Entries by Eric Berdeaux, CEO OXIAL

Where does the coronavirus fit within business risk management strategy?

As you will have no doubt seen or heard over the past month or so, the world is currently in the grip of a coronavirus pandemic. As the time of writing (March 2020), Italy has gone into complete lockdown, Spain has closed its parliament, major sporting and business events are being cancelled or postponed all over the world and most people are in a state of confusion as to what the true risk is.
The same is as true for enterprises as much as it for consumers. There has been so much information about what to do / what not to do, that it is very hard to assess and mitigate risk. Company bosses would want to keep employees safe and uninfected as a priority, but they also must factor in how this would affect productivity, efficiency and overall risk management.

The four main challenges when applying digital transformation to risk management…and how to address them

Digital technology has changed many aspects of our personal and working lives over the past decade. Yet there are certain elements of the business world that have remained relatively untouched by digital transformation – one of those is the risk management function.
For Financial Services (FS) firms especially, the regulatory compliance landscape has become more complex since the financial crisis of 2008 and a logical move would be for organisations to digitise risk management and / or an overarching GRC department. There’s also an increasing expectation from customers and partners that businesses will be fully digital.

Wells Fargo $3 billion settlement reveals the true cost of failing to manage human risk

Wells Fargo is one of the largest banks and most recognisable Financial Services (FS) brands in the world. In 2019 it was the world’s fourth-largest bank by market capitalisation and with operations in 35 countries serving more than 70 million customers globally, it would appear to be the model of a well-run and successful business.
Yet earlier this month (21 February 2020) it was announced that Wells Fargo had settled with the United States Department of Justice (DOJ) and the United States Securities and Exchange Commission (SEC) to resolve investigations into Wells Fargo’s sales practices.

The new breed of cyberattack only heightens the need for risk management software

For anyone working in cybersecurity, risk management or just in business generally, it can feel like the volume and variety of cyberattack is constantly growing. Just when an organisation feels like it has got on top of one type of cyberattack, then there is a new and potentially more damaging threat to manage.

At the start of the year (2020) we wrote about the Travelex ransomware attack, which saw the foreign exchange company held to ransom by attackers and its online presence affected for almost two weeks. But a new breed of cyberattack only heightens the needs for more effective risk management software.

Why operational risk management should be used pro-actively

CEOs, COOs and the rest of the c-suite will always talk a good game when it comes to operational risk management and how their organisation manages, mitigates and prioritises risk. They know that risk is everywhere in 2020 and broadly speaking, they are prepared to invest in the risk management software that is required to manage risk effectively.
Yet how seriously does the average c-suite in a mid-sized or larger business, really take risk management? For many organisations, operational risk management is still perceived as a somewhat defensive business function, there to prevent bad events from impacting the company more than it has to.

Brexit 2020 and the implications for regulatory compliance

More than three years after the initial referendum to decide whether or not the UK should remain part of the European Union (EU), and around one year since the original deadline to leave was set, the UK finally left the EU on 31 January 2020.

Anyone in the UK or Europe expecting significant and immediate change after Brexit however, would have been left most disappointed. There is a transition period until the end of December 2020 when all EU rules still apply in the UK. This means there remains much to discuss, especially in terms of Financial Services (FS) and how issues such as passporting will be addressed in the long-term.

GDPR Data Breach Survey highlights the importance of risk mapping

Recent analysis by law firm DLA Piper has revealed that since the General Data Protection Regulation (GDPR) came into force on 25 May 2018, more than 160,000 data breach notifications have been made to authorities.
As of 28 January 2020, this equates to approximately 263 data breach notifications every single day – an astonishing amount, given the time and resource that has been spent preparing organisations across the world for GDPR. Firms have invested in risk management software, cybersecurity systems, GRC software and a whole range of other IT GRC tools, but what this volume of breaches indicates is the need for smart and accurate risk mapping.

Travelex, ransomware and the role of risk management software in defending against it

When we predicted the cybersecurity trends for 2020, ransomware was one of the main factors we discussed. It’s been around since 2012 and has really come to prominence as a threatover the past few years in particular.
This growth in ransomware attacks has led to companies taking IT risk management much more seriously than previously. It has also encouraged significant growth in cybersecurity tools and integrated cybersecurity modules within GRC software and IT GRC tools.

How to ensure compliance with the California Consumer Privacy Act

1 January 2020 not only marked the start of a new year but a new decade. The previous decade was notable for many things, but prominent amongst them was a major focus on compliance and data privacy and security in the digital age.
The regulatory compliance that had been in place before then had been developed at the start of the internet era and had soon become unfit for purpose. Consumer data was not protected effectively, a situation that needed to be addressed. This protection arrived in the shape of regulation such as the European Union’s (EU) General Data Protection Regulation (GDPR), which came into force in May 2018.

New Year honours data breach highlights the importance of risk management tools

For anyone that lives or works in the UK, the New Year’s honours list is always something that gathers a lot of attention. An annual tradition that began in Queen Victoria’s reign, the New Year honours are part of the British Honours system and reward people for a wide variety of achievements.
These include sporting success, military bravery, public service and much more, and recognise celebrities as well as members of the general public. The most recent New Year honours announcement (27 December 2019) was even more high profile than usual, as the UK government posted online the private addresses of more than 1,000 people to be awarded New Year’s honours.