Tag Archives: risk management

ASIC bans the sale of binary options to retail clients

ASIC has made a product intervention order banning the issue and distribution of binary options to retail clients.

The ban will take effect from Monday 3 May 2021 after ASIC found that binary options have resulted in and are likely to result in significant detriment to retail clients.

ASIC reviews in 2017 and 2019 found that approximately 80% of retail clients lost money trading binary options. ASIC found that binary options are likely to result in cumulative losses to retail clients over time because of their product characteristics:

  • the ‘all or nothing’ payoff structure, where one of the two possible outcomes for a binary option contract is that the retail client will lose their entire investment amount;
  • short contract duration (the average contract duration of binary options traded with one provider was less than six minutes); and
  • negative expected returns (that is, the present value of the expected payoff for a binary option contract is lower than the initial investment).

Commissioner Armour said, ‘Binary options’ product characteristics make them incompatible with investment or risk management use by retail clients. ASIC’s product intervention order will protect retail investors from these harmful products at a time of heightened vulnerability.’

ASIC estimates that retail clients’ net losses from trading binary options were around $490 million in 2018. The size of the market in Australia has since reduced significantly after ASIC issued a warning in April 2019 against providing unlicensed or unauthorised services to clients located in several foreign jurisdictions. Australian retail clients are estimated to have made net losses of more than $6.7 million in 2019.

ASIC’s binary options ban brings Australian requirements into line with prohibitions in force in comparable markets and follows the commencement on 29 March 2021 of ASIC’s product intervention order imposing conditions on contracts for difference offered to retail clients.

The order will remain in force for 18 months, after which it may be extended or made permanent. Civil and criminal penalties apply to contraventions of the product intervention order.

Background

A binary option is a cash-settled, over-the-counter (OTC) derivative entered into by two counterparties—the binary option issuer and the client. The ‘all-or-nothing’ payout under a binary option contract is determined by the occurrence or non-occurrence of a specified event in a defined timeframe. This can include an event related to movements in the price of a financial product or a market index (for example, the price of gold increasing in 30 seconds) or an economic event (such as a central bank interest-rate decision).

Regulatory Guide 272 Product intervention power provides an overview of ASIC’s product intervention power, when and how ASIC may exercise the power and how a product intervention order is made.

On 22 August 2019, ASIC released CP 322, seeking feedback on proposals to use its product intervention power to address significant detriment to retail clients resulting from binary options and CFDs (refer 19-220MR). CP 322 attracted more than 400 responses from consumers, consumer groups, CFD issuers, industry bodies and other stakeholders.

On 23 October 2020, ASIC made a product intervention order imposing conditions on the issue and distribution of contracts for difference (CFDs) to retail clients (refer 20-254MR). From 29 March 2021, ASIC’s order strengthens consumer protections by reducing CFD leverage available to retail clients and by targeting CFD product features and sales practices that amplify retail clients’ CFD losses.

In addition to the product intervention orders, ASIC’s actions to address concerns about binary options and CFDs include:

  • enforcement action to address misconduct
  • public warning notices and other statements
  • surveillance projects and thematic reviews
  • stronger regulations
  • extensive retail client education campaigns and guidance for binary option issuers.

More information about ASIC’s supervision and enforcement work is available on our website. ASIC’s Moneysmart website has further information about binary options.

MAS Enhances Guidelines to Combat Heightened Cyber Risks

The Monetary Authority of Singapore (MAS) today issued revised Technology Risk Management Guidelines  (578.7 KB) (Guidelines) to keep pace with emerging technologies and shifts in the cyber threat landscape.

2     The revised Guidelines focus on addressing technology and cyber risks in an environment of growing use by financial institutions (FIs) of cloud technologies, application programming interfaces, and rapid software development. The Guidelines reinforce the importance of incorporating security controls as part of FIs’ technology development and delivery lifecycle, as well as in the deployment of emerging technologies. 

3     The recent spate of cyber attacks on supply chains, which targeted multiple IT service providers through the exploitation of widely-used network management software, is a clear indication of a worsening cyber threat environment. The revised Guidelines set out the following enhanced risk mitigation strategies for FIs –

  • to establish a robust process for the timely analysis and sharing of cyber threat intelligence within the financial ecosystem; and
  • to conduct cyber exercises to allow FIs to stress test their cyber defences by simulating the attack tactics, techniques, and procedures used by real-world attackers.

4     In light of FIs’ growing reliance on third party service providers, the revised Guidelines set out the expectation for FIs to exercise strong oversight of arrangements with third party service providers, to ensure system resilience as well as maintain data confidentiality and integrity.

5     The revised Guidelines provide additional guidance on the roles and responsibilities of the board of directors and senior management –

  • the board and senior management should ensure that a Chief Information Officer and a Chief Information Security Officer, with the requisite experience and expertise, are appointed and accountable for managing technology and cyber risks; and
  • the board should include members with the relevant knowledge to provide effective oversight of technology and cyber risks.

6     The revised Guidelines have incorporated feedback received from the public consultation  (728.4 KB) conducted in 2019, MAS’ engagement with the industry, and MAS’ Cyber Security Advisory Panel (CSAP). [1]  MAS thanks all respondents for the invaluable suggestions in shaping the Guidelines.

7     Mr Tan Yeow Seng, Chief Cyber Security Officer, MAS, said, “Technology now underpins most aspects of financial services. Not only are financial institutions adopting new technologies, they are also increasingly reliant on third party service providers. The revised Guidelines set out MAS’ higher expectations in the areas of technology risk governance and security controls in financial institutions.”

***

Additional information

The Technology Risk Management Guidelines are a set of best practices that provide FIs with guidance on the oversight of technology risk management, practices and controls to address technology and cyber risks. MAS expects FIs to observe the guidelines as this will be considered in MAS’ risk assessment of the FIs.

The Guidelines should be read with the Notice on Technology Risk Management and Notice on Cyber Hygiene.

  1. [1] The CSAP, which was formed in 2017, comprises leading cyber security experts and thought leaders from around the world. The panel advises MAS on strategies to enhance cyber resilience in the financial system.

The final countdown: completing sterling LIBOR transition by end-2021

After many years of preparation, 2021 is the critical year for firms to complete their transition away from LIBOR.

The LIBOR administrator, ICE Benchmark Administration, is consultingOpens in a new window on ceasing publication of all sterling LIBOR settings at the end of 2021, leaving just one year for firms to remove their remaining reliance on these benchmarks.

This issue touches numerous parts of the economy. LIBOR has been embedded in the financial system for many years, used to calculate interest in everything from corporate borrowing and intra-group transfers, to complex derivatives. It is also utilised in accounting practices, system infrastructure and other supporting functions. All of these will need to be ready to use alternative reference rates, such as SONIA, by the end of this year.

The Bank of England and the Financial Conduct Authority (FCA) have set out clear expectations for regulated firms to remove their reliance on LIBOR in all new business and in legacy contracts, where feasible. The primary way for market participants to have certainty over the economic terms of their contracts is to actively transition them away from LIBOR.

In support of this, the Working Group on Sterling Risk-Free Reference Rates (the Working Group) has published an update to its priorities and roadmapOpens in a new window for the final year of transition to help businesses to finish planning the steps they will need to take in the coming months.

The Working Group’s top priority is for markets and their users to be fully prepared for the end of sterling LIBOR by the end of 2021. In particular the Working Group has recommended that, from the end of March 2021, sterling LIBOR is no longer used in any new lending or other cash products that mature after the end of 2021. All businesses with existing loans in sterling should already have heard from their lenders about the transition, and those seeking a new or refinanced loan today should be offered a non-LIBOR alternative. Throughout the remainder of the year, existing contracts linked to sterling LIBOR should be actively transitioned where possible.

In addition, the Working Group has recommended that firms no longer initiate new linear derivatives linked to sterling LIBOR after the end of March 2021, other than for risk management of existing positions or where they mature before the end of 2021.

The Working Group, the Bank of England, and the FCA have made clear that, in future, they anticipate that the large majority of sterling markets will be based on SONIA compounded in arrears, to provide the most robust foundation for the overall market structure. However, in certain specific parts of the market, participants may need access to alternative rates. In this context, the Working Group welcomes the development of term SONIA reference rates (TSRRs) which are beginning to be made available by various providers. Alongside this, the Working Group has engaged closely with the FICC Markets Standards Board (FMSB) to support development of a market standard for appropriately limited use of TSRRs, consistent with the Working Group’s objectives and existing recommendations on use cases of benchmark ratesOpens in a new window. The proposed FMSB standard is under review by key stakeholders during January and is expected to be released for public comment in February.

The Bank of England and the FCA continue to work closely with firms to secure a smooth transition. In particular, supervisors of regulated firms will continue to expect transition plans to be executed in line with industry-recommended timelines across sterling and other LIBOR currencies. Senior managers with responsibility for the transition should expect close supervisory engagement on how they are ensuring their firm’s progress relative to industry milestones.

Tushar Morzaria, Chair, Working Group on Sterling Risk-Free Reference Rates, commented: “In line with the Working Group’s milestones for Q3 2020, lenders should now be in a position to offer loans based on SONIA or other LIBOR alternatives. I encourage all end users to engage with their lenders and trade associations as early as possible to ensure a smooth transition.”

Andrew Hauser, Executive Director for Markets at the Bank of England commented: “As we move into the final year for sterling LIBOR transition, it is crucial that firms take action now to make certain they are prepared well in advance of the end of 2021.”

Edwin Schooling Latter, Director of Markets and Wholesale Policy at the FCA, commented: “The end-game for LIBOR is now increasingly clear. Firms should now have everything they need to shift new business to SONIA and to complete their plans for transition of legacy exposures. There is no longer any reason for delay.”

OCC Assesses $250 Million Civil Money Penalty Against JPMorgan Chase Bank, N.A.

The Office of the Comptroller of the Currency (OCC) today assessed a $250 million civil money penalty against JPMorgan Chase Bank, N.A (JPM)

The OCC took this action based on the bank’s failure to maintain adequate internal controls and internal audit over its fiduciary business.

The OCC found the bank’s risk management practices were deficient and it lacked a sufficient framework to avoid conflicts of interest. These deficiencies constituted unsafe or unsound practices and resulted in a violation of 12 CFR 9.9, which requires a suitable audit over all significant fiduciary activities. JPMorgan Chase Bank has remediated the deficiencies that led to this action.

The OCC penalty will be paid to the U.S. Treasury.

Related Link

BaFin on Cloud computing: Compliance with the supervisory requirements regarding rights of information and audit and ability to monitor

Within the framework of increasing digitalisation, supervisors must attach considerable importance to new IT technologies such as cloud computing. In this context, it is important that in particular supervised entities in the financial sector, in addition to supervisors, have an understanding of the relevant technical innovations so that they can assess the impact of these technologies on business models, capital adequacy and authorisation requirements. This is the only way to ensure that the specific risks involved in the use of new IT-based developments are given appropriate consideration in supervisory and regulatory practice.

Cloud computing

With cloud computing, IT resources are operated by an external service provider rather than within a company. Cloud services are usually operated via a web-based system that is used dynamically. This provides users with an opportunity to save costs and make use of the external service provider’s technical expertise, generating increased interest in cloud computing solutions among companies.

Regulatory framework

If supervised entities choose to use cloud computing, they must comply with the relevant supervisory requirements for outsourcing.

The first step towards specification of the regulatory framework for cloud computing was publication of the circular “Supervisory Requirements for IT in Financial Institutions” (Bankaufsichtliche Anforderungen an die IT – BAIT) (see BaFinJournal November 2017 and January 2018 (only available in German)). The BAIT specify that AT 9 of the Minimum Requirements for Risk Management (Mindestanforderungen an das Risikomanagement – MaRisk (only available in German)) also applies to the use of cloud services where this constitutes outsourcing of IT services. This means that supervised entities must comply with the supervisory requirements for outsourcing pursuant to section 25b of the German BankingAct (Kreditwesengesetz – KWG (only available in German)) in conjunction with AT 9 of the MaRisk to the extent necessary in each individual case.

In the coming months, BaFin will also publish a circular specifying its expectations towards insurance undertakings and pension funds. The Insurance Supervisory Requirements for IT(Versicherungsaufsichtlichen Anforderungen an die IT – VAIT) (only available in German) are currently the subject of a public consultation (see Expert article “IT securityBaFinspecifies IT requirements for the insurance sector”). Like the BAIT, this circular specifies that insurance undertakings must comply with the relevant applicable supervisory requirements for outsourcing when using cloud services.

BaFin will also evaluate the extent to which changes are needed to the existing supervisory requirements for outsourcing.

Planned guidance

BaFin also plans to publish special guidance on the topic over the course of this year, particularly in light of discussions held with supervised entities, which have emphasised the need for a supervisory assessment of cloud computing. The guidance will provide the market with detailed information regarding the supervisory requirements related to the use of cloud services. With this additional step, BaFin intends to give companies greater certainty in applying the requirements under supervisory law.

Ahead of the publication of the guidance, this article addresses some key aspects of compliance with BaFin’s unrestricted rights of information and audit and abilities to monitor in addition to the unrestricted rights of information and audit of the supervised entities.

Requirements under supervisory law

Supervised entities that intend to use cloud services must assess in advance the extent to which compliance with the supervisory requirements for outsourcing is required.

If this assessment reveals that, in terms of risk, the planned outsourcing constitutes material outsourced activities and processes, then the credit institutions must comply with sections 25a and 25b of the KWG in conjunction with AT 9 number 7 and 8 of the MaRisk in the contractual arrangements. In such cases, insurance undertakings must comply with Article274(3) to (5) of the Delegated Regulation on Solvency II, section 32 of the German Insurance Supervision Act (Versicherungsaufsichtsgesetz – VAG (only available in German)) and margin no. 237 et seq. of the Minimum Requirements under Supervisory Law on the System of Governance of Insurance Undertakings (Mindestanforderungen an die Geschäftsorganisation von Versicherungsunternehmen – MaGO, see BaFinJournal February 2017 (only available in German)). These contain, in particular, regulations regarding suitable or unrestricted rights of information and audit.

Unrestricted rights of information and audit

Some supervised entities have submitted to BaFin drafts of outsourcing contracts involving the use of cloud services. These contracts related, for instance, to the use of computing power, storage and web applications.

The drafts submitted clearly show that in particular the rights of information and audit of BaFin and of the supervised entities have not been fully implemented in the contractual arrangements. However, it is particularly important that these rights are incorporated into the contracts since many providers of cloud solutions currently active on the financial market are domiciled in states outside of the European Union and European Economic Area. Even German providers of cloud services are not subject to BaFin’s supervision, meaning the supervisory laws are not directly applicable to them. It is therefore only possible to enforce the supervisory provisions on the basis of corresponding contractual rights.

Rights of information and audit of credit institutions

Ensuring unrestricted rights of information and audit vis-à-vis cloud service providers through contractual arrangements is of key importance, particularly with regard to the IT security of institutions.

Outsourced activities and processes that are not regarded as material in terms of risk are subject to the general requirements relating to a proper business organisation pursuant to section 25a (1) of the KWG (see AT 9 number 3 of the MaRisk). If the outsourced cloud services are regarded as material outsourced activities and processes, then the outsourcing agreement must grant both the internal audit function and external auditors appropriate and unrestricted rights of information and audit (AT 4.4.3 number 7 of the MaRisk). Only through unrestricted access to the cloud providers, for example to their business premises, data centres, servers and employees, can supervised entities properly exercise their rights of information and audit. On-site inspections in particular are therefore indispensable.

No restriction of rights

The effective exercise of the rights of information and audit should not be impeded or limited by contractual arrangements. Phased information and audit procedures constitute such a restriction and do not comply with the requirements of the MaRisk or the recommendations of the European Banking Authority (EBA). If performing the audit is made dependent on the concept of commercial reasonableness, then this is also generally regarded as a restriction. In addition, a contractual obligation to first rely on standardised audit reports made available by the cloud providers also constitutes an impermissible restriction of the rights of information and audit.

The use of management consoles may be suitable for certain controls, such as for monitoring compliance with service level agreements in ongoing operations. However, it cannot replace audits by the internal audit function, since management consoles only allow access to information made available by the cloud provider. The internal audit functions of institutions, however, must be able to obtain additional information that is necessary for the audit.

Simplifications

In the case of material outsourced activities and processes, BaFin also accepts pooled audits in accordance with BT 2.1 number 3 of the MaRisk in order to render audits more efficient both for institutions and also for cloud service providers that work for several institutions. In such cases, the audit activity may be performed by the internal audit function of one or more of the outsourcing institutions or by a third party commissioned by these institutions provided that the audit activity complies with the requirements in AT 4.4 and BT 2 of the MaRisk.

In addition, in accordance with BT 2.1 number 3 of the MaRisk, an institution’s audits may be performed by the internal audit function of the cloud provider or the institution may commission third parties to perform audits, provided that the audit activity conducted by the other auditors complies with the requirements in AT 4.4 and BT 2 of the MaRisk.

The outsourcing institution’s internal audit function must, however, regularly verify compliance with the specified requirements. The audit findings that are relevant to the institution must be passed on to the internal audit function of the outsourcing institution.

This also corresponds to the EBA recommendations and decreases the organisational burden for both institutions and the cloud service provider. Pooling the audit resources of institutions also addresses the concerns of cloud service providers regarding “audit tourism”.

Audit procedure

If an institution decides not to perform the audit itself or not to perform the audit alone, this must not result in a restriction of the institution’s right of audit. The rights of information and audit of the internal audit function of the outsourcing institution must be granted in full through the outsourcing contract.

Mere provision by the cloud service provider of certifications or other evidence of compliancewith recognised standards does not satisfy the right of information and audit of the outsourcing institution. The outsourcing institution must have the opportunity to influence the scope of the information and audit. This corresponds to the EBA recommendations, which specify corresponding requirements for access to the certifications and audit reports of the cloud service provider.

BaFin’s rights of information and audit and ability to monitor

In addition, the outsourcing contract must ensure BaFin’s unrestricted rights of information and audit and ability to monitor in relation to the outsourced activities and processes. In particular, BaFin’s audits must not be dependent on whether they are commercially reasonable for the cloud service provider.

BaFin’s ability to monitor the cloud service providers must be the same as its ability to supervise the supervised entities as provided for by law. This includes, in particular, the option to perform on-site inspections.

GLOPTION REVIEW

Why You Should Trade With GLoption

Binary trading is the fastest growing trading market of the world. The binary market has a very simple concept of trading with huge profit margins in a very short period of time. These features of the binary trading create the attractions for the investors. The credit goes to the makers through the brokers whose role is very important in relation to the creation of trader’s confidence and balanced market.

In the same way as Binary options trading market going up the name of the GLoption trading platform lead in the binary brokerage market. GLoption has gained this success by setting up the trader focused strategy.
GL-option binary trading platform has been designed by keeping in mind the thinkingof a trader e.g. what a trader or investor want?What are the trading information requirements of an investor? Which knowledge and terminology necessary to absorb for binary trading? How profit payouts conveniently received by the traders? Is the platform meets all the security parameters? Is the binary trading platform providing the maximum trading options? What are the advancement levels of the platform?
Why You Should Trade With GLoption.

GLoption is a web based binary trading platform that offers Asset Index, Currency Pairs, commodities, Stocks, and Indices trading options. GLoption believes in the policy of sharing the facts rather than hiding it. GLoption trading platform clearly defined the percentage of profit a trader will earn in the course of a selected particular trading option and without a doubt gives an indication of the risk involved in the trading transaction. GLoption trading platform also provides the data regarding the trading options selected by the other traders in respect of a particular selected asset. So a trader can get help during the decision-making process by taking into account the trend of the majority of traders while selecting the put or call option for selected asset.

GLoption has a very simple procedure of registration as well as trading. GLoption has defined the each step of trading with clear explanations and also makes sure the real-time query solution by inaugurating 24/7 customer support for traders.
GLoption binary trading platform is fully equipped with latest analytical tools like Relative strength Index (RSI), Moving Average (MV) and Bollinger Bands (BB) that provide real-time support to investors for assessing the trend of the market. GLoption binary trading platform provides free automated live trading signals for forecasting the market trends by employing the advanced technology in the field of automated trading signals system.

GLoption has devised the speedy and secure treasury management system by partnering with the treasury and risk management specialist professionals. A trader can make payments and received the funds by the mode of Credit cards, Wire Transfer (personal bank account to binary trading account) and E-Wallets.

GL-option is the best starting point for binary trading. It provides everything that is required for doing a fruitful binary trading with up to 100% first deposit bonus for new customers.
In short, GLoption binary trading is the platform where you find the highly professional binary trading services that prove to be your competitive edge over others and ultimately contribute to your success.

Start Trading With GLoption Now

Make Your Secure Online Transactions Faster And More Secure

Make Your Secure Online Transactions Faster And More Secure

Many companies today offer some form or another of security for those business offering online transactions.

It is of vital importance, naturally, that both the seller and the consumer have security they can depend on. While a number of e-commerce security options have become available, not all offer or can deliver the same degree of security, the security today’s demands require.

Hackers abound on every side of us, not only locally, but across the entire globe. Russia and India are among those most often cited in this respect. And their arm is very long indeed.

At Dalberry we’ve developed the most secure protection system for business yet available in today’s marketplace. The main focus of our offering is not simply in periodically advertising that our service is “new and improved”, but rather we focus on you and your needs. We analyze your weaknesses and deliver on ways to improve and strengthen them. We provide risk management that you can use.

We review and secure technical threats and risk. Banks, for instance, can turn their focus back to offering competitive ways for merchants to pay allowing both entities to turn their efforts into business growth and profitability rather than worrying constantly over security.

Here at Dalberry we hope and intend to become your business’s security company in the area of payment processing. We constantly strive to stay a step ahead of the curve, since as we all know, criminal minds never rest and we must always be on high alert.

Our company’s motto is: “Be honest and straightforward”, and we never for a moment forget this. Our clients trust us and rightfully so. And we never “pass the buck”. We take full responsibility for our actions in every aspect of our services.

In the past, a few security services have dominated the Internet market, but by now we all see that their solutions have not kept pace with the rapidly changing international Internet where every day new players come on line with new ideas for somehow tricking both businesses and individuals out of money. There are so many ways that only a team of dedicated professionals can possibly hope to stay a jump ahead of these hackers.

Our online payment gateway is the perfect solution for merchants to utilize our services. We keep it easy to use, fast, simple and pleasurable.

We offer to the merchant a wide range of services, each highly-customizable so that every merchant can, and will, be completely satisfied and have a tailor-made payment setup in place to handle all business transactions.

Here at Dalberry we, of course, offer a secure web page so there is no expensive technical setup requirement. And merchants receive instant payment rather than having to wait a certain number of hours of “business days” to complete the transaction.

There are so many other desirable options we offer, such as the Dalberry Wallet, a digital wallet that is guaranteed to please almost every business owner. We’ll be more than happy to explain its benefits and convenience.

But at Dalberry we offer much much more. Consultation over liability, cash flow, reserves, foreign exchange analysis and so much more.

As a responsible business executive, you owe it to yourself and to your company to contact Dalberry (www.dalberry.com) today. You’ll be glad you did!