Known as the Investment Association’s Threat Intelligence Alert Network (IA TITAN), the platform will provide alerts from law enforcement, government agencies and other authorities on cyber risks via a real-time dashboard.

“Cyber security and operational resilience is a board-level focus for the investment management industry, which is why we need to tackle head-on the threat cyber espionage and financial crime can pose to members’ operations,” said Chris Cummings, CEO of the Investment Association.

“As COVID-19 has shown, criminals are prepared to take advantage of any situation for their financial gain. The ever-changing nature of these online threats goes right to the core of IA TITAN, which will provide industry-specific insights into cyber security threats, helping to keep customers and businesses safe.”

IA TITAN will be powered cyber security technology specialist Anomali, and the potential hazards that buy-side market participants will be alerted to through the new platform include potential malware, ransomware and software vulnerabilities.

Anomali chief executive, Hugh Njemanze, added that data and lack of clarity on which security technology services to adopt to combat the threat of a cyber security attack remain key challenges for investment managers.

“The problem of how to address cyberthreats is compounded by the overwhelming volumes of data about them, confusion over which security solutions are effective, and shortages of cybersecurity professionals,” Njemanze said. “With the introduction of IA TITAN, the Investment Association is arming its members with a platform that will provide them with the intelligence they need to protect their businesses against cyberattacks.”

Last week, the Investment Association welcomed five FinTech startups to participate in its recently rebranded accelerator programme. Now known as Engine, the five newcomers include cloud solution Exabel, data management platform Fundipedia, data sharing platform ipushpull, KiteEdge and workplace advice platform Rungway.

The post Investment Association unveils cyber threat dashboard for buy-side appeared first on The TRADE.

The committee will work with firms, regulators and public authorities to develop industry guidance in the face of increasingly sophisticated cyber security attacks on financial firms.

In a jointly-written report with consultancy KPMG, the IA has called on senior management at asset management firms to increase collaboration across the industry and invest in developing a cyber response framework allowing firms to rapidly detect, respond and recover from potential attacks.

“The asset management sector is prioritising cyber defence, mitigation and resilience to develop a corporate culture that embraces cyber security at its heart,” said Chris Cummings, CEO of the IA.

“Technology is transforming our industry at a speed and scale never seen before, with criminals also becoming more creative in how they attack financial systems. Cyber security issues are not going away and businesses need to understand, manage and mitigate potential cyber security risks.”

Matthew Martindale, partner and investment management cyber security lead at KPMG UK, said that while establishing a single point of contact at board level is a good first step for firms, the problem is an ongoing one and can be rooted outside of technology.

“Staff need to be educated; ask yourself whether your staff at all levels know how to identify and react to a phishing email? The adage that an organisation is only as good as its people is especially true with cyber security where the actions of one individual can have enormous ramifications,” Martindale said.

The post Investment Association targets cyber security action for asset managers appeared first on The TRADE.

Despite 87% of FTSE 100 companies identifying cyber threats as a principal risk, just 5% have disclosed having employed a director with specialist cyber security experience.

A recent study authored by Deloitte explained FTSE 100 firms acknowledge the principal risk, but there are wide variations in the disclosure of cyber risk management and strategies.

Just 11% of annual reports mentioned the creation of a new role or body to take overall accountability for cyber risk, with an increased focus on the issue expected to occur.

Phil Everson, head of cyber risk services at Deloitte UK, described the lack of resources within FTSE 100 companies for dealing with cyber threats as ‘alarming’.

“It is alarming that only one in twenty boards disclose that they currently have board members with specialist technology or cyber background and only a handful more disclose that they have advisors to the board with this experience,” he said.

In December last year, Nasdaq clearing and Nasdaq Stockholm were punished by authorities for failing to supervise and manage cyber risks.

The group was fined €5.6 million by Swedish regulators for not acquiring information from its outsourced cyber security provider to assess the quality of its services.

William Touche, leader of Deloitte’s centre for corporate governance at Deloitte UK, added companies should add planning, training and testing cyber breaches to annual reports.

“It demonstrates a company’s understanding of the cyber threats that they face. Our survey revealed a wide range in the quality of disclosure made by companies. Some do this very well, but the majority could make improvements,” he concluded.

The post Only 5% of FTSE 100 firms have cyber security board expert in place appeared first on The TRADE.

Nasdaq has been slapped with a combined fine totalling just under €5.6 million by regulatory watchdogs in Sweden, for failing to manage cyber risks.

The Swedish Financial Supervisory Authority or Finansinspektionen (FI) found Nasdaq Clearing and Nasdaq Stockholm failed to acquire information from its outsourced cyber security provider to assess the quality of its services.

Both firms outsourced cyber security to the Group’s parent company, Nasdaq.

Nasdaq Clearing has been fined SEK 25 million (€2.6 million) and Nasdaq Stockholm SEK 30 million (€3 million) for the failures.

The regulator said it found “Nasdaq Clearing and Nasdaq Stockholm have not had a sufficient basis in their risk management to make the decisions that were made and that they have not taken local conditions into consideration.”

It also found both firms had insufficient continuity guidelines and emergency plans in the case of a cyber attack.

The FI said it finds Nasdaq Clearing’s breaches to be more serious due to the importance of derivatives trading and central counterparties.

“Deficiencies at a central counterparty may have serious side-effects for other companies in the financial system. This is reflected in that the administrative fine for Nasdaq Clearing is higher in relation to its net sales,” the regulator said.

The post Nasdaq fined €5.6 million due to cyber security failures in Sweden appeared first on The TRADE.

A recent survey by PwC has found 95% of asset management CEOs are confident of revenue growth in the next three years, but do not anticipate improvements to global economy in 2016.

The survey queried 189 asset managements CEOs in 39 countries about what they expect in future from technology, data and analytics, growth and the global economy in 2016.

Global asset management CEOs have expressed a widely unanimous view that revenue will grow in 2016, with 90% saying they were either confident or very confident. An overwhelming majority of 95% of asset manager CEOs expected revenue growth in the next three years.

Interestingly, just 30% of CEOs in asset management expect improvements to the global economy over the next 12 months, and 25% expect to see further declines.

However, Richard Phillipson, principal at consultancy firm Investit, told The Trade this may be overly optimistic. He explained: “For three reasons it seems unlikely 95% of the CEOs will experience growth in revenue over the next three years.

“There is a chance fees might go down more than sales and markets go up - we have a much more price aware market now.  We work with firms designing new funds and much of the time we are looking to build low price, low cost solutions.

“The second point is that we have a more ‘winner takes all’ world so we would not expect new sales to be made uniformly. Industry revenues may go up, but this may not be experienced by 19 out of 20 firms. Thirdly, none of that takes into account the possibility of major new competitors coming to the market.”

The survey also highlighted several threats to growth for asset managers, including over-regulation, geopolitical uncertainty, volatile exchange rates and interest rate rises.

It found 61% of CEOs see stock market volatility as a threat to growth, whilst 60% emphasise cyber security as a threat.

Commenting on the survey’s findings on threats to asset management, Mark Pugh, UK asset and wealth management leader at PwC, said: “…there are grounds for wondering whether asset managers worry enough about some of these hazards.

“Are they anxious enough about cyber security, disruptive technology and changing consumer demands and expectations?”

Investit’s Phillipson expanded on Pugh’s commentary, explaining cyber security is more of an issue for IT departments and COOs than CEOs.  

Phillipson said: “Investit’s experience here is that while 60% of CEOs might think cyber security is a threat to growth, nearer 100% of Heads of IT and COOs are looking very hard at this.”

In terms of staff and employment, PwC’s survey found 69% of CEOs in asset management see a shortage of skills as a key issue, with 65% planning on expanding teams and hiring new people in 2016.

Shortage of skills is increasingly becoming an issue, as Pugh explained asset managers aren’t doing enough.

He said: “The asset management industry needs to do much more to address how they can tap in to the pools of talent available to them… It is an obvious and necessary step to start to address the skill shortage.”

Phillipson at Investit concluded skill shortage could lead to a major shift in dealing operations. He explained: “The combination of regulatory changes, particularly from MiFID II and the need to cut costs means asset managers will look more seriously into streamlining, and ultimately outsourcing their dealing desks.

“In future the best dealers might be with the outsourced providers."

As asset managers continue to cut costs, with regulatory pressures increasingly threatening growth, 86% of CEOs say they will prioritise long-term profitability over short-term.

However, focusing on long-term strategies is often easier said than done, as Phillipson pointed out: “It’s easy to say this when things are calm but when markets dip, firms are often in cost cutting mode. “

He concluded: “This might well be driven by a group policy and the fund manager is caught up in it despite their best intentions.

“The difficulty is that if asset managers do not take a more long-term view and spend to become more efficient, they will not have the low cost base from which to appeal to clients in the new low price world." 

The post Asset manager bosses extremely confident on growth prospects – PwC appeared first on The TRADE.

New EU-wide policies designed to improve cyber security may have the most impact on hedge funds and securities lending firms, according to one industry expert.

Following approval earlier this week for new EU cyber security polices, Mark Clancy, chief executive of cyber security software firm Soltra, believes that companies not used to a stringent regulatory environment will feel the most impact.

“If you have a smaller financial institution that doesn’t operate at scale, these changes could be quite complex regulations to address,” said Clancy.

“Looking outside of the traditional larger retail banking structure such as hedge funds and securities lending firms, these new policies will be new for them as they haven’t seen such heavy regulation.”

Under the new framework, EU member states will have to identify concrete ‘operators of essential services’ using set criteria including whether the service is critical for society and the economy and whether an incident could have significant disruptive effects on service provision.

Clancy believes the policy hasn’t allowed for a distinction between larger and smaller firms.

“We will see more impact outside of the larger banking structures, which is probably what the commission was aiming for as it attempted to encompass everything,” he added.

“I don’t believe that this distinction has made it through to this policy, so I still think that there is some room for risk tiering in this requirement.

The European Parliament approved a draft framework last week ordering firms supplying essential services to improve their cyber security procedures.

According to Michael Cooper, CTO of BT Radianz, the new EU policies will be the first step in a global cyber security initiative.

“Approval on these measures could be the first step towards a more globally consistent response and support against what is a significant threat for banks and financial industries,” said Cooper.

The new framework has also proposed a strategic cooperation group allowing for easier exchange of information and Cooper believes the sharing of expertise will be critical in tackling the the cyber threat.

“One of the key elements in responding to the adversaries in the financial space is having a complete share of information,” adds Cooper.

“The industry can be more effective in responding is by mirroring our adversaries in being able to share information and these new policies will focus those in the industry towards this goal.” 

The post Cyber security rules to hit hedge funds and sec lending hardest appeared first on The TRADE.