26 September 2008

Human Psyche: Transparency of Risk Profiles...

In a July 2008 a global Economist Intelligence Unit survey; 71% of the financial services executives admitted that their Enterprise Risk Management (ERM) strategy has not been fully implemented. 59% of the 316 executives say that the current credit crisis has put a high magnification microscope on their risk management activities and strategy.

Corporate executives might think that compliance would be a driving factor behind the need to break down the silos in the enterprise and become a more holistic risk management culture. This could not be farther from the truth. People are the only factor when it comes to addressing culture. However, the failing organizations have it upside down. They have been so focused on the sophisticated mathematics, they have lost sight of what really changes the culture more rapidly and pervasively. Leadership and culture. Human behavior working towards greater transparency of risk profiles and the management of reputation will work miracles compared to the "Hedge Quants" trying to manipulate the algorithms to obtain the desired results. We want to trust the data, but can we? The credit scoring applications can't keep up with the pace of the market changes.

The ERM strategy of the future needs to be focused on changing peoples behavior to impact "Reputation", as opposed to just another regulatory hammer to gain compliance. Therefore, Operational Risk Management and enhancing the perception of confidence in the "eye of the customer", will provide the peace of mind that is required to keep the flow of trust in the global markets. The Board of Directors policy implementation on risk management and developing a culture of ERM to better manage the implications of reputation is the top item on the upcoming meeting agendas.

Most shocking in the survey results are that financial institutions with $100B. in assets or greater; only 55% have someone in the dedicated task of "Chief Risk Officer". This means that 45% do not have a dedicated person who can see the entire ERM porfolio of risk. Institutions under $100.B in assets are in even worst shape.

In what is by far the largest bank failure in U.S. history, federal regulators seized Washington Mutual Inc. and struck a deal to sell the bulk of its operations to J.P. Morgan Chase & Co.

The collapse of the Seattle thrift, which was triggered by a wave of deposit withdrawals, marks a new low point in the country's financial crisis. But the deal, as constructed by the Federal Deposit Insurance Corp., could hold some glimmers of hope for the beleaguered banking system because it averts any hit to the bank-insurance fund.

Instead, J.P. Morgan agreed to pay $1.9 billion to the government for WaMu's banking operations and will assume the loan portfolio of the thrift, which has $307 billion in assets. The full cost to J.P. Morgan will be much higher, because it plans to write down about $31 billion of the bad loans and raise $8 billion in new capital. All WaMu depositors will have access to their cash, but holders of more than $30 billion in debt and preferred stock will likely see little if any recovery.


Walking throught the halls at the FDIC several months ago, this writer could almost smell the fear that was building. How are we going to deal with the new "tsunami of failed financial institutions" in the coming months? What will the domino effect be on customers psyche? Now, there are even fingers being pointed at the mechanisms for ensuring transparency to investors and customers:


Ultimately, those who blame fair-value accounting for the current crisis are guilty of the financial equivalent of shooting the messenger. Fair value does not make markets more volatile; it just makes the risk profile more transparent.

We should be pointing fingers at those at Lehman Brothers, AIG, Fannie Mae, Freddie Mac and other institutions who made poor investment and strategic decisions and took on dangerous risks. Blame should not be paced on the process by which the market learned about them.




22 September 2008

Decision Advantage: OPS Risk Intel...

The "Wall Street to Main Street" sound bytes are coming fast and furious on our multiple channels of media. Attacks on the US Embassy in Yemen and the Marriott hotel in Pakistan provide us with the other side of the Operational Risk Management Mosaic. Whether the "financial terrorists" are operating in the shadows of their trading accounts or "Islamic Jihadists" assembling components in the garage of an unknown warehouse, risk management is on their mind. And embedded in their operational trade craft.

OPS Risk Intelligence tells us what you are concerned about, or trying to learn more. If you are reading this you may have landed here on the Internet because you were searching for answers on some facet of Risk Management. These are just a few of the items that caught our eye in the last 24 hours:
  • does "fre 502" apply retroactively
  • security issues 4gw 4th generation warfare ? conflict and completion ? what can we learn from this to management
  • levels of risk, operational versus strategic risk
  • risk management for trucking business
  • hp hewlett packard plant safety risk manager
  • cyber risk insurance questionnaire
  • memento actimize
  • erm for citi bank
  • the economics of risk management
  • strategic operational risk
  • risk management blog
  • "country risk" offshore
  • what risk is associated with spam?
  • ? iso (bs 27001? british standard for information security management, mandated for the nhs in 2001 how to
  • bank audit
  • case study societe generale
  • best practices for seizing electronic evidence
  • risk management convergence
  • telecom operational risk management training
  • risk and human factors
  • how military contingency plans are formulated
  • financial health suppliers risk management
  • bank audit and compliance, risk management

How do I continuously monitor my vulnerability and the likelihood of disaster before I achieve my mission? Hedging the risk on whether a stock will decline in value before a certain date and arriving undetected in a truck with a ton of explosives at a certain time both have several risk factors in common. Stealth is one of them. Therefore, only accurate and timely intelligence gained before the trigger event, can make the difference for the targets survival.

(Reuters) - Goldman Sachs Group Inc (GS.N: Quote, Profile, Research, Stock Buzz) said on Sunday it would become the fourth largest bank holding company and would be regulated by the Federal Reserve.

Goldman said it would move assets from a number of strategic businesses, including its lending businesses, into an entity called GS Bank USA that would have more than $150 billion in assets.

GS Bank USA would be one of the ten largest banks in the United States, with assets that are fully funded for term and available to funded by the Federal Reserve.


By dispatching suicide bombers to the capital—and particularly to such a high-profile target—the extremists appear to be continuing their bid to force the Pakistani government to halt ongoing military operations in the troubled region, which borders neighboring Afghanistan.

But the bombing, which killed some 57 people—most of them ordinary Pakistanis—is being dubbed as the "9/11 of Pakistan," and is seen by many as a declaration of war on the part of local Taliban. It has also suddenly changed the tone of the government leaders who until recently have been publicly mulling peace deals with the militants.


If you are the target of a takeover by your competitive adversary on the global financial landscape or just another "soft target" hotel or other critical infrastructure, the game remains the same. Gaining intelligence that has been validated from a vetted and trusted source, is what creates a "Decision Advantage."


16 September 2008

EO 12333: Open Source Intelligence...

As the headlines continue to shout for more oversight, regulation and legal actions in the aftermath of chaos in global financial markets; the corporate investigations and security departments are at full capacity. Outsourcing the investigations is not anything new, and it makes even more sense in times when an independent point of view is essential:

A blend of advanced technology, increased litigation and rising fears about trade secret theft and financial fraud is driving law firms and corporate counsel to the doors of former FBI agents and ex-prosecutors with a knack for solving crimes.

These private investigators report that calls for help from law firms and corporate general counsel have increased substantially in recent years.

Attorneys are looking for assistance on a wide range of problems, including: corporate espionage, intellectual property theft and workplace discrimination claims.

At the core of many of these problems, lawyers note, is a mountain of computer evidence too technical and too overwhelming for attorneys to dissect on their own.

"Most lawyers do not have the technological experience or the accounting expertise to do almost any of the stuff that these guys do," said attorney Alan Brudner, head of litigation and investigations of the U.S. division of UBS Securities LLC, an international financial services firm.


Corporate Counsel should be reinvesting in the consistent lawful monitoring of employees, contractors and suppliers as it pertains to Executive Order 12333. This has been recently amended and clearly spells out the refocus on our intelligence efforts to address the following threats to our corporate trade secrets and national security:


(c) Intelligence collection under this order should be guided by the need for information to respond to intelligence priorities set by the President.

(d) Special emphasis should be given to detecting and countering:

(1) Espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests;

(2) Threats to the United States and its interests from terrorism; and

(3) Threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction.

(e) Special emphasis shall be given to the production of timely, accurate, and insightful reports, responsive to decision makers in the executive branch, that draw on all appropriate sources of information, including open source information, meet rigorous analytic standards, consider diverse analytic viewpoints, and accurately represent appropriate alternative views.


Suffice it to say that more than ever, "Open Source" information is becoming the starting point for all intelligence collection activities. In the context of the corporate policy regarding the use of systems, most if not all companies have the right to monitor all applications for "Red Flag" indicators of fraud, espionage or other violations of state and federal laws. Corporations are using "Open Source" information to determine the initial profile of potential candidates for open positions including the analysis of FaceBook, MySpace and LinkedIn social networking sites.

Executive Order 12333 emphasizes US citizens rights:

The Executive Order maintains and strengthens existing protections for Americans' civil liberties and privacy rights. The Executive Order retains and reinforces the provisions in place in the original Executive Order 12333 to ensure that all intelligence activities are conducted in a manner that protects the civil liberties and privacy rights of Americans. All collection, retention, and dissemination of information regarding United States persons must be conducted in accordance with procedures approved by the Attorney General.


Executive Management and Boards of Directors will be reexamining the current state of their policies regarding the monitoring of employees and other stakeholders. Essential tools and operational risk management methodologies must not only be utilized to safeguard our corporate secrets from theft and economic espionage, they must simultaneously protect our privacy and civil rights. There are mechanisms in place for "Joe Citizen" to address his identity and the right to correct any information that is incorrect or in error. However, in this age of Wiki's, social networking sites and sophisticated data mining techniques it's possible that one's identity could be associated with other information that is derogatory, disparaging or can damage a persons reputation.

Managing your own identity and reputation in a vast sea of "Open Source" information is imperative. In a world of intelligence collection, analysis and production the integrity of data is just as important as the confidentiality and the assurance of the data. Making sure that Lexis Nexis, TransUnion, Experian and Equifax are using the correct information associated with your identity could make the difference in critical facets of your life, both personal and professional.

Who is managing your identity today? Private and law enforcement investigators may start with "Open Source" information to develop a profile, yet that is only the beginning. Vetting sources and individuals who provide information is a key part of the process. Certifications, training, regulation and continuous oversight will ensure that people are continuously improving their skills, techniques and processes. The rest, is up to you.

08 September 2008

A Perfect Storm: OPS Risk & The Asian Factor...

The forensic professionals have been busy at Freddie Mac and Fannie Mae over the past six months, and we are only looking at the tip of the ice berg. The results are in and Uncle Sam (US) is now adopting them in order to try and achieve new corporate governance and operational risk management objectives. The "Asian Factor" is a major influence in this decision.

The historic announcement has been well received by some of the institutions and Asian countries that were heavily invested in the US mortgage backed securities market. In Hong Kong, HSBC soared 4.5 percent and No.1 China lender ICBC rose 4.7 percent in trading.

Asian stock markets soared Monday after Washington announced a bailout of mortgage giants Fannie Mae and Freddie Mac — a move that could help bolster a shaky U.S. housing market and renew global investor confidence.

The initial relief will give some the feeling that the worst is over and that is not the case. The Operational Risks associated with these events have now increased exponentially as new people take over and existing people jump off the sinking ship. Just the attrition in manpower will create new threats from within these organizations in the form of just errors and omissions alone.

And now let the litigation begin:

A shareholder is suing five banks, claiming they did not warn her or other investors about a proposed accounting-rule change that lowered the value of Fannie Mae stocks she bought, Bloomberg News reported.

The proposed rule is FAS 140, the accounting standard that specifies the conditions for keeping securitized assets off the balance sheet. If the proposal is issued in its current form and takes effect in November 2009 as expected, it could force companies like Fannie Mae to bring some special-purpose entities back on their balance sheet.

Plaintiff Karen Orkin, who bought 600 shares of class B Fannie Mae shares, filed the suit in New York State Supreme Court in Manhattan this week as a proposed class action, according to Bloomberg. The complaint reportedly says 89 million shares of the stock were sold, and the share price sunk by 44 percent in value in four months.

The five banks — Citigroup, Merrill Lynch, Wachovia, Morgan Stanley, and UBS — formed a syndicate to underwrite the stocks. Wachovia, Morgan Stanley, and UBS declined to comment on the suit.

The lawyers and the accountants are circling the feeding frenzy looking for new opportunities to cash in on the next phase of the sub-prime mortgage crisis. And they are not the only firms that have been gearing up for the court room drama in the months and years to come. FTI, LECG and other eDiscovery firms such as Encore are creating specialty units to focus on the growing number of law suits and litigation as a result of the tremendous fraud allegations:

The fact that numerous government entities are involved puts a high premium on the use of sound electronic discovery processes, chain of custody and especially forensic expertise. “What may start as a broad-based investigation by the SEC could quickly evolve into a complex web of related cases,” said Hemanth Salem, Encore’s Vice President of Professional Services and member of the Subprime Services Unit. “For example, the discovery process must factor in that an investigation could quickly expand to include 10b- 5 and derivative cases, ERISA ‘stock-drop’ cases, fraud or negligence claims revolving around slack underwriting standards, lack of appropriate internal accounting controls and failure to disclose exposure to risk in MBSs and CDOs.”

As the markets stabilize and the new corporate governance takes hold at institutions across the globe, take a minute to consider the real interdependencies. Operational Risk is directly tied to the sophistication of our systems, software and algorithms that make up the very DNA of our financial trading infrastructure. Add to this the complexity of people, cultures and their behavior when emotions of fear, greed and even revenge come into play. Welcome to the "Perfect Storm" of Global Enterprise Risk Management.

02 September 2008

EDD Overload: Modern Incident Response...

Remote Digital Forensics is quickly migrating into a vast science that requires a sound combination of both legal and technical expertise. The EDD process has been helpful in educating the marketplace about the industry and the steps that are necessary for a complete and thorough eDiscovery review. However, relevancy and precision is highlighted here by Richard Betjlich:

Why copy a 2-terabyte RAID array on a server if cursory analysis reveals that a small set of files provides all of the necessary evidence to make a sound case? Expect greater use of "remote previews" during incident response and select retrieval of important files for forensic analysis.

In addition to focusing on just the material that matters, modern incident response and forensic processes are more rapid and effective than historical methods. When hard drives were 40MB in size, it was feasible for a moderately skilled investigator to fairly thoroughly examine all of the relevant data for signs of wrongdoing. With today's volume of malicious activity, hard drive size, and efforts to evade investigators (counter- and anti-forensics, for example), live response with selective retrieval and review are powerful techniques.


The explosion of ESI and EDD related businesses is creating confusion and fear in the marketplace. Corporate counsel is working with outside law firms to get a better understanding of what their specific competencies are in the processing and analysis of electronically stored information that is relevant to the case. The question may remain, are they looking at everything instead of what is material to the case thus driving up the costs of litigation and the billable hours?

The Federal Rule of Evidence 502 takes effect in a few months (December 1, 2008) and this will address part of the problem:

Managing information that is discoverable through email from Party A to Party B using the internal e-mail system provided by the employer to the third parties outside of the organization including lawyers is the nexus here. How can an organization make sense of it all and keep the GC from pointing fingers at the CIO?

The answer begins with building awareness and education with all employees in the organization, not just the legal staff and IT. It begins the moment any employee opens the word doc or excel spreadsheet. The second you reply to that IM or e-mail on your PDA . Only through effective education and policy management will the enterprise learn how to modify behavior regardless of what tools and systems are put in place to organize, sort and query ESI.
"Whether building the castle walls or defending the crown jewels, knowing the right questions can make all of the difference."

The beginning of your educational journey starts here: CastleQuest

To learn more about Remote Digital Forensic Solutions visit: 1SecureAudit