Managing catastrophic risk

As terrorist attacks, threats of regional and global pandemics and fraud increasingly shape life on earth, banks and other financial institutions have never needed to more proactive in how they manage risk. The theme of catastrophic risk was tackled by a panel of risk experts working at banks and SWIFT, sharing their experience in risk mitigation and discussing steps that financial institutions need to take to function in the face of adversity.

Like other sessions at Sibos 2006, this 90-minute panel relied extensively on audience participation, with electronic voting machines placed on each table to gauge responses to various questions relating to risk preparedness.

The first question posed to the audience asked what kind of risks people were most concerned with. Although some indicated that risks posed by terrorism and epidemics like avian flu were of concern, fraud was by far the primary concern.

ôIssues such as fraud and money laundering for the banking industry is something that we canÆt avoid and is a real driver for our risk platform,ö says Neil Gallagher, former FBI employee and currently homeland security executive at Bank of America.

Outside of money laundering, other panel members stressed that risks are also evident in the deviant activities of computer hackers.

"We are seeing hackers growing in numbers and in sophistication and have used this environment of increased fraud to motivate our phase two, which is a way to protect against it,ö says Mike Fish, chief information office at SWIFT. ôMore and more, hackers are creating worms and viruses that can cause catastrophic risk and are going after the private infrastructures of companies, and although we secure ourselves, the financial industry will always have to put processes around technology.ö

Although fraud appeared the primary concern of delegates, the panelists also shared experiences relating to 9/11 and how banks and other organisations can better prepare if a major terrorist act occurs.

ôWhen 9/11 happened all of our contingency planning became a reality, particularly as we lost a primary operating centre and data centre in New York City,ö says Lester Owens, managing director, Deutsche Bank. ôWithin minutes it was gone, but we were able to get back to work through a contingency plan.ö

According to Owens, who was also supported by Gallagher and Fish, there is a multi-level contingency plan that should be followed if a mass scale terrorist act like 9/11 occurs. Firstly, he recommends that there is a holistic plan in place and that employees are aware of their specific roles. On top of that, there needs to be a global robust operating model if the business is to keep on functioning and that the development of a temporary staging area is key, should the disaster recovery site by inaccessible. Finally, he encouraged network resiliency to minimise any impact caused by either a terrorist threat or an event like a natural disaster.