CAE Agenda: Your Monthly Audit News Roundup
Welcome to the December edition of the CAE Agenda, Protiviti's monthly roundup of internal audit news and developments for financial services organizations.
An Urgent Call for KYC Optimization — A Global Market Study Calling for KYC Innovation and Collaboration
Protiviti and the International RegTech Association (IRTA) conducted a global study to investigate the effectiveness of existing anti-money laundering know your customer (AML/KYC) processes, their impact on customer experience across various jurisdictions and the efforts by financial institutions to innovate KYC controls. This study provides a blueprint for adopting more efficient and effective KYC processes that improve customer experience and promote financial inclusion. Learn more and download the report here
NEWS AND TRENDS
The biennial Quantum Dawn cyber exercise brings the financial industry together for a sort of “war game” that simulates a major financial institution being taken out by a malware attack. The scenario has typically focused on the United States banking industry, but the 2019 edition was the first to include participants from Asia and Europe. This year’s event imagined what would happen if a “too big to fail” financial institution was rendered inoperable by a targeted ransomware attack.
The federal bank regulators are trying to close out 2019 with a bang. American Banker summarizes what might be in store for the next several months:
- Community Reinvestment Act (CRA) modernization
- Stress capital buffer
- Net stable funding ratio
- Enhanced cyber risk management standards
- Volcker Rule's "covered fund" definition
- Receiverships of uninsured federal branches and agencies
- Brokered deposits
- CFPB could address payday lending HMDA reporting
[Source: American Banker]
On November 22, the Basel Committee on Banking Supervision published further information related to its 2019 assessment of global systemically important banks (G-SIBs), including additional details underlying the scoring methodology. The publication accompanies the Financial Stability Board's release of the updated list of G-SIBs.
In this latest podcast from our cybersecurity series, Associate Director Vince Dasta breaks down some common misconceptions around cyber risk quantification (CRQ) and suggests ways companies can get insights through quantitative analysis of available data, even in imperfect data environments.
Cybersecurity, Automation, Next-Gen Audit Skills: Key Themes From the SIFMA IAS Conference [Podcast]
On October 27-30, the SIFMA Internal Auditors Society hosted its annual internal audit conference in Miami, exploring topics ranging from audit fundamentals to intelligent automation, analytics and auditing cyber. Managing Director Rick Magliozzi attended the event and summarizes the key themes and discussions that emerged from the two-day conference.
How many directors can name a chief risk officer who has advised them and the executive team that the organization is too risk-averse? In the digital age, not enough. Issue 121 of Board Perspectives: Risk Oversight lists 10 cultural attributes of how best-of-class risk management evolved from a fragmented, siloed model focused narrowly on myriad risks to an enterprisewide approach focused on the most critical business risks and integrated with strategy-setting and performance management. It also suggests some questions that boards of directors may consider, based on the risks inherent in the entity’s operations.
The Protiviti team wishes everyone happy holidays! We’ve included 10 links for winter reads, videos and podcasts below. And, of course, don’t hesitate to reach out with any information needs you may have ahead of the new year.
• Today’s Toughest Challenges in IT Audit: Tech Partnerships, Talent, Transformation [Podcast]
• CFOs Now Consider the Security and Privacy of Finance Data Their Top Priority [Blog]
Now Trending on Protiviti.com:
- RPA: Extending Process Automation to the Desktop and Beyond [On-Demand Webinar]
- Transforming the Record To Report Process [On-Demand Webinar]
- Measuring Cyber Risk Quantitatively — Eliminating the Guesswork
Powerful Tools for Business Risk & Internal Audit
KnowledgeLeader is a subscription-based website that provides audit programs, checklists, tools and training to help risk management professionals save time, manage risk and add value.