Financial and cyber risk mitigation is critical following banking market disruption

The first step in risk mitigation calls for assessing the exposure to your counterparties—both financial and nonfinancial. These steps will help with the assessment:

• Identify critical suppliers and financial partners required for your organization to remain operational during market disruption.
• Establish key indicators or metrics that measure quantitative and qualitative risks with your counterparties. It is important to use complete and accurate data in your qualitative assessments.
• Elevate the visibility of your counterparty risk program, including areas of identified higher risk exposure and resulting assessments of possible mitigation scenarios to senior leadership and your board of directors.

Performing due diligence on new banking or critical vendor relationships affected by the market disruption is important and should include more scrutiny than a business-as-usual scenario. Consider the following:

• Evaluate financial and operational resiliency across third-party relationships, including counterparty risk, and how each relationship could impact the ability of the business to operate within an economy facing strong headwinds. Consider diversifying risk by establishing additional institutional relationships.
• Assess counterparty risk policies of key partners and vendors, including banks, alternative capital sources, other financial services partners, technology partners, customers and suppliers. Review and enforce protocols for the ongoing monitoring of these relationships.

Reinforce procedural protocols across departments to ensure consistency and encourage teams to critically evaluate all new requests, including key changes to existing stakeholder information.

• Focus areas should include change management involving file maintenance for bank accounts, customers or vendors, as well as the review and authorization of fund transfers and all forms of payment.
• Leverage existing information, such as customer and vendor lists, to independently validate requests for changes to banking information with customers and vendors. Your team is under pressure to react swiftly to significant changes to ensure business continuity; speed must be balanced with caution. 

You may want to add additional layers of authorization for payments and fund transfers. These include the following:

• Consider updating disbursement instructions while also ensuring multiple points of authentication when changing institutions or adding customers and vendors.
• Delay payments to allow for account validation.
• Institute periodic reporting to monitor changes in instructions around accounts payables and receivables. 

Creating internal awareness of the threat landscape is integral to protecting your assets, as well as your proprietary information and technologies. Recommended activities include:

• Communicate the heightened threat through company-wide email and address it during an all-hands meeting hosted by your IT or information security team. Focus on specific threats, including social engineering, phishing and business email compromise schemes related to multifactor authentication of payment and vendor verification.
• Provide mandatory security awareness training.
• Implement or reinforce procedures that require employees to verify transaction-related email requests by a separate phone call or an in-person meeting.
  

Your IT teams should consider stepping up surveillance around failed logins, including failed multifactor authentication attempts. Consider these additional steps:

• Departments should collaborate to monitor requests for updates to payment instructions or changes in banking information by customers and suppliers, respectively.
  
• Consider having touch points with critical vendors outside the normal monitoring cadence prescribed by third-party risk management policies. Doing so will address concerns related to underlying business functions affected by the third-party service provider.