Articles by Menghan Xiao
Cyber risk can be modelled like credit risk, says Richmond Fed
US supervisors may begin to use historical datasets to assess risk at banks and system-wide
People: All fall in at Citi, TD turbulence, and more
Latest job changes across the industry
What Goldman’s appeal victory means for Fed stress tests
Decision could embolden more banks to appeal, analysts say. But others believe result is one-off
MUFG blocks vendors that refuse to reveal subcontractors
Risk Live: US arm of Japanese megabank asks first line to sign written waivers when risk advisories are ignored
Rough patch: CrowdStrike sparks an auto-update debate
Automating software updates helps keep hackers at bay but can introduce op risk; banks balance the two
Banks urged to keep regulators in the loop on AI plans for AML
Risk managers advocate five-year strategies and compliance teams’ ownership of the tech they use
Banks urged to boost third-party scrutiny amid AML crackdown
Three US regulators highlight deficiencies in banks’ due diligence on fintech partners
Should banks risk lightning hitting twice for CrowdStrike?
Bank tech teams divided on whether to give security vendor a second chance after update crash
Let’s grow the third-party risk playbook – CME security chief
CrowdStrike outage highlights need for financial sector to adjust its game plan
CrowdStrike outage spurs rethink on ‘critical’ vendors
Some want US regulators to designate tech firms that pose risks to financial stability
Why was Archegos worse than the Fed’s five-fund stress test?
Some believe Credit Suisse was an outlier, but others say the CCAR results underestimated risks
Fed urged to introduce annual high-rate stress tests
Results of debut scenario were reassuring, but regulators cannot lower their guard
US Fed reveals its five use cases for generative AI
Internal sandbox used to assess viability and risks; coding and content generation on the agenda
House of cards? The $3 trillion (non-systemic) real estate risk
Regional banks share the bulk of US commercial real estate exposure, but the sector’s downturn doesn’t faze them
Bank of America’s Kris Fador elected FS-ISAC board chair
Industry consortium for cyber security also adds new board directors from Swift, PNC, Truist and CME
SEC intensifies scrutiny on ‘AI washing’
Regulator made first enforcement actions against high-tech misrepresentations this year
US large bank CRE risks could be understated, say researchers
Community banks have the most direct exposure, but systemic banks extend more credit to REITs
People: Citi lures JPM private bank CRO, Körner crowns Credit Suisse exits, and more
Latest job changes across the industry
Caveat creator: GenAI giants’ pledges won’t pre-empt copyright suits
Tech vendors offer indemnities on generative output, but end-users need to check the fine print, warn IP lawyers
Did Fed’s stress capital buffer blunt CCAR?
Experts fear flagship test’s use as a capital top-up has undermined its role in risk management
The American way: a stress-test substitute for Basel’s IRRBB?
Bankers divided over new CCAR scenario designed to bridge supervisory gap exposed by SVB failure
Industry warns CFTC against rushing to regulate AI for trading
Vote on workplan pulled amid calls to avoid duplicating rules from other regulatory agencies
Too soon to say good riddance to banks’ public enemy number one
As LockBit plans its comeback, experts say banks need a clear ransomware negotiating playbook
Beating the drum on cyber risk: the battle for boardroom attention
Delays patching financial sector vulnerabilities highlight the need for more internal clout for cyber chiefs