Hacktivism Grabs The Headlines But Compliance And Regulation Are The Stealth Threat

It was reported on Friday that the UK and US are to carry out "war game" cyber attacks on each other as part of a new joint defence against online criminals. According to reports, the first exercise, a “staged attack on the financial sector”, will take place later this year, officials said.

The "unprecedented" arrangement between the two countries was announced by Prime Minister David Cameron ahead of talks with US President Barack Obama. The announcement shows that the cyber threat is top of the news agenda in 2015.

Last month’s other big story – the Sony Pictures hack – remains headline news.

As we tweeted earlier this week, the boss of Sony Pictures reportedly said there is no playbook for dealing with this sort of hack. He commented: "You are in essence trying to look at the situation as it unfolds and make decisions without being able to refer to a lot of experiences you've had in the past or other people's experiences. You're on completely new ground."

Internet security experts might beg to differ! His subsequent comment is really quite extraordinary: "They came in the house, stole everything, then burned down the house. They destroyed servers, computers, wiped them clean of all the data and took all the data."

The Fifth Step take on this is that smart security and Business Continuity Planning can play a hugely important role in ensuring that when a crisis hits, the business is hardwired to absorb the shock. In other words, business continuity isn't a separate activity, but part of good business preparedness.

While ”hacktivism” continues to dominate the online sphere, the spectre of banking and insurance regulation continues to haunt the dreams of COOs, CFOs and other C-suite players. In the banking world the focus is very much on Basel III. As a new article, Transformation or Extinction: The Consequences of Basel III for the Banking Industry, published by CAPCO outlines:

“Banks will experience higher pressure on their return on equity (ROE) due to increased capital and liquidity costs. Increased RWAs will put pressure on margins across all segments. Banking segments such as retail banking, corporate banking, and investment banking will be affected in different ways [Accenture (2011)]. The higher costs will lead to a reduction in profitability.”

It’s not just the banks of course that have to cope with the demands of impending solvency regulations. The insurance version of Basel III also featured in this week’s news when the online portal Solvency II News reported that European insurers face a “make or break year in 2015” with the industry also facing a challenge to maintain profits in a tough environment while also being seen to be treating customers fairly in an invasive regulatory environment.

Governance frameworks have never been more important as is made clear by a new Prudential Regulation Authority (PRA) Consultation Paper CP26/14.

The PRA aims to give insurers the heads up in order to prepare for, and respond to, the revised framework. It has been reported that the PRA is proposing a stricter, more extensive authorisation regime and compliance with conduct standards. It seems likely that more key roles will fall into the regulatory scope of influence.

A new rule in the Consultation Paper introduces the concept of "Governance Maps". The PRA will require all firms to create and maintain a written record of key functions, names of role holders (and details of their responsibilities), reporting lines and any relationships with Group companies. It will be required of companies that their Map is accurate and reflects the responsibilities of executives.

The key to managing and mitigating the challenges posed by such regulations, in a Governance environment that is increasingly risk aware, is to implement strong governance that actively influences strategy and decision-making. Fifth Step is experienced in developing and implementing governance frameworks which are both meaningful and sustainable in businesses of all types and industries.