Featured Product

    HKMA Publishes First Issue of Regtech Watch Newsletter

    November 12, 2019

    HKMA published the first issue of Regtech Watch newsletter, which provides information on actual or potential regtech use cases rolled out or being explored in Hong Kong or elsewhere. This inaugural issue outlines regtech use cases in the area of cyber defense. It is observed that the application of regtech for cyber risk management is gaining popularity across banks in Hong Kong. This issue of the newsletter summarizes three examples of such use cases involving behavioral biometric techniques, analytics of activity logs, and automation of cyber-security routine tasks.

    Recognising the growing importance of Regtech, HKMA has launched a series of initiatives under the Banking Made Easy initiative to facilitate the adoption of regtech in Hong Kong. A workstream has been established to reach out to artificial intelligence firms, technology firms, and consulting firms to understand latest initiatives and ideas in the regtech space. Over twenty pilot trials of regtech use cases, including remote onboarding technologies, have been allowed under the Fintech Supervisory Sandbox of HKMA while about seventy discussion sessions have since been held through the Fintech Supervisory Chatroom. In the process, HKMA has picked up a broad range of local and overseas regtech use cases on prudential risk management and regulatory compliance. Out of these use cases, the newsletter showcases the following: 

    • Behavioral biometric techniques. In a regtech use case, behavioral biometric techniques were adopted to step up user authentication and fraud detection using multi-factor authentication. These techniques can also be used to combat automated credential stuffing attacks, as it could be more challenging for automated robots to simulate natural human behaviors.
    • Analytics of activity logs. Some banks started to explore the use of advanced artificial intelligence algorithms to continuously comprehend what normal system, network, and user activities should look like and then use it as a basis to detect potentially abnormal patterns. This provides banks with enhanced anomaly detection capability even for unseen cyber-attacks. Such techniques may also reduce the extent of human workload required to operate these solutions.
    • Automation of cyber-security routine tasks. Human errors can hardly be eliminated in cyber defense even with a robust governance framework, clear operational guidelines, and quality assurance efforts. In view of this, some banks are exploring the use of Robotic Process Automation, a technology that makes use of software robots to observe and learn from standard user behaviors such as how users interact with systems and how users respond to different business inputs or scenarios.

    Apart from these three use cases, HKMA has noted some emerging regtech solutions that may also be relevant to the cyber defense of banks going forward. This includes solutions designed to deter credential stuffing attack. These solutions aim to tactfully reply to the attackers with fake web pages, with the aim to deceive the attackers into believing that the stolen credentials are valid, thus reducing the value of these stolen credentials in the dark market.

     

    Keywords: Asia Pacific, Hong Kong, Banking, Regtech, Cyber Risk, Artificial Intelligence, Regulatory Sandbox, Regtech Watch, Fintech, HKMA

    Related Articles
    News

    ECB Finalizes Methodology to Assess CCR and A-CVA Risk of Banks

    ECB finalized the guide on assessment methodology for the internal model method for calculating exposure to counterparty credit risk (CCR) and the advanced method for own funds requirements for credit valuation adjustment (A-CVA) risk.

    September 18, 2020 WebPage Regulatory News
    News

    EBA Provides Opinion on Definition of Credit Institution in CRR

    EBA published an Opinion addressed to EC to raise awareness about the opportunity to clarify certain issues related to the definition of credit institution in the upcoming review of the Capital Requirements Directive and Regulation (CRD and CRR).

    September 18, 2020 WebPage Regulatory News
    News

    APRA Consults on Alignment of Daily Liquidity Report for Banks

    APRA is consulting on updates to ARS 210.0, the reporting standard that sets out requirements for provision of information on liquidity and funding of an authorized deposit-taking institution.

    September 17, 2020 WebPage Regulatory News
    News

    FED Releases Scenarios for Second Round of Stress Tests on Banks

    FED released hypothetical scenarios for a second round of stress tests for banks.

    September 17, 2020 WebPage Regulatory News
    News

    PRA Announces Update on Supervisory Benchmarking Portfolio Exercise

    PRA published updates in relation to the 2021 Supervisory Benchmarking Portfolio exercise.

    September 14, 2020 WebPage Regulatory News
    News

    FED Revises and Extends Capital Assessment and Stress Testing Reports

    FED adopted a proposal to extend for three years, with revision, the capital assessments and stress testing reports (FR Y-14A/Q/M; OMB No. 7100-0341).

    September 14, 2020 WebPage Regulatory News
    News

    HKMA Updates Policy Module for Non-Centrally Cleared OTC Derivatives

    HKMA revised the Supervisory Policy Manual module CR-G-14 on margin and other risk mitigation standards for non-centrally cleared over-the-counter (OTC) derivatives transactions.

    September 11, 2020 WebPage Regulatory News
    News

    EBA Updates List of Validation Rules for Reporting by Banks

    EBA issued a revised list of validation rules with respect to the implementing technical standards on supervisory reporting.

    September 10, 2020 WebPage Regulatory News
    News

    EBA Responds to EC Call for Advice to Strengthen AML/CFT Framework

    EBA published its response to the call for advice of EC on ways to strengthen the EU legal framework on anti-money laundering and countering the financing of terrorism (AML/CFT).

    September 10, 2020 WebPage Regulatory News
    News

    NGFS Advocates Environmental Risk Analysis for Financial Sector

    NGFS published a paper on the overview of environmental risk analysis by financial institutions and an occasional paper on the case studies on environmental risk analysis methodologies.

    September 10, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 5803