Federal regulators recently hit Citigroup with a $400 million fine for its “longstanding failure” to fix problems with its risk management systems. Today’s columnist, Dan Singer of Digitalware, offers security pros five tips for how banks can avoid large fines for poor risk and data management. (CC BY 2.0)

Federal regulators recently slapped Citigroup, the nation’s third largest bank, with a $400 million fine for its “longstanding failure” to fix problems with its risk management systems. The decision sends a clear message that the entire financial services industry needs to dramatically up its game when it comes to risk management.

The report by the U.S. Office of the Controller of the Currency didn’t pull any punches. It said for several years the bank failed to implement and maintain an enterprisewide risk management and compliance risk management program, internal controls, or a data governance program commensurate with the bank’s size, complexity and risk profile. And blame was laid squarely on the shoulders of senior leadership at Citigroup.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.