Monthly Archives: February 2015

Archived Posts

February 26, 2015 by: James Bone Categories: Risk Management 2015-2019 Global Privileged Identity Management Market Research

stock-photo-18450774-businesswoman-with-binocularsYou must be logged in to view this document. Click here to login

February 21, 2015 by: James Bone Categories: Risk Management 2015 Report on the Current State of Enterprise Risk Management: Update on Trends and Opportunities

You must be logged in to view this document. Click here to login

KeyNYC River View findings in ERM current state:

59% believe the volume and complexity of risk has changed over the last 5 years

25% have implemented a complete and formal ERM program

23% describe their risk management program as “Mature” or “Robust”

February 15, 2015 by: James Bone Categories: Risk Management S.E.C. CYBERSECURITY EXAMINATION SWEEP SUMMARY

You must be logged in to view this document. Click here to login

In a random sample of registered broker-dealers and investments by the SEC most of the firms have been subject to cyber-related incidents.  These findings have major implications for investors and investment professionals alike.

The SEC’s stock-photo-21182024-interface-touchrecent sweep of 57 registered broker-dealers and 49 investment advisers revealed the following steps the investment community has taken to prevent, detect and correct cybersecurity threats:

  • The vast majority of examined broker-dealers (93%) and advisers (83%) have adopted written information security policies. Most of the broker-dealers (89%) and the majority of the advisers (57%) conduct periodic audits to determine compliance with these information security policies and procedures.
  • The vast majority of examined firms conduct periodic risk assessments, on a firm-wide basis, to identify cybersecurity threats, vulnerabilities, and potential business consequences.
  • Most of the examined firms reported that they have been the subject of a cyber-related incident
  • Many examined firms identify best practices through information-sharing networks
February 14, 2015 by: James Bone Categories: Risk Management Governance since the economic crisis: McKinsey Global Survey results

Governance since the economic crisis McKinsey Global Survey results

stocks dropCorporate boards are under pressure to take more responsibility for developing strategy and overseeing business risk after the financial crisis exposed many cases of inadequate governance.1 Yet, according to the latest McKinsey Quarterly survey on governance,2 directors report that their boards have not increased the time spent on company strategy since our previous survey, conducted in February 2008—seven months before the collapse of Lehman Brothers. Moreover, 44 percent of respondents say their boards simply review and approve management’s proposed strategies. Just one-quarter characterize their boards’ overall performance as excellent or very good; even so, the share of boards that formally evaluate their directors has dropped over the past three years.

February 1, 2015 by: James Bone Categories: Risk Management Is Trust an effective Control?

“You have stock-photo-14341836-downtown-dubaito learn the rules of the game. And then you have to play [the game] better than anyone else” – Albert Einstein

You may not follow stock markets or politics in Europe but you may be aware of the economic turmoil in the European Union and the recent elections in Greece. The “Grexit ”, a term used to describe the potential exit of Greece from the fold of countries that back the common currency, the “Euro”.   The threat by Greece to not honor its agreement to repay loans or follow through with its plan to get its financial house in order has roiled markets globally. The risk is that if other countries follow Greece’s example the Euro zone will be thrown into chaos leading to the demise of the Union.

The Great Rescue that followed the Great Recession!

In 2009, at the height of the Great Recession, central bankers around the world were forced to act as backstop of last resort for the debt securities of their country and banks to forestall economic collapse.   The Euro zone’s challenge is complicated by the fact that reaching agreement among members of the Union required compromise from countries with competing interests. It is remarkable that the ECB has managed to maintain relative stability given the divergence of political and economic goals.

Greece’s rescue agreement with its neighbors provided 172 billion euros in low cost loans and an expectation that the country’s leaders enact reforms to address its financial problems. Unfortunately, recent Greek elections swept in new leadership with a different agenda causing new concerns of a potential collapse of the European Union.

No one knows how the events will play out but it is important to examine this experiment in real time. Is Trust an effective Control? The answer seems obvious, right? But wait, do we take trust for granted? Financial transactions around the world are based on trusting a business, person, and or technology used to conduct business each day.

Trust is fragile and costly to rebuild.

We now know first hand what happens when trust grinds to a halt. In 2008, without the collective action of central bankers, fear and market reaction would have dictated the terms of resolving debt securities much more harshly. Banks no longer trusted other banks, government debt was in question, and the rules of the game were no longer clear. In short, trust was lost.

There is an implied contract when trust is the agreement. When trust is violated the damage can be far reaching. The old axiom, “it takes a lifetime to build trust and a second to ruin it” is an apt warning. Trillions of paper profits were lost because of a loss of trust!

Trust has proven to be a very effective control that underlies anything of importance. What are the consequences of violating this implied agreement? The newly elected Prime Minister of Greece, Alexis Tsipras, may soon learn this lesson. Recently, Greece’s stock and bond market has sold off causing Tsipras to take a more conciliatory approach toward repaying Greece’s debt. Tsipras’s actions will speak volumes toward restoring trust.

The stigma of losing trust has proven to be a powerful deterrent.

But clearly trust alone is not a deterrent. The markets and members of the European Union can cause real pain in Greece if the Prime Minister fails to abide by the agreements in place. Access to financial markets and favorable loans conditions are important incentives to reinforce the rules of the game.

How can we apply this lesson more broadly when building internal controls? Compliance and risk programs may be more effective when built on a foundation of trust with consequences. One of the most effective ways to integrate compliance throughout an organization is to ensure that everyone is subject to the same rules.

Everyone is watching when the rules change.

Changing the rules because of tougher business conditions or when more aggressive competitors bend or break the rules chips away at the culture of compliance. When leaders and employees say “everyone else is doing why aren’t we” this is the red flag the rules are changing. There are no easy answers to tough economic times or innovative competitors. Tough times require creative solutions not short cuts. The implied agreement of trust in doing the right thing requires all parties to actively participate.

Likewise, the outcome of Greece’s economy may depend on the trust of delivering on its promises. The lesson for business is that the process of building trust never ends but may be the best investment it can make.