Blog

Wells Fargo has suffered the consequences of repeat scandals since 2016. This week, the bank agreed to a $1 billion settlement with federal regulators who have cited their lack of effective risk management practices as the root cause of their woes.

This settlement with the Consumer Financial Protection Bureau and Office of the Comptroller of the Currency would be another blow to Wells Fargo in a long line of many.

Let’s look at a timeline of Wells Fargo’s risk management scandals:

• 2009-2016 – Wells

Investigating a vendor’s cybersecurity can be a time-consuming hassle. Wouldn’t it be nice if you could pay someone else to monitor and report back on a vendors’ cyber risk? That’s the appeal of cyber-security ratings. Firms provide scorecards on third-party vendors’ cyber risk, supposedly making it easier for financial institutions to manage their own risk.

But these scorecards mostly provide a false sense of security. Here are three reasons why:

1. They use only public data. Cybersecurity ratings

There may be 50 ways to leave your lover, but when it comes to ending a relationship with a vendor there’s really just one path to follow: the documentation in your service level agreement (SLA).

Financial institutions find themselves ending vendor relationships for many reasons. Sometimes the relationship is great, but the product or service no longer meets the institution’s needs. Maybe another vendor is just better. Or maybe the vendor wasn’t meeting expectations.

The Contract

Regardless of t

All of us have cell phones these days, and if you are like the vast majority of the population, you access everything from social media to banking information right from your mobile phone. However, if you do this, which everyone does, you are putting yourself in the position to get hacked. With only your mobile phone number and a couple other pieces of information, a hacker can get into these accounts and your life could drastically change.

How does this work? If a hacker already has your mobile

Last week I urged you to stand in the shoes of your board so you could identify their problems and align what you do with what they need. The next challenge is showing them you understand their problem. Yes you can use words, however, as I said last week, the hardest thing to do in business is to communicate effectively.

In my Winning Conversations program I run for corporate/shared service teams to help improve their influence and their impact on the organisation, I emphasise over and over again

I recently created my next video tip. It only takes about 3 minutes. However, this one is not about cyber exposure in organization but rather some advice regarding your personal cyber exposure. You can find the post at:

https://mediaexplorers.lpages.co/cyber-security-tips-series-tip-2-your-personal-privacy-and-security/

The text copy is below.

Hi, this is Doug Nagan with my second cybersecurity tip.
However this one is not about the cybersecurity of your  organization but rather your personal priva

When risk increases, the natural response is to take action to reduce that risk. But not every increase requires action. In fact, it may distract you from more important issues.

I’m talking about the risk of treating every risk the same.

Astute observers of risk have a variety of tools to monitor risk, from near real-time indicators to audits, exams, and reviews. But it’s not enough to recognize that risk has increased. Its ultimate impact must be considered.

For example, a review might show that e

Boris: Hello ladies and gentlemen and welcome to our meeting. We are speaking today with Richard Moss who is a Product Manager at AxiomSL. As we move from VAR to expected shortfall regulation coupled with the focus on liquidity, I thought of sharing a perspective on one of the hottest regulations around the corner - the Fundamental Review of the Trading Book (FRTB).

____

You can watch a video recording of the interview here https://www.youtube.com/watch?v=BVcJleqmIbU&t=2s

____ 

This has resulted

marcus evans will host the 4^th Edition CECL Methodologies, Implementation & Reporting Conference on June 11-13, 2018 in New York. This conference will give financial institutions a critical insight into the best strategies to hone their CECL implementations methodologies. You will deepen your knowledge of the modeling challenges, improve your strategies for CECL scenario development and tailoring models for different asset classes. Delegates will have the opportunity to consider the challenges o

With the General Data Protection Regulation, the EU is taking privacy very seriously. They expect the same from you – and your third parties. How are you preparing your Vendor Risk Management program to handle these sweeping changes?

Join ProcessUnity for a 45-minute webcast on Wednesday, April 18, 2018 at 11:00 AM EDT and see how forward-thinking organizations are incorporating GDPR best practices into Third-Party Risk processes. Our team of experts will:

• Outline GDPR requirements as they pertain

I have been running with a series of blogs about the boardroom. My R is for CanceR blog last week suggested some boards are totally disconnected with the discussion on risk. Is it their fault or yours?

A Message From Our Partner:

Getting actionable insights and effectively responding to change are staples for any corporation, especially when looking to optimize potential outcomes. In order to do this, the heads of businesses must be able to visualize entity relationships and recognize patterns. By using entity relationship diagramming, you can deliver stories that are easily processed by the brain, rather than extensive data sheets that don’t provide any context. 

When data is organized as a v

On Sunday April 1, Retail group Hudson’s Bay disclosed that it was the victim of a security breach that compromised data on payment cards used at Saks Fifth Avenue and Lord & Taylor stores in North America.

As many as 5 million cards may have been compromised, which would make the breach one of the largest involving payment cards over the past year.

Customers, investors, and regulators learned of this breach not through any press release issued by the company itself, but through news of the data a

I have created my first cyber security video tip. The tip involves identifying IoT devices and determining if they are a potential cyber exposure for your organization. If you are interested there is a video page here:
https://mediaexplorers.lpages.co/cyber-security-tip-1-iot/

Hope you find it useful. 

Here is the text version:

Our first tip addresses the Internet of Things, or IoT. Iot cyber security is a complex topic because of its nature. IoT implementations are generally done without the overs

If you are working for an IT security company, I have a message for you: the term “identity theft protection” is way overused and even abused as a marketing term. We know that this term is used to sell services and products, but does it really protect a user from being the victim of identity theft? No.

This is no different than labeling a food as “natural,” even though it is not actually “organic.” At best, this is incorrect information. At worst, it’s a total lie.

Every company with security solu

Banks are on a quest to improve the customer experience. A new study of 80 North American bank operations leaders by Accenture found that 74 percent believe the customer experience is one of their banks’ greatest strategic priorities.

Number two on the list: Fraud and risk management (70 percent of respondents).

Why not do both at the same time? About half of survey participants predict bank operations’ “primary role in three years as achieving straight-through processing through digital technolog

Orbitz said hackers may have accessed 880,000 credit card numbers and possibly the names, dates of birth, phone numbers, and addresses of consumers who booked through the site in 2016 and 2017.

The Orbitz data breach pales in comparison to the Equifax hack of 2017 and has been buried among headlines concerning Facebook. For many, this story barely counts as “news” because it’s just honestly not that “new.”

For me, the humdrum attitude of complacency is what makes the Orbitz data breach blogworthy.

You will be disrupted

Your only choice is to disrupt yourself in a measurable, controllable and predictable way or to let others to disrupt yourself in a painful and non-controllable way.

Partnering with SIMMETHOD's Digital Transformation Index And C-suite Risk Alerts will enable you to disrupt yourself in a measurable, controllable and predictable way because in Digital Transformation, "The Way You Measure Determines Your Results" SIMMETHOD.

__________

If you want to know more about the SIMMETHOD,

Many Internet users are wondering why so many applications and websites need to know our geolocation without special need. And, more importantly, what is being done with this information?

The question is: how to access popular websites, but at the same time block geo-tracking of your laptop or smartphone?

10 useful tips to protect your geolocation data

The below information gives you an idea of ​​what you can be done to make sure that your geolocation is not being tracked. Some methods in this list

marcus evans will host the 12^th Edition Model Risk Conference on June 25-27, 2018 in New York. This conference will provide firms with practical tools to enhance infrastructure capabilities and improve model lifecycle management, in order to foster faster responses to changing regulatory demands. Attendees will explore best practices for employing advanced analytics and improving quantitative capabilities to help further optimize model validation techniques. Finally attendees will evaluate the C