Featured Product

    US Treasury Publishes Reports on Third-Party Risk, Other Updates

    December 16, 2022

    The US Treasury announced that the G7 Cyber Expert Group (CEG) released two reports addressing ransomware and third-party risk in the financial sector. Additionally, the Financial Stability Oversight Council (FSOC) released the annual report, which outlines certain recommendations to mitigate the identified vulnerabilities in the financial sector.

    The FSOC annual report for 2022 reviews financial market developments, describes potential emerging threats to U.S. financial stability, identifies vulnerabilities in the financial system, and makes recommendations to mitigate those threats and vulnerabilities. In the report, the Council identifies 14 financial vulnerabilities that have been categorized into financial risks, financial institutions, financial market structure, operational and technological risks, and climate-related financial risks. The report sets out the following key recommendations with respect to digital assets, climate risks, cyber risk, and LIBOR transition:

    • To address gaps identified in the regulation of digital assets, the Council recommends the enactment of legislation providing for rulemaking authority for federal financial regulators over the spot market for crypto-assets that are not securities. Steps should be taken to address regulatory arbitrage, since crypto-asset entities offer services similar to traditional financial institutions but do not have a consistent or comprehensive regulatory framework.  An assessment should be made of whether vertically integrated market structures can or should be accommodated under existing laws and regulations. Finally, the Council recommends that Council members continue to build capacities related to data and the analysis, monitoring, supervision, and regulation of digital asset activities.
    • The Council supports actions to improve the availability of data for assessing climate-related financial risks and recommends state and federal agencies coordinate to identify, prioritize, and procure the necessary data.  The Council also recommends state and federal agencies continue their work to advance appropriately tailored supervisory expectations of regulated entities’ risk management practices.  Financial regulators should continue to promote consistent, comparable, and decision-useful disclosures that allow investors and financial institutions to consider climate-related financial risks in their investment and lending decisions.  The Council recommends enhanced coordination of data and risk assessment through the Council’s Climate-related Financial Risk Committee.
    • The Council supports ongoing partnerships between state and federal agencies and private firms to assess cyber vulnerabilities and further build cyber resilience. The report notes that Council member agencies made significant strides in 2022 in their efforts to collect better data for managing cyber risk; the Council encourages agencies to continue gathering additional information they need to monitor and assess cyber-related financial stability risks. 
    • Given the large volume of legacy USD LIBOR contracts outstanding, the Council advises firms to take advantage of any existing contractual terms or opportunities for renegotiation to transition their remaining legacy LIBOR contracts before the publication of USD LIBOR ends. The Council members have emphasized that derivatives and capital markets should continue moving to SOFR, a broad and robust measure of borrowing rates.

    The report on the fundamental elements of ransomware resilience for the financial sector provides financial entities with high-level building blocks for addressing the ransomware threat. It is part of a series of Fundamental Elements produced by the CEG, which provides an overview of the current policy approaches, industry guidance, and best practices in place throughout the G7. Additionally, G7 has revised the 2018 fundamental elements of cybersecurity for the financial sector to focus on the management of third-party relationships as well as on the Information and Communications Technology (ICT) supply chain management. The updated fundamental elements stress the importance of extensive information-sharing and transparency to cope with an ever-changing threat landscape. G7 has added a new fundamental element (Element 7) describing the role of third parties in the financial sector.


    Related Links

    Keywords: Americas, US, Banking, Cyber Risk, ESG, Climate Change Risk, Benchmark Reforms, Crypto-Assets, Regtech, Third-Party Risk, Cloud Computing Services, US Treasury

    Featured Experts
    Related Articles

    FINMA Approves Merger of Credit Suisse and UBS

    The Swiss Financial Market Supervisory Authority (FINMA) has approved the takeover of Credit Suisse by UBS.

    March 21, 2023 WebPage Regulatory News

    BOE Sets Out Its Thinking on Regulatory Capital and Climate Risks

    The Bank of England (BOE) published a working paper that aims to understand the climate-related disclosures of UK financial institutions.

    March 13, 2023 WebPage Regulatory News

    OSFI Finalizes on Climate Risk Guideline, Issues Other Updates

    The Office of the Superintendent of Financial Institutions (OSFI) is seeking comments, until May 31, 2023, on the draft guideline on culture and behavior risk, with final guideline expected by the end of 2023.

    March 12, 2023 WebPage Regulatory News

    APRA Assesses Macro-Prudential Policy Settings, Issues Other Updates

    The Australian Prudential Regulation Authority (APRA) published an information paper that assesses its macro-prudential policy settings aimed at promoting stability at a systemic level.

    March 07, 2023 WebPage Regulatory News

    BIS Paper Examines Impact of Greenhouse Gas Emissions on Lending

    BIS issued a paper that investigates the effect of the greenhouse gas, or GHG, emissions of firms on bank loans using bank–firm matched data of Japanese listed firms from 2006 to 2018.

    March 03, 2023 WebPage Regulatory News

    HMT Mulls Alignment of Ring-Fencing and Resolution Regimes for Banks

    The HM Treasury (HMT) is seeking evidence, until May 07, 2023, on practicalities of aligning the ring-fencing and the banking resolution regimes for banks.

    March 02, 2023 WebPage Regulatory News

    MFSA Sets Out Supervisory Priorities, Issues Reporting Updates

    The Malta Financial Services Authority (MFSA) outlined its supervisory priorities for 2023

    March 02, 2023 WebPage Regulatory News

    German Regulators Issue Multiple Reporting Updates for Banks

    Deutsche Bundesbank published the nationally deactivated validation rules for the German Commercial Code (HGB) users on the taxonomy 3.2, which became valid from December 31, 2022

    March 02, 2023 WebPage Regulatory News

    BCBS Report Examines Impact of Basel III Framework for Banks

    The Basel Committee on Banking Supervision (BCBS) published results of the Basel III monitoring exercise based on the June 30, 2022 data.

    February 28, 2023 WebPage Regulatory News

    PRA Consults on Prudential Rules for "Simpler-Regime" Firms

    Among the recent regulatory updates from UK authorities, a key development is the first-phase consultation, from the Prudential Regulation Authority (PRA), on simplifications to the prudential framework that would apply to the simpler-regime firms.

    February 28, 2023 WebPage Regulatory News
    RESULTS 1 - 10 OF 8806