Risk News

Researchers Find Clues in Malware

"Security experts have only begun examining the thousands of lines of code that make up Flame, an extensive, data-mining computer virus that has been designed to steal information from computers across the Middle East, but already digital clues point to its creators and capabilities."

Annie's take:

One hardly knows what to make of this careful story, that dances around the identification of the malware's creator.

EU Proposes 'Banking Union'

"The 17 countries that use the euro should consider setting up a "banking union" that allows them to share the burden of bank failures, the European Union's executive arm said Wednesday in a report on the currency union's crisis-fighting efforts."

Annie's take:

Such proposals are harder to find agreement on when times are tough than when things are going well.

Operational risk management is on the line

"Most of us spend our days with our heads down, on behalf of our employer or our client, dealing with one of the practice areas where the usual aberrations present themselves in the larger context of operational risk management (ORM)."

Annie's take:

I'm honored to have this piece published here. Continuity Central consistently provides content-rich and cutting edge thought pieces in security, business continuity and operational risk management.

NOAA issues 2012 hurricane season forecasts

"NOAA has released its forecasts for the 2012 hurricane season. It currently predicts a near normal season in the Atlantic and Eastern Pacific areas and a below-normal season in the Central Pacific."

Annie's take:

This forecast offers some relatively positive news.

OCC Needs to Speak Up About the JPMorgan Chase Mess

"Everyone in Washington is talking about JPMorgan Chase's botched hedge. Everyone, that is, but the federal regulators who actually know what's going on."

Annie's take:

When the industry's most prestigious trade journal writes a piece like this, you know that things may be going to get a lot worse before they get better.

FDIC Says It Can Handle Failure of Giant Bank

"A top U.S. banking regulator said his agency could handle the failures of large, complex banks including J.P. Morgan Chase JPM -1.32% & Co., the nation's largest bank by assets, if they faltered and presented a risk to the broad financial system."

Annie's take:

For those of us who have direct experience of the FDIC's ability to handle the failure of a large bank, it's not at all clear that the business process management the FDIC can apply with smaller or regional banks will work with a large one, without large impacts to taxpayers.

Rebuilding Joplin: Nonprofit Attacks the Hurdles of Long-Term Recovery

"It was a typically hectic weekend for Kate Massey with her son’s third birthday on Sunday, May 22, and the impending family party. Nothing seemed out of the ordinary that day as the family left for the party site, a bounce-house facility in Joplin, Mo."

Annie's take:

Having chaired a panel discussion with Joplin-area bankers last week at the EPCOR spring conference, I can attest to the fact that recovery is indeed proceeding in Joplin. Here's part of the remarkable story of that recovery.

Discord at Key JPMorgan Unit Is Faulted in Loss

"Ever since JPMorgan Chase disclosed a multibillion-dollar trading loss this month, the central mystery has been how a bank known for its skill at risk management could err so badly."

Annie's take:

Almost all operational risk failures have at their heart an issue involving people and processes. This story that examines the cast of characters involved, together with an earlier one that indicated JPMorgan Chase was without a treasurer to oversee this unit for five months, reinforces the point.

'An Extraordinary Thing': OCC's Curry Sees Operational Risk as Top Concern

"Operational risk has replaced credit risk as the major safety and soundness challenge for national banks, Comptroller Thomas Curry said at a speech in Washington on Wednesday."

Annie's take:

We're thrilled to have a major premise of our consulting practice confirmed by Thomas Curry, Comptroller of the Currency. That operational risk could exceed credit risk in the eyes of the regulators of financial safety and soundness, even while we are still slowly making our way out of the 2008 financial meltdown, is an indicator of how much instability we still have in this sector.

White House Steps Up Push to Toughen Rules on Banks

"In the wake of losses at J.P. Morgan Chase JPM 0.00% & Co., the White House is seeking to ensure a tough interpretation of a regulation designed to prevent banks from making bets with their own money, according to people familiar with the matter"

Annie's take:

It is to be hoped that banking regulation will not become a political football this election season. Here's a preview, though, of how it's lining up.

F.B.I. Inquiry Adds to JPMorgan’s Woes
"Investors and federal investigators turned up the heat on JPMorgan Chase on Tuesday, as shareholders called for pay givebacks from executives responsible for a stunning $2 billion trading loss and the Federal Bureau of Investigation opened a preliminary review of the debacle."
Annie's take:

Jamie Dimon hung on to both of his titles yesterday at the annual shareholders meeting, but those votes had been tallied before last week's announcement on the $2B loss. Stand by for more details as the story continues to unfold, and Dimon taps two of his heir apparents to help fix these issues.
Red Flags Said to Go Unheeded by Bosses at JPMorgan
"In the years leading up to JPMorgan Chase’s $2 billion trading loss, risk managers and some senior investment bankers raised concerns that the bank was making increasingly large investments involving complex trades that were hard to understand."
Annie's take:

Though the unfolding story of the $2 billion in losses may have some elements of "pile on," this story indicates just how easy it is for something like this to happen when the chief executive is distracted with other fires that need to be put out. Most shocking (to me) is that the risk officer was simply replaced when he got in the way of the investment office. And, of courses, that the losses may be double what they are today.
3 JPMorgan Chase execs may depart as CEO Jamie Dimon acknowledges ‘terrible, egregious mistake’ on trading

"The embarrassing losses at megabank JPMorgan Chase reverberated in Washington, Wall Street and on the campaign trail Sunday, with JPMorgan Chase chief executive Jamie Dimon acknowledging that the bank “made a terrible, egregious mistake” by dismissing worrisome signs earlier this year about the bank’s trading strategy."

Annie's take:

See my ASA newsletter column today for more examples of history-making losses like this one. This is not simply poor execution, it is also the failure of alarms or alerts in systems to throw up intelligible messages.

Business continuity considerations for the Chicago NATO summit

"On 20 and 21 May 2012 Chicago will host a NATO summit. The North Atlantic Treaty Organization (NATO) will have representatives from approximately 70 nations attending the summit. Known as a National Special Security Event (NSSE) by the US Secret Service, Federal Bureau of Investigation (FBI) and Federal Emergency Management Agency (FEMA); the NATO summit will require coordination of a large array of public sector resources."

Annie's take:

An exhaustive set of checklists around large events where chaos may ensue.

Homeland Security Investigates Cyber Attacks on Gas Pipelines, NGI Reports

"There has been an "active series" of cyber attacks on natural gas pipeline companies' computer networks over the past four months, according to the Department of Homeland Security (DHS)."

Annie's take:

We've known for years that there are gaping holes in the security infrastructure of the energy sector. Let's hope this marks the beginning of a new public-private partnership.

Industry Perspective: The Importance of Public-Private Partnerships

"Hurricane Katrina changed everything in emergency management, especially the private sector’s role in disaster response."

Annie's take:

Many of us in the business know how Wal-Mart stepped up during Hurricane Katrina, but here's a way to put into perspective that effort and those that the writer argues have grown since that time.

Have you tested your strategy lately?

"Ten timeless tests can help you kick the tires on your strategy, and kick up the level of strategic dialogue throughout your company."

Annie's take:

This is a 2011 article from McKinsey Quarterly, but extremely relevant today.

Big Google Is Watching You

"One way or another Google has a problem."

Annie's take:

An incisive piece from Richard Levick, where he also places Google's evolution in the context of how companies grow -- very much worth reading.

Progress Is Seen in Advancing a Final Volcker Rule

"A major new rule that has drawn the ire of Wall Street is on track for completion sooner than some bankers had expected, dashing the hopes of financial industry lobbyists, who have pressed for a delay."

Annie's take:

It appears that the financial sector has not been able to slow down the July deadline for regulators to have completed writing a final version of the Volcker Rule, despite a meeting yesterday at the Federal Reserve in New York.

New thinking for new media

"Business continuity managers have traditionally seen the media as something of a threat; but a different approach can bring big benefits."

Annie's take:

This refreshing article, written by one of our own, echoes themes strick in Richard Levick's work as well as my own. In particular, see Levick's "The Communicators: Leadership in the Age of Crisis."

Could Early, High-Risk Weather Warnings be on the Rise?

"The series of tornadoes that killed at least six in Oklahoma and raised havoc in other parts of the Central Plains April 14-15 was preceded by a rare early, high-risk warning."

Annie's take:

There's no doubt that earlier weather warnings save lives and allow for some preparation time.