What can 3,000 ICT incidents tell us about operational resilience?
With the ESA’s first report on major ICT-related incidents finding that operational risks are becoming borderless and interconnected, is it time for firms to reassess their security and resilience measures?
Now you see it, now you don’t – Why ephemeral messaging capture remains critical for compliance
Regulators like the SEC, CFTC, and DOJ continue to expect firms to maintain proactive compliance programs that support investigations and protect against fraud, which includes managing the use of disappearing messages. We explore the compliance implications of ephemeral messaging and outline practical steps to mitigate risk and meet regulatory obligations.
Ready, set, resilience: Reassessing cyber resilience in the AI era
Regulators and authorities globally are advising organizations of the increasing risks posed by frontier AI models such as Claude Mythos. This begs the question: what are the essential steps to strengthen cyber defenses and remain operationally resilient amidst a transforming industry?
Cyber threats and geopolitical concerns dominate the Danish FSA agenda
As geopolitical tensions rise and cyber threats become more sophisticated, potentials for a "kill switch" are increasing and destabilising Danish firms. Firms must look to protect themselves against danger caused by a single system vulnerability or deep third-party dependence.
How can financial services firms ensure their operational resilience?
Operational resilience must become a boardroom priority for firms as they protect themselves from becoming vulnerable to cyberattacks and regulatory scrutiny.
10 questions we always get asked during security due diligence
Given the increase in cyber security incidents, firms are reassessing strategies and looking to implement more robust and secure solutions. Find out the steps Global Relay takes to ensure your data remains protected.
How is comprehensive risk management a competitive advantage?
With security incidents and data breaches becoming more prevalent – and more disruptive – sound risk-management frameworks can not only minimize threats but give businesses a competitive advantage.
FINRA 2026 Oversight Report flags GenAI, recordkeeping, and cybersecurity risks
The regulator’s annual Oversight Report has highlighted GenAI, recordkeeping, cybersecurity, and third parties as areas where firms should focus efforts to strengthen compliance programs.
How to choose an operationally resilient technology vendor
System outages are on the rise, leaving firms struggling to ensure operational resilience and reconsidering business continuity plans. We set out the key steps to consider when choosing an operationally resilient tech vendor.
EU NIS2 Directive for Financial Entities
The digital backbone of Europe’s economy, energy grids, transport networks, banks and healthcare, is under constant attack. Escalating cybersecurity threats, with 60% of attacks via phishing, have caused the EU to introduce the NIS2 Directive in an attempt to drastically strengthen cybersecurity and resilience.
OSFI B-10: Third-Party risk management for Canadian financial entities
In April 2023, Canada’s Office of the Superintendent of Financial Institutions (OSFI) published its final Third-Party Risk Management Guideline, which sets out associated risk management expectations for Federally Regulated Financial Institutions (FRFIs). Find out how to effectively manage OSFI B-10 third-party risk in Canada throughout the engagement lifecycle and how technology is streamlining B-10 compliance.