El Analista Económico-Financiero

Regulatory approaches to enhance banks' cyber-security frameworks. Recent high-profile cyber-attacks on financial institutions have focused attention on the need to strengthen cyber-security. Banks have the most public-facing products and services, and are thus significantly vulnerable to potential cyber-attacks. Consequently, cyber-risk is a major concern for most bank supervisors. However, only a handful of jurisdictions have specific regulatory and supervisory initiatives that seek to address banks' cyber-risk; these notably include Hong Kong SAR, Singapore, the United Kingdom and the United States. This paper therefore analyses the regulatory and supervisory frameworks for banks' cyber-risk in these jurisdictions. It notes that, while there may be different views on the need to specifically regulate cyber-risk or how prescriptive these regulations should be, some common regulatory requirements are now emerging. Moreover, the supervisory approaches to assessing

The  EU Doesn’t Want Banks Getting Too Risky With Your Smartphone . Why? this could be a good reason, 60 Minutes: Hacking Your Phone.  By other hand,  HSBC's 'selfie verification' helps customers open a bank account. A first big step in cyber risks and cyber security. For the first time, the U.S. government has a cybersecurity chief . A second step in UK,  Government Plans ‘Active’ Cyber Security Approach.

Based on its analysis of the cybersecurity strategy and execution plans of more than 4,000 companies, the Hiscox Cyber Readiness Report 2018 revealed that 73% are not adequately prepared to face a cyberattack. This is despite the fact that the estimated financial costs incurred by organizations that suffered attacks in the past 12 months reached an average of $229,000, with some larger companies at the top end of the scale seeing costs as high as $25 million. Almost 60% of the organizations surveyed are planning to increase their cybersecurity budget in the next year, however, with the greatest investment focused on new technology, employee training and cybersecurity staff. Many companies are also considering standalone cyber insurance, with 33% reporting that they have such coverage and 25% planning to purchase it in the next 12 months. Hiscox suggested that cyber insurance adoption rates could change, however, once the EU’s General Data Protection Regulation goes into effect

WEF (2011): Global Risks 2011. Sixth Edition, World Economic Forum. En este informe se extrae, a partir de un panel de opinión integrado por más de 580 expertos (todos los participantes aparecen desde la página 54 hasta la 58), los que se considera son los principales riesgos globales en el futuro inmediato. Se extrae y valora la percepción sobre la probabilidad de ocurrencia asociada a 37 riesgos en el período 2010-2020, así como sobre la magnitud de su impacto, y su grado de interconexión con otras dimensiones. El texto da inicio con una nota que me gustaría resaltar: “Esto documento incluye riesgos tanto conocidos como desconocidos, además se consideran factores con incertidumbre y otros los cuales no son exhaustivos. Las compañías que contribuyen en la elaboración de este reporte operan en un ambiente de cambio continuo, donde siempre emergen nuevos riesgos. Los lectores, tienen que ser precavidos en no depositar una confianza indebida sobre estas declaraciones. […] y que en

The next S-curve in model risk management.   How banks can drive transformations of the model life cycle in a highly uncertain business landscape ( McKinsey ). An early view on euro area risk-sharing during the COVID-19 crisis. The economic fallout from the COVID-19 crisis has been asymmetric across euro area countries, leaving room for risk-sharing channels to operate. This column studies income risk-sharing in the euro area and finds that while it has so far been low, it was resilient throughout the crisis. Initial portfolio investment reverted quickly and intra-euro area cross-border portfolio investment exhibited low volatility. Only cross-border public flows have been limited. This suggests that the provision of unprecedented policy support has prevented private risk-sharing channels from collapsing, reducing the risk of a sudden stop in cross-border financial flows and a further exacerbation of the crisis ( VoxEU ). Sovereign credit and exchange rate risks: evidence from Asia

How does uncertainty affect how UK firms invest? ( The Big Picture ). Country Risk Analysis by Aswath Damodaran ( Musing on Markets ). GDP at risk:   The likelihood of another crisis-induced plunge in GDP is much lower today than it was a decade ago, but we are still at an early stage of building a financial stability policy framework that corresponds to the inflation-targeting framework that forms the basis for monetary policy. This column describes a step forward in developing such framework – the concept and measurement of GDP at risk, which helps us to understand the linkages between the financial sector and the real economy at an aggregate level ( VOXEU ). More data or better data? Using statistical decision theory to guide data collection ( LSE Business Review ). Machine learning: Stirred, not shaken: how market interest rates have been reacting to economic data surprises ( Bank Underground ). The machine stops: The price of cyber (in)security .  Cyber attacks a

Actualmente, uno de los problemas a debates en la gestión de riesgos, es que muchos no consideran que los ciber riesgos se encuentren relacionados con los riesgos financieros. Por lo que se delega la prevención de riesgos financieros a las aseguradoras o a los informáticos, sin embargo, los gestores de riesgos financieros deberían de preocuparse más hoy en día por mitigar los ciber riesgos, ya que actualmente vivimos en un mundo "hiperconectado" y los riesgos financieros se encuentran estrechamente ligados con los riesgos vinculados con el ciberespacio. El mensaje es claro: "Invertir en la gestión de riesgos financieros antes de las crisis ayuda a atenuar las necesidades de recuperación posteriores a los desastres" , indiferentemente de cual sea el caso. y nacen nuevas preguntas  Can Cyber-Insurance Coverage Keep Apace With Cyber-Exposure? si no, preguntenle a esta cadena de hoteles de renombre cuanto les ha costado una vulnerabilidad y la pérdid

Entre los recientes ataques de ransomware a escala global y que hasta empresas de gran tamaño como  Verizon tuvo un problema que le causo una  exposición registros de clientes de al menos 14 millones de suscriptores, incluyendo números de teléfono y PIN de cuentas . Son pruebas de que la ciberseguridad es tema serio y que hay que tener muy presente, tanto para los individuos, las empresas y los gobiernos. La   Organización de Consumidores y Usuarios ( OCU , España) tiene disponible una guía en línea muy sencilla y fácil de entender en varios temas de ciberseguridad (Conexión segura, Dispositivos a salvo, Tus cuentas son tuyas, Privacidad en la Red, Transacciones y compras, Niños e Internet). Yo aquí les dejo el enlace con las recomendaciones para smartphones. Si eres de los que se preocupan de que Google sepa todo lo que haces y tenga esa información guardada, te recomiendo leer esta sencilla guía paso a paso para borrar el historial de navegación de Google si quieres aum

Here we are, six recommended readings for this week about different types of risk: Operational Risk: Progress in adopting the Principles for effective risk data aggregation and risk reporting ( BIS ). Systemic Risk: Bank resolution frameworks in systemic crises ( VoxEU ). Credit Risk: What next for US credit-card debt? ( McKinsey ). Climate Risk: Climate-related financial risks: a survey on current initiatives ( BIS ). Climate Risk: Confronting climate risk ( McKinsey ). Finally, Risks of cyber attacks, money laundering (ML) and terrorist financing (TF):   Financial crime in times of Covid-19 - AML and cyber resilience measures ( BIS ).

GDP and capturing the benefits of the Internet economy.   Conventional growth theory characterises innovation as ‘resource-saving’, in the sense that it allows the same output to be produced with fewer resources. This column introduces a sources-of-welfare growth model that also includes a measure of ‘output-saving’ innovation, which arises from the expanded scope and efficiency in consumer choice recently brought about by the Internet economy and smartphones. The findings highlight how various new kinds of intangible capital complicate the measurement of GDP ( VOX ). The commercial value of news in the internet era.   The rise of news consumption through social media and the ‘fake news’ phenomenon has raised doubt over the value of original news production. This column uses a comprehensive dataset of French news content produced in 2013 to assess the commercial returns to original news production. It finds that media outlets with a larger fraction of original content do tend

Some assorted links for this weekend: Post–COVID-19 Europe: Three Scenarios ( CFA Institute ). Driving commitment to digital transformation with Tableau Blueprint ( Tableau ). Reimagining customer engagement for the AI bank of the future ( McKinsey ). To create value in the COVID-19 era, set aside standard risk management ( LSE Business School ). Tapping into talent: Coupling education and innovation policies for economic growth ( VoxEU ). Plus: Cybersecurity: Emerging challenges and solutions for the boards of financial-services companies ( McKinsey ). Cyber insurance is only a few claims away from disaster. This is why it matters ( WEF ).

En este blog desde hace algunos años, le he dedicado muchas entradas al tema de los ciber riesgos (véase por ejemplo en las categorías de: administración de riesgos , ciberseguridad y por cyber ). En 2016, cuando trataba el tema y su importancia con otros colegas vinculados con la gestión de riesgos, su respuesta era que los ciber riesgos no eran un tema, área o campo en Economía y Finanzas, que era cosa de los informáticos. En 2017, ya algunos aceptaban que si era un riesgo como tal, pero no creían todavía en su importancia dentro de la economía y las finanzas, por lo que pensaban que los ciber riesgos en caso de ser considerados dentro de la economía y finanzas vinculadas con la gestión de riesgos, era dentro del riesgo operacional. Estamos en el año 2018, y aparecen más voces que piensan como yo, como es el anuncio por parte de la vicepresidenta del Consejo de Supervisión del Banco Central Europeo (BCE), Sabine Lautenschläger, que dijo: "el riesgo cibernético

Today, first four articles about risk management, one about cyber risk and finally, three articles about digital finance: Private Real Estate Fund Categories: A Risk/Return Assessment ( CFA Institute ). Brexit will leave the UK worse off economically in all scenarios ( LSE Business Review ). USAA manages financial risks with Tableau and improves enterprise compliance ( Tableau ). Idiosyncratic risks and the volatility of trade ( VOX ). Cyber risk governance should take centre stage in financial services ( LSE Business Review ). The design of digital financial infrastructure: lessons from India ( BIS ). Central Bank Digital Currencies: 4 Questions and Answers ( IMF ). Stabilising stablecoins: A pragmatic regulatory approach ( VOX ).

My recommendations about Risk Management to read this weekend: Top Risks 2017: The geopolitical recession ( Eurasia Group ). Risk analytics enters its prime: All the ingredients are in place for unprecedented advances in risk analytics. Now it’s up to banks to capture the opportunities ( McKinsey ). 5 Strategies to Maximize Your Risk Assessments ( Risk Management Monitor ). How to Use the World Economic Forum’s Cybersecurity Principles. A 2017 WEF report outlines best practices for boards and the C-suite to help strengthen an organization’s cyber practices by providing guidance for managing cyberrisks much in the same way that organizations manage enterprise risk ( Risk Management ). Cyber and the C-Suite: New Cyberrisk Responsibilities for Chief Risk Officers. Chief risk officers (CROs) have significant responsibilities and access to the board and senior management that put them at the forefront of technological, operational and human resources challenges involve

My recommended readings for this week in Finance and Risk Management: The COVID-19 threat to financial stability in Europe ( VoxEU ). Inflation at risk from Covid-19 ( BIS ). Valuation Debate: P/E, Cycles and Expensive Stocks ( The Big Picture ). Predictable financial crises ( VoxEU ). ESG at a Tipping Point ( CFA Institute ). Re-examining Diversification: 20/20 Perspective ( Acadian ). Economic uncertainty in the wake of the COVID-19 pandemic ( VoxEU ). In Search of Lost First Bests ( Development Impact ). Plus: Cyber Risk Safeguarding against cyberattack in an increasingly digital world COVID-19 crisis shifts cybersecurity priorities and budgets Enhancing cybersecurity in the Iberian Peninsula (Spain and Portugal)

Model risk management: The latest insights into the evolution of model governance practices across North America, Europe, and Asia ( McKinsey ). No, It Is Not a Bubble (Yet) ( The Big Picture ). Finance, Bubbles, Negative Rates: The What Ifs . . . ? ( CFA Institute ). Variability in risk-weighted assets: what does the market think? ( BIS ). The fundamentals of safe assets ( VoxEU ) How banks can ease the pain of negative interest rates ( McKinsey ). Operational and cyber risks in the financial sector ( BIS ). MiB: Sustainable Investing is Risk Management ( The Big Picture ).

A brief history of cryptocurrency drama, or, what could possibly DAO wrong? (CNET) ACLU sues to kill decades-old hacking law (Techcrunch): The advocacy group says the Computer Fraud and Abuse Act makes it hard to investigate websites for bad behavior and potential discrimination. Lizard Squad hacked thousands of cameras to attack websites (Endgadget): The infamous outfit made a botnet out of connected devices to flood banks and governments. Computer coughs up passwords, encryption keys through its cooling fans (Extremetech) Four Cyber Attacks On UK Railways In A Year (SkyNews): A security experts says the hackers could create "real disaster related to train safety".

My recommended reading for this weekend: The anatomy of cyber risk ( VoxEU ). Integrating climate change into the financial stability framework ( VoxEU ). Visualized: The New Era of Commodity Trading ( Visual Capitalist ). Why fragility is the new reality for the stock market ( Wellington Management ). How to Manage your Python Projects with Pipenv & Pyenv ( Rootstrap ). Stochastic Gradient Descent: Explanation and Complete Implementation from Scratch ( Regenerative ). Feel free to follow me on Twitter

Turning up the heat - climate risk assessment in the insurance sector ( BIS ). The impact of negative interest rates on banks and firms ( VOXEU ). New BIS Innovation Hub Centre in Singapore ( BIS ). The Norwegian Oil Fund: An Embarrassment of Riches ( CFA Institute ). Varying shades of red: how red team testing frameworks can enhance the cyber resilience of financial institutions ( BIS ).

A continuación mi selección de lecturas recomendadas sobre ciencia y tecnología para leer esta semana, que los disfrutes: Pocas veces nos encontramos con un artículo en español sobre ' La cantidad óptima de moneda digital de banco central (CBDC) en circulación ' basado en literatura especializada, por lo que recomiendo mucho su lectura. La Ley de Creación de Incentivos Útiles para la Producción de Semiconductores y la Ciencia de 2022 (Ley CHIPS por sus siglas en inglés), promulgada el 9 de agosto de 2022, está diseñada para impulsar la competitividad, la innovación y la seguridad nacional de Estados Unidos. La ley pretende catalizar las inversiones en la capacidad nacional de fabricación de semiconductores. También pretende impulsar la I+D y la comercialización de tecnologías de vanguardia, como la computación cuántica, la IA, la energía limpia y la nanotecnología, y crear nuevos centros regionales de alta tecnología y una mano de obra más amplia e inclusiva en el ámbito de l