lecture 3 - fintech risk

Question 1

what is information?

Answer 1

data that have been processed in such a way as to be meaningful to person receiving it

information - especially financial - is critical for effective risk mgment.

Question 2

what is an information system?

Answer 2

combination of people, processes and tech to collect data, analyse it into useful information and communicate it to mgment for planning/decision making/control

Question 3

what are the characteristics of good information?

Answer 3

ACCURATE:

Accurate
Complete
Cost-beneficial
User targeted
Relevant
Authoritative
Timely
Easy to use

Question 4

what are some common IT risks?

Answer 4

human error
technical error
natural disasters (disruption of processing)
deliberate sabotage
industrial action
cyber breaches – are these insurable??
non-compliance with legislation

Question 5

what does an IT control framework include?

Answer 5

systems development (systems development life cycle processes)

general controls (access controls, contingency planning)

application controls (input, process, output controls)

Question 6

what are the control objectives for an IT system?

Answer 6

governance framework for IT

ensures organisational objectives/regulatory requirements are met

Question 7

how can you balance IT risk and control investments?

Answer 7

ensuring sufficient IT investment has been made, defining high level control objectives for each IT process, linking control objectives to IT processes (performance indicators), providing auditing guidelines for control objectives.

Question 8

what is the SDLC?

Answer 8

systems development life cycle:

1. initiation and planning
2. requirements anaylsis
3. design
4. build
5. test
6. implementation
7. operations and maintenance

Question 9

what are the common risks associated with IT systems?

Answer 9

unauthorised changes made to a business critical system

poor quality system introduced (poor info quality)

lack of flexibility to cope with future changes

loss of confidence by management

increased risk of fraud and data protection breaches

excessive cost

Question 10

what macro level factors should be considered in IT system selection?

Answer 10

needs
strategic fit
personnel involvement
financing

Question 11

what micro-level factors should be considered when selecting an IT system?

Answer 11

cost
adaptability
training
vendor reliability

Question 12

what general controls can be implemented for fintech risk and what is their purpose?

Answer 12

designed to ensure completeness and effectiveness of organisations overall environment, include both hardware and software.

categories:
personnel controls - recruit honest staff etc.,

access controls - passwords,

contingency controls - back-up procedures. contains: responsibility schedule, priorities, backup procedures, standby arrangements, public relations protocol, risk assessment.

equipment controls - physical controls

Question 13

what are some risks and controls with information networks?

Answer 13

risk of hacking
control = data encryption

risk of viruses
control = virus protection

risk of malicious tampering of info
control = firewalls

Question 14

what are application controls and what are the three categories?

Answer 14

are specific to parts on any system running on an IT network. categorised into:

input controls

process controls

output controls

Question 15

what is fintech?

Answer 15

fintech and insurtech relates to modern IT innovations (disruptive tech) in financial services

Question 16

what does fintech aim to do?

Answer 16

fintech innovations e.g. P2P lending seek to reduce market frictions and lower costs for benefit of consumers

fintech reflects process of disintermediation which replaces traditional bank relationship lending and deposit transactions with market lending and deposit transactions

Question 17

what is blockchain?

Answer 17

distributed but supposedly secure digital ledger systems that record and process transactions

blockchain facilitates economies of scale in managing transactions and cheaper and secure information transmission

it has also facilitated the growth of new fintech firms in financial services that provide alternative and cost-efficient intermediary functions

this has to some extent blurred the distinction between traditional intermediaries (banks and insurers) and financial markets

Question 18

what are some key risk mgment issues with fintech?

Answer 18

possible corruption or insecurity of blockchains

regulatory control of new entrants (public trust maintenance)

systemic risk prevention

enhanced audit function

adequate collateral rules (regulatory control and monitoring of offshore fintech platforms/shadow banks)

personal data ethic issues like data use for insurance purposes

implications for central banks - monetary policy implications of crypto.