CAE Agenda: Your Monthly Audit News Roundup

Whitney Sunset by Michael Rosenberg
CAE Agenda: Your Monthly Audit News Roundup


Welcome to the December edition of the CAE Agenda, Protiviti's monthly roundup of internal audit news and developments for financial services organizations. 



An Urgent Call for KYC Optimization — A Global Market Study Calling for KYC Innovation and Collaboration

Protiviti and the International RegTech Association (IRTA) conducted a global study to investigate the effectiveness of existing anti-money laundering know your customer (AML/KYC) processes, their impact on customer experience across various jurisdictions and the efforts by financial institutions to innovate KYC controls. This study provides a blueprint for adopting more efficient and effective KYC processes that improve customer experience and promote financial inclusion. Learn more and download the report here





  1. Quantum Dawn Cyber Exercise Simulates a “Doomsday” Global Ransomware Attack

    The biennial Quantum Dawn cyber exercise brings the financial industry together for a sort of “war game” that simulates a major financial institution being taken out by a malware attack. The scenario has typically focused on the United States banking industry, but the 2019 edition was the first to include participants from Asia and Europe. This year’s event imagined what would happen if a “too big to fail” financial institution was rendered inoperable by a targeted ransomware attack.

  2. 9 Big Items on Regulators’ To-Do List (Including CRA Reform)

    The federal bank regulators are trying to close out 2019 with a bang. American Banker summarizes what might be in store for the next several months:

    - Community Reinvestment Act (CRA) modernization

    - Stress capital buffer

    - Net stable funding ratio

    - Enhanced cyber risk management standards

    - Volcker Rule's "covered fund" definition

    - Receiverships of uninsured federal branches and agencies

    - Brokered deposits

    - CFPB could address payday lending HMDA reporting


    [Source: American Banker]

  3. Basel Committee Publishes More Details on Global Systemically Important Banks

    On November 22, the Basel Committee on Banking Supervision published further information related to its 2019 assessment of global systemically important banks (G-SIBs), including additional details underlying the scoring methodology. The publication accompanies the Financial Stability Board's release of the updated list of G-SIBs.



Cyber Risk Quantification: Common Misconceptions and Asking the Right Questions [Podcast]

In this latest podcast from our cybersecurity series, Associate Director Vince Dasta breaks down some common misconceptions around cyber risk quantification (CRQ) and suggests ways companies can get insights through quantitative analysis of available data, even in imperfect data environments.

Cybersecurity, Automation, Next-Gen Audit Skills: Key Themes From the SIFMA IAS Conference [Podcast]

On October 27-30, the SIFMA Internal Auditors Society hosted its annual internal audit conference in Miami, exploring topics ranging from audit fundamentals to intelligent automation, analytics and auditing cyber. Managing Director Rick Magliozzi attended the event and summarizes the key themes and discussions that emerged from the two-day conference.

Revamping Risk Culture in the Digital Age

How many directors can name a chief risk officer who has advised them and the executive team that the organization is too risk-averse? In the digital age, not enough. Issue 121 of Board Perspectives: Risk Oversight lists 10 cultural attributes of how best-of-class risk management evolved from a fragmented, siloed model focused narrowly on myriad risks to an enterprisewide approach focused on the most critical business risks and integrated with strategy-setting and performance management. It also suggests some questions that boards of directors may consider, based on the risks inherent in the entity’s operations.




The Protiviti team wishes everyone happy holidays! We’ve included 10 links for winter reads, videos and podcasts below. And, of course, don’t hesitate to reach out with any information needs you may have ahead of the new year.

•    Addressing Operational Resilience From an Internal Audit Perspective [Podcast]

•    The OCC’s 2020 Supervision Plan Targets Emerging Risks Facing Financial Institutions [Blog]

•    Today’s Toughest Challenges in IT Audit: Tech Partnerships, Talent, Transformation [Podcast]

•    CFOs Now Consider the Security and Privacy of Finance Data Their Top Priority [Blog]

•    What Are the Key Drivers for Innovation in Banking? Citi’s Kevin Garlan and Protiviti’s Nathan Hilt share insights. [Video]

•    At RegTech Conference, Protiviti and IRTA Sound an Urgent Call for KYC Optimization [Blog]

•    October 2019 Cybersecurity Awareness Webinar Series – Listen to on-demand recordings [Webinar Series]

•    Is the Payments Landscape Becoming More Complex? [Video]

•    Looking for Innovation? Ten Ideas to Help Companies Break the Mold [Blog]

•    Actionable Insights Into Implementing Your Advanced ERM Program – Protiviti’s 2019 ERM Readiness Assessment Survey [Report]


Microsite Download View: 

Now Trending on



  1. RPA: Extending Process Automation to the Desktop and Beyond [On-Demand Webinar]
  2. Transforming the Record To Report Process [On-Demand Webinar]
  3. Measuring Cyber Risk Quantitatively — Eliminating the Guesswork



Powerful Tools for Business Risk & Internal Audit

KnowledgeLeader is a subscription-based website that provides audit programs, checklists, tools and training to help risk management professionals save time, manage risk and add value.


Start a 30-day free trial