-
Cascading risk and mitigation lessons stemming from the AWS outage
Organizations are threaded together in a web of digital infrastructure. It sounds pretty until something gets stuck. Our experts weigh in on strategies that can stem the fallout.
-
New York’s new guidance on third-party service provider cyber risk
The guidance does not impose new requirements; it helps NYDFS-regulated institutions meet existing obligations in light of evolving vendor-related cybersecurity risks.
-
FCA examines UK EMIR Refit compliance
Inadequate resource planning and dependence on external vendors highlighted in Market Watch 84 as key challenges for firms one year after the implementation of the new regime.
-
BaFin publishes DORA document requirements cheat sheet
Comprehensive register of key documents is relevant to all organizations running digital systems and needing to ensure their security.
-
BaFIN to intensify third-party supervision in 2025
The regulator continues to be concerned about outsourcing dependency and concentration risk and wants to obtain clarity on technology interconnectedness in the financial sector.
-
US banking agencies outline crypto-asset safekeeping considerations
The joint statement highlights potential risk-management considerations, but it does not create any new supervisory expectations.
-
SIFMA conference highlights efficient, dynamic US equity markets
Rapid structural change is, however, leading to some industry challenges, which are accentuated by changes in investors’ needs
-
FINRA monitoring evolving third-party vendor landscape
Information on third-party vendors is used by FINRA in proactive outreach to member firms including alerts and guidance.