misconduct, including social media use and private life behavior, when assessing an individual's fitness for financial services roles. The consultation period for this guidance extends until September 10, 2025.

EIOPA notes positive early steps by insurers in addressing biodiversity risk but calls for stronger collaboration in key areas

This report examines how European (re)insurers address biodiversity risks, which threaten financial stability due to their complexity and links with climate risks. Despite challenges in quantifying impacts, one in five insurers references biodiversity in their risk assessments, though mostly qualitatively. Promising practices show growing awareness, but regional variations and limited metrics hinder progress. EIOPA calls for enhanced collaboration to improve data, models, and risk management, emphasizing the need to better understand the climate-biodiversity nexus and explore nature-based solutions to address insurance gaps.

On Design of Representative Distributionally Robust Formulations for Evaluation of Tail Risk Measures

This paper introduces a robust method for evaluating Conditional Value-at-Risk (CVaR) when data distribution can't be simulated. Using rolling data windows as proxies for independent samples, the approach effectively assesses worst-case risk. Applied to Danish fire insurance data, it outperformed traditional DRO (distributional risk optimization) methods—achieving accurate, less conservative estimates in 87% of cases. This advancement enables reliable risk management even with limited tail data. Future research will focus on refining robustness guarantees and integrating extreme value theory into decision-making models involving rare but impactful events.

A Formal Risk‑Driven Definition of Continuous Monitoring in Cybersecurity the Quarc Model

For years, "continuous monitoring" in cybersecurity lacked a clear definition, forcing improvised security practices. This paper introduces QUARC, a formal model that quantifies cybersecurity risk and links it to precise detection and response times. QUARC provides a robust, weight-free probabilistic risk function, translating this risk into concrete operational cadences using hazard and queue theories. This model offers a universal standard, allowing regulators to enforce testable compliance, security teams to monitor real-time conformance, and insurers to price risk accurately. QUARC transforms a vague policy into a measurable, enforceable reality, closing a critical loophole exploited by attackers.

Navigating fintech and banking risks: insights from a systematic literature review

A review of 28 studies (2019–2023) shows growing academic interest in the relationship between fintech and banking risk, using diverse models and frameworks. Research focuses on bank-level, country-level, and fintech-specific measures, analyzing risks like insolvency, credit, liquidity, and market risk. The study highlights the importance of interdisciplinary and cross-country research, recommends adopting multi-theoretical frameworks, and urges consideration of individual-level factors such as financial literacy and digital access. For policymakers, it offers guidance on monitoring fintech’s impact and stresses the need for comprehensive regulation and global cooperation to ensure financial stability and effective risk management.

On the Insurance of Environmental Risks: Modeling and Pricing with Mean‑Reverting Regime‑Switching Lévy Processes

This article presents modeling approaches—both structural and reduced-form—to improve the understanding and prediction of environmental risks. It enhances existing models for better risk assessment and pricing, particularly in infrastructure and land use contexts. Potential extensions include advanced temperature and rainfall modeling, such as stochastic mean-reversion and regime-switching Lévy processes. The paper also suggests future research comparing insurance pricing methods and exploring parametric insurance mechanisms, where payouts are triggered by measurable parameters rather than actual losses. These developments aim to refine environmental risk management and insurance strategies.

Enterprise Risk Management: Improving Embedded Risk Management and Risk Governance

All strategic and operational decisions should consider risk-adjusted earnings value, as all management inherently involves risk management. Effective risk management requires skilled personnel and a robust system to analyze, monitor, and manage risks, focusing on seven key areas: decision-oriented risk management, value-oriented corporate management, risk quantification (including economic, geopolitical, and sustainability risks), and risk aggregation using Monte Carlo simulations. A strong corporate strategy ensures financial sustainability and manageable earnings risks, while embedded risk management enables employees to address risks. These areas, underexplored in literature, warrant further attention, particularly risk aggregation through simulation methods.

The Cyber Due Diligence Object Model (Cddom) Bridging Compliance, Risk, and Trust in the Digital Ecosystem

The Cyber Due Diligence Object Model (CDDOM) is a structured, extensible framework designed for SMEs to manage cybersecurity due diligence in digital supply chains. Aligned with regulations like NIS2, DORA, CRA, and GDPR, CDDOM enables continuous, automated, and traceable due diligence. It integrates descriptive schemas, role-specific messaging, and decision support to facilitate supplier onboarding, risk reassessment, and regulatory compliance. Validated in real-world scenarios, CDDOM supports automation, transparency, and interoperability, translating compliance and trust signals into machine-readable formats. It fosters resilient, decision-oriented cyber governance, addressing modern cybersecurity challenges outlined in recent research.

A stochastic Gordon‑Loeb model for optimal cybersecurity investment under clustered attacks

This study extends the Gordon–Loeb model for cybersecurity investment by incorporating a Hawkes process to model temporally clustered cyberattacks, reflecting real-world attack bursts. Formulated as a stochastic optimal control problem, it maximizes net benefits through adaptive investment policies that respond to attack arrivals. Numerical results show these dynamic strategies outperform static and Poisson-based models, which overlook clustering, especially in high-risk scenarios. The framework aids risk managers in tailoring responsive cybersecurity strategies. Future work includes empirical calibration, risk-averse loss modeling, cyber-insurance integration, and multivariate Hawkes processes for diverse attack types.

How do Cyberattacks Impact Firms?

Cyberattacks primarily impact firm value through increased costs rather than sales declines, indicating financial burdens over reputational damage. Costs persist beyond the short term, and firms invest in recovery efforts. Over time, reputational concerns have diminished as cyber resilience improves. These findings emphasize the need for strong corporate risk management, focusing on cost recovery, recovery planning, and trust restoration strategies tailored to specific contexts.