Written by Tom Turner, CEO, BitSight
In the last few years we have seen the frequency and severity of third-party cyberattacks against global financial institutions continue to increase. One of the biggest reported attacks against financial organisations occurred in early 2016, when $81 million was taken from accounts at Bangladesh Bank. Unknown hackers used SWIFT credentials of Bangladesh Central Bank employees to send more than three dozen fraudulent money transfer requests to the Federal Reserve Bank of New York asking the bank to transfer millions of the Bangladesh Bank’s funds to bank accounts in the Philippines, Sri Lanka and other parts of Asia. The Bangladesh Bank managed to halt $850 million in other transactions, and a typo made by the hackers raised suspicions that prevented them from stealing the full $1 billion they were after.
The Financial Conduct Authority (FCA) reported 69 attacks in 2017 compared to 38 reported in 2016, a rise of more than 80% in the last year.
We saw two main trends last year. First, there was a continuation of cyberattacks targeting systems running SWIFT — a fundamental part of the world’s financial ecosystem. Because SWIFT software is unified and used by almost all the major players in the financial market, attackers were able to use malware to manipulate applications responsible for cross-border transactions, making it possible to withdraw money from any financial organisation in the world. Victims of these attacks included several banks in more than 10 countries around the world. Second, we saw the range of financial organisations that cybercriminals have been trying to penetrate expand significantly. Different cybercriminal groups attacked bank infrastructure, e-money systems, cryptocurrency exchanges and capital management funds. Their main goal was to withdraw very large sums of money.
With the evolving risk landscape and the challenges of new potential risks including third party risks, companies within financial services need a set of management procedures and a framework for identifying, assessing and mitigating the risks these challenges present. Effective risk management offers sound judgement in making decisions about what is the appropriate resource allocation to minimise and mitigate risk exposure.
Risk management lifecycle
The basic principle of a risk management lifecycle is to mitigate risk, transfer risk and accept/monitor risk. This involves identification, assessment, treatment, monitoring and reporting.
In order to mitigate risk, an organisation must measure cyber risk performance and incentivise critical third-party vendors to address security issues through vendor collaboration.
In terms of identification, you can’t manage your risks if you don’t know what they are, or if they exist. The first step is to uncover the risks and define them in a detailed, structured format. You need to identify the potential events that would most influence your ability to achieve your objectives, then define them and assign ownership.
Once the risks are identified they need to be examined in terms of likelihood and impact, also known as assessment. It is important to assess the probability of a risk, and its consequences. This will help identify which risks are priorities and require the most attention. You need to have some way of comparing risks relative to each other and deciding which are acceptable and which require further management. In this way you establish your organisation’s risk appetite.
To transfer risk, an organisation is advised to influence vendors to purchase cyber insurance to transfer risk in the event of a cyber event.
Once the risk has been assessed, an approach for treatment of each risk must now be defined. After assessment, some risks may require no action, to only be continuously monitored, but those that are seen as not acceptable will require an action or mitigation plan to prevent, reduce, or transfer that risk.
To accept and monitor risk, the organisation must understand potential security gaps and may need to accept certain risks due to business drivers or resource scarcity.
Once the risk is identified, assessed and a treatment process defined, it must be continuously monitored. Risk is evolutionary and can always change. The review process is essential for proactive risk management.
Reporting at each stage is a core part of driving decision-making in effective risk management. Therefore, the reporting framework should be defined at an early point in the risk management process, by focusing on report content, format and frequency of production.
Managing with risk transfer
Risk transfer is a strategy that enterprises are considering more and more. It mitigates potential risks and complies with cyber security standards. As cybercrime rises, an insurer’s view of cybersecurity has changed from being a pure IT risk to one that requires board-level attention. Insurance is now viewed as fundamental in offsetting the effects of a cyberattack on a financial institution. However, insurers will want to know that appropriate and audited measures are in place to prevent an attack in the first place and respond correctly when cybersecurity does fail. An organisation’s risk management responsibility now extends down the supply chain and insurers will want to know the organisation’s strategies to monitor and mitigate third party vendor risk.
Simplifying risk management and the transfer of risk can also be accomplished by measuring your organisation’s security rating. This is a similar approach to credit ratings for calculating risk. Ratings provide insight into the security posture of third parties as well as your own organisation. The measurement of ratings offers cost saving, transparency, validation and governance to organisations willing to undertake this model.
The benefits of security ratings will be as critical as credit ratings and other factors considered in business partnership decisions in the very near future. The ratings model within risk management can help organisations collaborate and have productive data-driven conversations with regards to risk and security, where they may not have been able to previously.
Long term potential
This year we will see a continuation of third-party cyberattacks targeting systems running SWIFT, allowing attackers to use malware in financial institutions to manipulate applications responsible for cross-border transactions across the world. Banks generally have more robust cyber defences than other sectors, because of the sensitive nature of their industry and to meet regulatory requirements. However, once breached, financial services organisations’ greatest fear is copycat attacks. This is where an effective risk management strategy can enable better cost management and risk visibility related to business operational activities. This leads to better management of market place, competitive and economic conditions, and increases leverage and consolidation of different risk management functions.
SH Capital Ltd launches in Dubai to support SMEs with global banking services
Fintech provider to reconnect businesses with international banking services, digital treasury management solutions, risk management and cash investment products
A new digital treasury services management provider SH Capital Ltd (SHC), launches in Dubai today with a plan to empower small and medium sized enterprises (SMEs & MMEs) by offering world class global banking services, asset management, FX hedging solutions, investment products and services.
SH Capital is a subsidiary of parent company Stanhope Financial Group, which launched with $3.5m funding in November last year. In December, the group also announced the launch of its EU headquarters in Lithuania after obtaining its Electronic Money Institution licence.
The independent fintech firm, which has received its in-principle approval Cat 3A regulatory licensing from the DFSA, Dubai, is set to begin trading as of end of Q2’21, with a mission to help companies meet their financial goals during the Covid-19 recovery.
SHC will act as an intermediary for clients, helping them to access leading and global tier one cash investment products. The Stanhope team of leading industry experts will also advise on commercial paper, money market funds, futures, options, ETFs & FX hedging solutions. Additionally, SHC has already partnered with a number of global counterparties, exchanges and e-trading venues to provide liquidity in the equity, FX, fixed income and commodity markets for all clients.
In spite of recent market volatility due to Covid-19, SHC are also committed to providing bespoke financial strategies for companies as matched principle, designed to meet their risk tolerance and position them ahead of the curve for both short and long-term financial goals.
To do this, SHC leverages the latest RegTech and blockchain technology, which helps to significantly reduce CBR risk and service friction, whilst maintaining a fast, secure and transparent service. More specifically, AML, KYC, trade monitoring and a distributed ledger technology are just some of the technology utilised for an efficient and safe execution of service.
Speaking to Global Banking and Finance Review, Khalid Talukder, Managing Director, SH Capital Ltd, said: “For ambitious businesses within the GCC, getting multi-product access and global reach of investment instruments and solutions will be a critical priority for 2021 and beyond.
“Key to SH Capital’s offering is that we have the ability to aggregate high tier one investment solutions in a single venue, delivered digitally through our platform. This gives clients a greater choice and reach over the instruments that they can invest in, as well as our ability to help create a bespoke portfolio on a client-by-client basis through our holistic approach to client service. “
“Dubai is quickly being recognised as a global hub of fintech and innovation, being home to some of the fastest growing, most exciting firms on the planet. With postponed Dubai Expo launching in the Autumn of 2021, we are perfectly placed to support these business to maximise this global showcasing opportunity.
Many of these businesses struggle to gain access to efficient and high quality digital asset management and investment products globally to support their treasury activities. We aim to provide a fully digital service offering via our platform allowing easy access to various cash asset management products, services and investment products that they need in order to thrive in an increasingly competitive global world.
SH Capital Ltd will change all that, reconnecting these fast-growing firms mid-market corporates which are the backbone of GCC commerce with the products offered by Tier 1 financial institutions, as well as offering treasury consultancy to take them to the next level.
With over 70 years combined experience in our team of financial professionals, shared with quantitative-driven data insight, regulatory technology and blockchain, we are confident we can provide a consistent treasury management service, free from delays, security issues and unfair charging, to all firms in need of assistance during this difficult Covid period and beyond.”
Kevin von Neuschatz, Group CEO, Stanhope Financial Group added, “We’re excited to have received our operating licence and formally launch SH Capital Ltd in Dubai. Our on-the-ground team of experts will begin trading immediately, providing ambitious businesses across the region with tier one banking and payments services to enable rapid growth during an incredibly challenging time.
This is the first of many expansion plans for the Stanhope Financial Group, with similar launches in Europe and other key regions in the first part of 2021.”
This is a Sponsored Feature
Daily Mail publisher posts 15% drop in quarterly revenue
LONDON (Reuters) – The publisher of Britain’s Daily Mail newspaper said that group revenue fell 15% in the three months to the end of December, dragged down by falls in print advertising revenues at its papers and by cancellations in its events business.
Daily Mail and General Trust said that group quarterly revenue came in at 304 million pounds ($416 million), down 15% on an underlying basis, but excluding the impact of cancelled events it was down 5%.
At its newspapers, print advertising revenues fell 38%, compared to an 8% rise in digital advertising. The group said that the impact of the pandemic meant it was difficult to provide short-term forecasts.
($1 = 0.7301 pounds)
(Reporting by Sarah Young; editing by Michael Holden)
Dollar slides vs. most currencies on optimism about Biden administration
By Gertrude Chavez-Dreyfuss and Saqib Iqbal Ahmed
NEW YORK (Reuters) – The dollar fell against most currencies on Wednesday, as risk appetite held up on optimism about a massive stimulus package under the new Joe Biden administration that will likely bolster a U.S. economic recovery.
The greenback slid against the yen as well as currencies tied to commodity prices such as the Australian, Canadian, New Zealand dollars, and the Norwegian crown. The U.S. dollar dropped to a three-year low versus its Canadian counterpart and sterling, while hitting a two-week trough against the yen.
The S&P 500 climbed to a new all-time peak, while U.S. crude futures gained as the risk rally carried on.
Biden was sworn in as the 46th president of the United States on Wednesday, vowing to end the “uncivil war” in a deeply divided country reeling from a battered economy and a raging coronavirus pandemic that has killed more than 400,000 Americans.
The new government is expected to push through Congress a nearly $2 trillion U.S. fiscal stimulus plan.
“Once you are no longer uncertain about something and it materializes, the overall optimism grows and gives way to the global recovery narrative,” said Juan Perez, senior FX strategist and trader at Tempus Inc. in Washington.
“The election and the issues after — all of them played a dramatic role, but now it’s over. Joe Biden is president and stimulus hopes are, like some markets, at a record high,” he added.
In afternoon trading, the dollar fell 0.4% against the yen to 103.54, sliding to a two-week low earlier in the session to 103.45.
The U.S. dollar tumbled to a three-year low versus the Canadian currency at C$1.2607, after the Bank of Canada on Wednesday opted not to cut interest rates. The greenback was last down 0.7% at C$1.2642.
The Aussie dollar rallied 0.6% to US$0.7745, while the New Zealand currency also gained 0.6% to US$0.7167.
Sterling rose to a three-year high versus the dollar of $1.3720, but surrendered some of those gains to trade up just 0.1% at $1.3643.
A combination of heightened risk appetite in global markets and UK-specific optimism lifted the pound on Wednesday.
The dollar index, meanwhile, was up 0.1% at 90.483. Since the beginning of the year, the index has posted a modest 0.5% gain.
Futures positioning data still shows that investors are overwhelmingly short dollars as they figure that budget and current account deficits will weigh on the greenback.
The euro fell 0.2% against the dollar to $1.2106.
European countries are struggling to contain the contagion of the coronavirus amid worries that a new variant could lead to more stringent lockdowns and more economic pain.
Investors are also fretting about the slower pace of the rollout of vaccines relative to the United States and Britain, which may hobble economic recovery in the euro zone.
(Reporting by Saqib Iqbal Ahmed and Gertrude Chavez-Dreyfuss; Editing by Mark Heinrich and Sonya Hepinstall)
SH Capital Ltd launches in Dubai to support SMEs with global banking services
Fintech provider to reconnect businesses with international banking services, digital treasury management solutions, risk management and cash investment products A...
Why CMOs Should Care About Customer IAM
By Darshana Gunawardana, Associate Director/Architect at WSO2 The surge to move online in 2020, in turn, has driven demand for...
Volkswagen faces EU fine for missing 2020 emissions targets
BERLIN (Reuters) – Volkswagen faces a fine of more than 100 million euros ($121 million) for missing EU targets on...
Ahli Bank, Oman, is SunTec’s 50th customer for its Indirect Taxation Solution
SunTec’s GCC VAT compliance solution to help Ahli Bank automate end-to-end VAT compliance process, manage regulatory changes, and seamlessly integrate...
Oil dips after unexpected rise in U.S. crude stocks
By Ahmad Ghaddar LONDON (Reuters) – Oil slipped on Thursday after industry data showed a surprise increase in U.S. crude...
UK factories see big drop in output ahead, supply problems too
LONDON (Reuters) – British manufacturers expect a sharp fall in output in the three months ahead and there were widespread...
Britain’s EG Group appoints Rose as non-executive chairman
LONDON (Reuters) – British convenience store and fuel retailer EG Group said on Thursday it had appointed Ocado Chairman Stuart...
Bitcoin slumps 10% as pullback from record continues
LONDON (Reuters) – Bitcoin slumped 10% on Thursday to a 10-day low of $31,977 as the world’s most popular cryptocurrency...
European firms improve diversity scores in pandemic year, study finds
By Aida Pelaez-Fernandez (Reuters) – The number of major European companies with high participation of women in leadership positions has...
Bank of Japan lifts next year’s growth forecast, saves ammunition as virus risks linger
By Leika Kihara and Tetsushi Kajimoto TOKYO (Reuters) – The Bank of Japan kept monetary policy steady on Thursday and...