Optimal cybersecurity investment depends on threat severity and bank fragility. Regulators should consider operational resilience standards, red-teaming, subsidies, and negligence penalties to facilitate socially desirable cybersecurity investment.
The paper reviews the DORA Regulation, highlighting challenges in supervisory convergence, solution centralization, and oversight fragmentation. It argues that despite DORA's positive steps for digital resilience, Europe's fragmented supervision system hampers its effectiveness. The authors suggest that a more centralized, cross-sectoral supervisory approach is needed for better regulation and supervision.
The EU aims to foster digital transformation across sectors by 2030 through legislation on AI, cloud computing, and crypto-assets. However, compared to ESG, banking regulation lacks a clear framework for managing digital risks and supervisory assessment. This paper discusses digital innovation in banking, proposing risk-based Pillar 2 prudential framework and harmonized Pillar 3 disclosures to address this gap.
“The study is based on ten years' data for 560 banks and 214 insurance companies from 28 countries. We find that governance quality is lower for insurance companies as compared to banks.”
A new Activity Risk Index (ARI) measures each activity's contribution to overall project risk during execution, allowing project managers to focus on high-risk activities. Unlike existing metrics, ARI is based on Schedule Risk Baseline, provides real-time insights, and offers a normalized 100% view across all activities.
“... the design of optimal parametric insurance depends on whether the parameter vector and the basis risk are independently distributed or not, and we analyze how it is affected by the attitude toward risk of the policyholder.”
The paper proposes a novel approach using Monte Carlo Simulation to quantitatively prioritize project risks based on their impact on project duration and cost, addressing limitations of traditional risk matrices and enabling project managers to differentiate critical risks according to their specific impact on time or cost objectives.
“This paper looks at global and regional efforts to come up with strategies and regulatory frameworks for AI governance. Chief amongst them include the OECD AI Principles; the EU AI Act; and the NIST AI RMF. The common thread among these frameworks or legislations is identifying and categorizing AI developments and deployments according to their risk levels and providing guidelines for ethical and trustworthy AI with considerations for human safety and innovation.”
"The risk measures contain some premium principles and shortfalls based on entropy. The shortfalls include the Gini shortfall, extended Gini shortfall, shortfall of cumulative residual entropy and shortfall of cumulative residual Tsallis entropy with order α."
“This paper discusses and analyses the regulatory approach underlying the AI Act, the main issues surrounding the proposed regulation, and the implications for the AI Act's ability to achieve its goals.”