Monday, May 26, 2014

Pace and Volume of Regulatory Change are the Biggest Factors in Leading to Risk Evaluation Failures

Results of Bank Director’s 2014 Risk Practices Survey

The Bank Director’s 2014 Risk Practices Survey reveals some very interesting information about the risk management programs that bank boards have in place.

It’s classically challenging for many banks to assess how risk management practices affect the institution. However, banks that have worked at measuring the impact of a risk management program report favorable outcomes on financial performance.

Survey Findings

  • 97 percent of the respondents reported the bank has a chief risk officer in place or equivalent.
  • 63 percent said that a separate risk committee on the board oversaw risks.
  • 64 percent of banks that have the separate risk committee reported that the bank’s strategic plan plus risk mitigation strategies got reviewed; the other 36 percent weren't doing this.
  • 30 percent of the respondents believed that the bank’s risk appetite statement encompasses all potential risks.
  • Of this 30 percent, less than half actually use it to supply limits to the board and management.
  • The survey found that the risk appetite statement, risk dashboard and the enterprise risk assessment tools aren't getting fully used.
  • And only 30 percent analyze their bank’s risk appetite statement’s impact on financial execution.
  • 17 percent go over the bank’s risk profile monthly at the board and executive level, and about 50 percent review such only quarterly; 23 percent twice or once per year.
  • 57 percent of directors believe the board can benefit from more training in the area of new regulations’ impact and possible risk to the bank.
  • 53 percent want more understanding of newer risks like cyber security issues.
  • Senior execs want the board to have more training in overseeing the risk appetite and related issues.
  • 55 percent believe that the pace and volume of regulatory change are the biggest factors in leading to risk evaluation failures.
  • Maintenance of data infrastructure and technology to support risk decision making is a leading risk management challenge, say over 50 percent of responding bank officers, and 40 percent of survey participants overall.

Monday, May 12, 2014

Quick Round-up of Some of the Latest Tricks and Traps

Beware of new scams and privacy pitfalls

New ways to fool people out of their money, information and identities pop up nearly every day. Here's a quick round up of some of the latest tricks and traps:

New Scam Targets Homeless: Fraudsters pay homeless people to take out cell phone contracts in their names. The fraudsters keep the phones, rack up the bills and then sell the phones, ruining the homeless person's credit.

Getty Images Allows Free Embedding, but at What Cost to Privacy? People can embed images in their sites for free, so long as they use the provided embed code and iframe. Because of the scope of Gettys' reach, this may allow the company to correlate more information about a user's browsing history than any single site could. Just another reminder that nothing's truly free in this world!

Human Error Tops Ponemon Patient Data Security Study Threats: 75 percent of healthcare organizations view employee negligence as the greatest data breach threat. This result underscores the importance of good security and privacy controls (and excellent employee training!) in healthcare environments. This extends to medical device manufacturers, who often work off very old technology software and continue to insist that controls are too cost-prohibitive.

The Data Brokers - Selling Your Personal Information: 60 Minutes' Steve Kroft recently reported on his investigation of the multibillion dollar industry that collects, analyzes and sells the personal information of millions of Americans with virtually no oversight.