Risk management

Lenders pulled back on commercial real estate loans in 2023, as high interest rates put pressure on property values. They're now returning to the sector, and the renewed competition is prompting a pricing war.

JPMorgan, Mozilla, Palo Alto and other Glasswing partners have new latitude as Anthropic loosens disclosure rules under congressional pressure.

The Federal Financial Institutions Examination Council — whose members include federal bank regulators — issued a proposal Tuesday to overhaul the bank supervisory ratings process, the first such revision in 30 years. The proposal would reduce the weight management grades have on supervisory ratings and would require rating downgrades to be tied to explicit financial risks.

Three senior officials say attackers will eventually breach bank defenses, and supervisors should plan for it — while U.S. regulators stay nearly silent.

New York extracted $5 million and a broker registration from Uphold over its promotion of CredEarn, a yield product whose issuer collapsed in 2020.

A bank's regulatory posture is no longer fully within its own control. When a critical vendor becomes subject to new supervisory expectations, the bank's risk profile changes regardless of anything the bank itself has done.

As capital requirements on U.S. banks are relaxed, and regulatory oversight is pulled back, bankers remain ultimately responsible for managing the risk on their books. This will require drawing clear, internal lines of accountability.

An unpatched vulnerability in Anthropic's Model Context Protocol creates a channel for attackers, forcing banks to manage the third-party security risk.

Large loan balances are increasingly common in non-QM and HELOC securitizations, bringing faster prepayments and higher delinquency risks, Bank of America Securities research shows.

A rule banning bank examiners from using reputational risk in their examinations includes an exception for operational risks — another notoriously unquantifiable category of risk. Experts say the concession suggests the attempt to carve subjectivity out of bank examination may amount to a relabeling exercise.

Several major financial institutions last year increased their spending on measures to protect top executives, according to public filings. The moves followed the killing of UnitedHealthcare CEO Brian Thompson in December 2024.

After French authorities stopped a bomb plot against a Bank of America office in Paris, security experts warned banks to step up their preparations for terror attacks.

Recent double-pledging scandals in auto lending and the U.K. put U.S. mortgage lenders on alert. Here's what to watch and how MERS, e-notes and electronic vaults can help.

Cybersecurity experts at RSAC urged banks to treat the transition to post-quantum cryptography as an enterprise risk, not just an IT headache.

A near-collapse of the global software vulnerability database exposed critical weaknesses that could leave banks unable to track cyber threats.

Financial security teams must treat AI like a junior analyst, requiring humans to own decisions and approve any responsive actions to threats.

New study highlights the dangers banks face and potential fixes as merchants and consumers embrace the emerging form of artificial intelligence.

Payment experts detail where banks are going wrong with charge-backs and how they can improve.

A threat that was probabilistic is now official. An Iranian military spokesperson warned of a "painful response" against U.S.-linked banks.

There's a huge difference between short-term volatility and true systemic risk. The current rash of redemptions from private credit funds betrays a misunderstanding of the strengths underlying the business model.