RiskTech Microsite

Can Carbon Measurement Learn from Financial Operational Risk Loss Data Capture

Wed, 27 Jan 2010 17:29:15 -0500

Is it possible that lessons learned by financial services organizations from operational loss data event capture activities can improve the value of carbon measurement and reporting methods?

Four Challenges to Effective Ops Risk Reporting � and Tips to Overcome Them

Sun, 20 Dec 2009 16:35:46 -0500

�Our execs say our reports �make my head hurt.�� Business line leaders think my reports sound like Charlie Brown�s teacher �wa-wawa-wa-wa.�� How do I better engage �the business?�� Through live workshops and webinars, I received hundreds of questions this year. In operational risk reporting, four challenges emerged as big obstacles to providing insight for action. Let�s take a look at what traps pose dangers and tips to get out of them.

How to Execute and Integrated Fraud Strategy .. some post webinar observations

Mon, 14 Dec 2009 17:47:06 -0500

As discussed in the webinar analytics and the underlying single source of truth play a major role in fraud detection. As a result, most vendors of anti-fraud solutions focus on the detection algorithms and how to adopt an integrated data management strategy to optimally feed these. This, however, is not the complete picture of an integrated fraud strategy. Over a long time the appropriate processes after the actual identification of an alarm have been neglected resulting in a tremendous potential to save efforts, improve quality and last but not least increase speed around fraud detection and appropriate response measures. Case Management is the key word dealing with the processes once a case has been created out of a single or multiple alarms. In that sense appropriate quick response measures for a case generated in the Case Management system and their effectiveness are the final outcome of an anti-fraud platform. They eventually determine whether a fraud is dealt with in a proper and timely manner. The technical handling of a case is one aspect the process a case runs through is the other. This process can be automated, partially automated or manual. The exact modelling of that process is independent from the system used and needs to be closely aligned with the organization�s need. Is has to have some feedback loop into the detection engine itself to avoid �system blindness� mentioned before in this forum. The service around that process is part of IBM�s Integrated Risk Management enabling financial institutions to optimally utilize their resources for an optimal outcome.

Web 3.0: Expanding the Supply Chain, or Opening the Door to Fraud?

Thu, 10 Dec 2009 18:35:24 -0500

As the complexity of a cloud-based supply chain increases, so does the number of interconnections between the FSI and its supply chain partners. As in physical networks, any point of connectivity can become a point of failure � or with respect to fraud management, a point of vulnerability to fraud and other financial crimes.

10 Common Pitfalls of Customer Scoring: 5. Permitting "System Blindness" (Part 5 of 10)

Wed, 09 Dec 2009 20:35:06 -0500

In our review of bank after bank, we see customer scoring systems that were properly designed originally but have no review feature.

3 ways to improve business-IT risk management

Tue, 08 Dec 2009 21:09:19 -0500

As financial institutions become more automated and integrated, two points are painfully clear: 1) the need to use IT to reduce the risk to the business process and 2) the need to manage the risk to the business from problems in IT. This is all the more important in today's economic environment where there is less margin for error, and acquisitions and consolidations are placing more pressure on IT. To address this, ISACA today released Risk IT with guidance on managing three areas of risk:

Can you Mitigate the Loss Frequency & Severity of External Fraud

Mon, 07 Dec 2009 16:30:28 -0500

Do you have public domain examples of mitigating external fraud losses in retail banking. Very few banks want to admit the problem publically. But there are some who through blinded case studies, share their problems, the lesson learned and how they reduced frequency and severity of this loss type.

10 Common Pitfalls of Customer Scoring: 4. Creating an "Open System" (Part 4 of 10)

Mon, 07 Dec 2009 15:49:09 -0500

In many traditional systems, the customer information on all new accounts is forwarded for a series of reviews (OFAC matching, identification verification, negative file matching, etc.).

Is Classification of Attacks useful?

Wed, 25 Nov 2009 12:01:13 -0500

Attackers don't really care how we categorize attacks, threats, and approaches that are taken to gain access. Instead they are interested in control and of course financial gain.

Web 3.0 and Risk Management (Episode I): Star Trek Returns to the Enterprise

Wed, 25 Nov 2009 11:35:00 -0500

Since the emergence of virtual worlds, social networks, personal portals, and application "mashups," Web 3.0 and its many versions has grown in interest to the evolving financial services industry. Software as a service (SaaS) is quickly rising from the shadows into the mainstream of sourcing strategies in many institutions. Close behind are platform offerings (PaaS) that are beginning to gain the interest of institutions world-wide. This is especially true when limited internal resources are challenged to design and deliver new customer value points as the industry steps back into a recovering marketplace. Question is: good alternative, or a risk management nightmare?

10 Common Pitfalls of Customer Scoring: 3. Promoting �Regulatory� Fatigue (Part 3 of 10)

Tue, 24 Nov 2009 13:26:12 -0500

I first heard the phase �Regulatory Fatigue� in speaking with the head of compliance in a top five US bank. All banks want to minimize the regulatory impact on both the customer and the sales personnel.

Can you classify IT security risks into Operational Risk Loss categories?

Mon, 23 Nov 2009 11:32:28 -0500

How do IT Security risks get translated into traditional operational risk loss categories? Knowing the frequency and severity of risks, as classified by the Basel II Accord has been the subject of a 2008 data collection exercise by the Bank of International Settlements and is an ongoing exercise of 52 banks lead by the ORX (Operational Riskdata eXchange Association).

Data Comes to the Forefront

Sun, 22 Nov 2009 13:11:21 -0500

The increasing importance of insight and intelligence about the business is beginning to reveal the need for major investments in data and data quality in global financial services institutions

10 Common Pitfall of Customer Scoring: Ignoring Complex Entitites (Part 2 of 10)

Thu, 12 Nov 2009 09:08:49 -0500

When assessing new customer risk, the term �customer� is typically associated with whoever is physically opening the account. While this is appropriate in some circumstances, the regulations require financial institutions to use a risk-based approach.

10 Common Pitfalls Of Customer Scoring: 1. Mixing Measurements (Part 1 of 10)

Mon, 02 Nov 2009 17:18:36 -0500

We have recently seen a resurgence in interest by financial institutions to redesign and automate their Bank Secrecy Act/ Anti-money Laundering (BSA/AML) customer scoring systems. Increased regulatory scrutiny is a key driver of this spike in activity. Other key drivers include interests in improving the customer experience, driving down costs, simplifying employee training and reducing regulatory exposure.