Blog

Social media is an excellent tool for small businesses, yet, the use of social media by small business staff can definitely put the company in danger. Many small business owners and managers don’t realize this.

Recently, I was talking to employees of a credit union about what to do in a robbery. Before this presentation, police officers had staged a robbery in the same credit union. The fake robbery was so real, some of the tellers were brought to tears, thinking they were really getting robbed.

A

Does your institution need cybersecurity insurance? Is it required? If utilized, are there rules? Cybersecurity insurance can protect against financial loss in the event of a cyber incident, but there are many intricate details.

The Federal Financial Institutions Examination Council (FFIEC) members have provided a joint statement to help financial institutions understand how cyber insurance impacts risk management and what institutions need to do when considering purchasing cyber insurance. The

While I am sure there is more to the story about law firm Clayton Utz and their report for AMP, but how do you think their credibility as a provider of independent advice was impacted by this simple line in this news article “Just appalling’: AMP misconduct and lies exposed”.

     “Mr Hodge told the hearing that Clayton Utz provided 25 drafts of the report to AMP which resulted in detailed changes being made, including the removal of Mr Meller's name from an earlier version of the report.”

My blog

Don’t assume you’re immune from this European regulation with huge fines

All may be relatively quiet on the regulatory front in the U.S., but this May new privacy regulations are taking effect in the European Union, which will likely impact even the most provincial U.S. financial institutions.

The E.U.’s General Data Protection Regulation (GDPR), approved in April 2016, is much broader than the U.S.’s most well-known privacy regulations, the Gramm-Leach-Bliley Act (GLBA) and the Health Insurance P

GDPR.JPG

Year over year, scandals like Wells Fargo, Equifax, Chipotle and so many others have dominated news headlines as they wreak havoc on consumers, investors, and awaken industry and government regulators. What is driving this trend?

Consumers have entrusted corporations with increasing involvement and influence in their lives through the decades. In 2014, for example, the Supreme Court ruled that corporations have some of the rights and responsibilities as natural persons. In other words, corporatio

Sanjay Verma was 5 years old when he was at parent teacher night with his older sister. He turned to her and asked why other kids in the room had parents there and he didn’t. It was then his world turned on its head. It was too much for his young mind to fully comprehend but he knew what his sister told him was big. She told him that once they were ten. They were mother, father and eight children. Now they were three, the two of them and their older brother. There had been a bad accident.

That ac

Wells Fargo has suffered the consequences of repeat scandals since 2016. This week, the bank agreed to a $1 billion settlement with federal regulators who have cited their lack of effective risk management practices as the root cause of their woes.

This settlement with the Consumer Financial Protection Bureau and Office of the Comptroller of the Currency would be another blow to Wells Fargo in a long line of many.

Let’s look at a timeline of Wells Fargo’s risk management scandals:

• 2009-2016 – Wells

Investigating a vendor’s cybersecurity can be a time-consuming hassle. Wouldn’t it be nice if you could pay someone else to monitor and report back on a vendors’ cyber risk? That’s the appeal of cyber-security ratings. Firms provide scorecards on third-party vendors’ cyber risk, supposedly making it easier for financial institutions to manage their own risk.

But these scorecards mostly provide a false sense of security. Here are three reasons why:

1. They use only public data. Cybersecurity ratings

There may be 50 ways to leave your lover, but when it comes to ending a relationship with a vendor there’s really just one path to follow: the documentation in your service level agreement (SLA).

Financial institutions find themselves ending vendor relationships for many reasons. Sometimes the relationship is great, but the product or service no longer meets the institution’s needs. Maybe another vendor is just better. Or maybe the vendor wasn’t meeting expectations.

The Contract

Regardless of t

All of us have cell phones these days, and if you are like the vast majority of the population, you access everything from social media to banking information right from your mobile phone. However, if you do this, which everyone does, you are putting yourself in the position to get hacked. With only your mobile phone number and a couple other pieces of information, a hacker can get into these accounts and your life could drastically change.

How does this work? If a hacker already has your mobile

Last week I urged you to stand in the shoes of your board so you could identify their problems and align what you do with what they need. The next challenge is showing them you understand their problem. Yes you can use words, however, as I said last week, the hardest thing to do in business is to communicate effectively.

In my Winning Conversations program I run for corporate/shared service teams to help improve their influence and their impact on the organisation, I emphasise over and over again

I recently created my next video tip. It only takes about 3 minutes. However, this one is not about cyber exposure in organization but rather some advice regarding your personal cyber exposure. You can find the post at:

https://mediaexplorers.lpages.co/cyber-security-tips-series-tip-2-your-personal-privacy-and-security/

The text copy is below.

Hi, this is Doug Nagan with my second cybersecurity tip.
However this one is not about the cybersecurity of your  organization but rather your personal priva

When risk increases, the natural response is to take action to reduce that risk. But not every increase requires action. In fact, it may distract you from more important issues.

I’m talking about the risk of treating every risk the same.

Astute observers of risk have a variety of tools to monitor risk, from near real-time indicators to audits, exams, and reviews. But it’s not enough to recognize that risk has increased. Its ultimate impact must be considered.

For example, a review might show that e

Boris: Hello ladies and gentlemen and welcome to our meeting. We are speaking today with Richard Moss who is a Product Manager at AxiomSL. As we move from VAR to expected shortfall regulation coupled with the focus on liquidity, I thought of sharing a perspective on one of the hottest regulations around the corner - the Fundamental Review of the Trading Book (FRTB).

____

You can watch a video recording of the interview here https://www.youtube.com/watch?v=BVcJleqmIbU&t=2s

____ 

This has resulted

marcus evans will host the 4^th Edition CECL Methodologies, Implementation & Reporting Conference on June 11-13, 2018 in New York. This conference will give financial institutions a critical insight into the best strategies to hone their CECL implementations methodologies. You will deepen your knowledge of the modeling challenges, improve your strategies for CECL scenario development and tailoring models for different asset classes. Delegates will have the opportunity to consider the challenges o

With the General Data Protection Regulation, the EU is taking privacy very seriously. They expect the same from you – and your third parties. How are you preparing your Vendor Risk Management program to handle these sweeping changes?

Join ProcessUnity for a 45-minute webcast on Wednesday, April 18, 2018 at 11:00 AM EDT and see how forward-thinking organizations are incorporating GDPR best practices into Third-Party Risk processes. Our team of experts will:

• Outline GDPR requirements as they pertain

I have been running with a series of blogs about the boardroom. My R is for CanceR blog last week suggested some boards are totally disconnected with the discussion on risk. Is it their fault or yours?

A Message From Our Partner:

Getting actionable insights and effectively responding to change are staples for any corporation, especially when looking to optimize potential outcomes. In order to do this, the heads of businesses must be able to visualize entity relationships and recognize patterns. By using entity relationship diagramming, you can deliver stories that are easily processed by the brain, rather than extensive data sheets that don’t provide any context. 

When data is organized as a v