ORX News digests of the month: Q4 2018

Every month the ORX News team publishes a featured digest from the ORX News service. It's a detailed look at one of the operational risk losses reported in the media that month, and is handpicked by the team as one of the most interesting stories.

Read on for all the featured summaries from Q4 2018.

December: Barclays receives USD 15 million fine for shortcomings in whistle-blower function

On 18 December 2018, Barclays was fined USD 15 million following a regulatory investigation into attempts by its CEO to identify the author of two whistleblowing letters.

New York’s Department of Financial Services (NYDFS) found that, in both June and July 2016, Barclays CEO Jes Staley personally directed the head of the firms’ Group Security to identify the author(s) of two whistleblowing letters. 

According to the NYDFS, Barclays had a suitable set of whistleblowing policies and procedures in place, trained its staff annually on the subject of whistleblowing, and ran a competent, well-trained and adequately staffed unit dedicated to handing and investigating whistleblowing complaints. However, in this case, several senior executives and board members failed to follow or apply the whistleblowing policies and procedures, and failed to ensure the independence of the whistleblowing function and the importance of fostering anonymity. The NYDFS states that these actions risked jeopardising the independence of and undermined the bank's whistleblowing function.

November: JPMorgan and Citibank pay $21m over SIBOR

JPMorgan and Citibank agreed to pay $11m and $10m to settle US class action allegations that they conspired to manipulate the Singapore Interbank Offered Rate (SIBOR), the Singapore dollar equivalent of LIBOR.

Similar to the LIBOR scandal, the banks were accused of colluding to submit artificially high or low rates to benefit the positions of their traders.

As part of the settlement, JPMorgan and Citibank have agreed to provide co-operation materials that may assist the class in prosecuting the other defendants in the case, which are the 17 other SIBOR panel members including Bank of America, UBS and Deutsche Bank.

October: State Bank of Mauritius' India operations lose up to USD 4 million in cyberattack

On 2 October, hackers targeted the SWIFT systems of State Bank of Mauritius’ (SBM) Indian operations, resulting in a potential loss of up to $4m. Initially, the bank reported that $14m had been fraudulently transferred, but reduced this figure following recovery efforts. The bank said that customer accounts had not been targeted.

In response to the attack, SBM initiated a cyber security review of its Indian operations and informed the relevant authorities. According to ORX News data, banks in India have suffered total losses of $41.6m and one data breach this year as a result of cyberattacks.