be_ixf;ym_201910 d_14; ct_100

A Model CIO: Equifax CIO Keeps Showing Us How *Not* to Respond to a Breach

The big news out of Equifax this week is its $700 million settlement, including up to $425 million in consumer restitution, as a result of its 2017 data breach, which exposed the private financial data of over 145 million Americans. It’s the most expensive breach settlement ever. While the settlement really drives home the point

Risk Management and HR

The Risk Management/HR Connection

How often do you engage with human resources (HR)? Risk managers may not give a lot of thought to HR, but they should. According to COSO and its industry leading ERM framework (Enterprise Risk Management – Integrating Strategy and Performance), attracting, developing, and retaining capable individuals is a key element of governance and culture. Why does


Hate Illegal Telemarketing Calls? So Does the FDIC.

Have you ever felt like there isn’t being enough done to enforce the Do Not Call List? Between spoofed robo-dialing and other unwanted calls, picking up your home phone barely feels worth the effort. It’s the audio equivalent of a mailbox full of advertising flyers. The good news is at least one agency is taking

data driven risk management

Are You Using a Data-Driven Approach to Compliance Risk?

There are financial institutions that usually feel confident about enterprise risk management. They feel they’ve identified and assessed potential risk, risk tolerance levels have been defined, and strategies are in place for mitigating risk. Yet too often their risk monitoring activities fall short. Unfortunately, many institutions get monitoring wrong. From missing essential steps to monitoring

risk podcast ABA

3 Elements of a Vendor Cyber Monitoring Program

Growing cyber threats have made real-time monitoring of vendors an increasingly important element of a vendor management program. I sat down with Sam Lisker, ABA’s senior vice president of innovation in the office of member engagement, at the 2019 ABA Risk Management Conference in Austin, to talk about this evolving technology and how it can


Frequently Asked Questions About Cyber Monitoring

Vendor cybersecurity monitoring provides real-time data on vendors’ cybersecurity by collecting and assessing publicly available information. It detects threats and vulnerabilities before they are exploited so that action can be taken to prevent breaches. Cybersecurity ratings can: Uncover and address cybersecurity issues that need to be resolved before they are exploited. Identify third-party vendors that

The Franklin Synergy Bank Team!

Lessons Learned from Giving Away 1,100 T-Shirts at an ABA Conference

Forget Instagram likes. If you’ve ever longed to feel more popular and in-demand, handing out your full inventory of 1,100 free t-shirts at the ABA Compliance Conference in New Orleans earlier this month is where it’s at. These weren’t just any t-shirts. These specially-designed, Ncontracts t-shirts clearly spoke to compliance and risk management professionals. They


What to Do When You’re Worried About Your Vendor’s Finances

No one knows when the next downturn is coming. The only thing we can do is to assume one will come sooner or later and put plans in place to mitigate the risk. Chances are your institution’s balance sheet is as prepared as it can be for economic disruptions. That’s the very nature of banking.

In this world nothing certain death and taxes

OCC: Operational Risk Remains Elevated

The only certainties in life are death and taxes, the saying goes, but I can think of one more thing: risk. Even as we work to mitigate risks, new ones are constantly emerging. Or, as is the case with cyber risk, old controls become less reliable as fraudsters find ways around them. The Office of

 Featured image for Ask Me Anything Q&A
NGAGE 2019
User Conference