SET Training - Banking and Fintech

By Stanley Epstein -  In the high-stakes theatre of modern finance, we have become masters at managing what we can measure. Boardrooms are well-versed in the precise mathematics of credit and market risk, viewing them as predictable variables in a controllable equation. Yet, there is a "silent disruptor" that refuses to be neatly boxed or fully quantified. Operational risk—the risk of loss resulting from inadequate or failed internal processes, people, systems, or external events—is the ghost in the machine. It is messy, human, and deeply interconnected. To navigate this complexity, we must return to a fundamental framework of inquiry. As Rudyard Kipling famously wrote: “I keep six honest serving-men / (They taught me all I knew); / Their names are What and Why and When / And Where and Who and How.” In an era where banking and fintech are converging into a single, hyper-connected ecosystem, these six questions provide the essential mental map for leaders to move beyond the ...

By Stanley Epstein -  The banking landscape of 2026 feels remarkably like the spooky woods encountered by Dorothy, the Tin Man, and the Scarecrow. Executives are walking arm-in-arm through a thicket of generative AI, emerging crypto protocols, and escalating fraud risks. It is a landscape that demands more than just corporate bravery; it requires a cold, clear-eyed understanding of what is a tangible opportunity and what is merely a shadow in the mist. Despite the "scary" environment, the view from the executive suite is surprisingly sunny. More than 80% of bank and credit union leaders are optimistic about 2026, fueled by the intoxicating promise of regulatory easing and AI-driven efficiency gains. They are looking at the horizon with "future's so bright" energy, but the data suggests they might want to keep their goggles on for protection rather than style. As a senior strategist, my "BS-detector" is redlining. While executive optimism has reached a...

By Stanley Epstein -  Introduction Conflict is no longer something happening “somewhere else". It has become a constant feature of today’s global environment. Recent tensions involving Iran are a good example of how quickly things can change. A region that felt stable a few months ago can suddenly become a source of global concern. The data backs this assertion up. There are multiple active conflicts and even more areas of rising tension around the world. Many of them are getting worse, not better. The takeaway is simple: geopolitical disruption is not occasional anymore. It is part of the system organisations operate in. The Ripple Effects Go Everywhere Conflicts don’t stay contained within borders. Their effects spread quickly. Even organisations with no direct presence in a conflict zone can feel the impact. Energy prices can spike. Supply chains can break. Sanctions can disrupt payments. Cyber threats can increase. This happens because everything is connected. Global supply c...

By Stanley Epstein – Beyond the Disaster Recovery Bunker For years, the resilience function was relegated to the "break-glass-in-case-of-emergency" basement—a defensive measure activated only when smoke cleared. That era is dead. The "turbulence" characterizing our modern operating environment—marked by relentless geopolitical friction and climate volatility—has transformed resilience from a niche safeguard into an indispensable strategic mandate. The 2025 Resilience Report reveals an industry at a defining crossroads. As we transition from simple business continuity to a model of proactive adaptability and foresight, the data illuminates where leadership is finally moving the needle and where dangerous, systemic gaps persist. This briefing unpacks the five most impactful shifts redefining organizational survival in an increasingly unpredictable world. The Integration Paradox: Why Silos Persist in a Connected World We are witnessing a significant movement to harmon...

By Stanley Epstein -  Why 2026 Is the Inflection Point for Enterprise AI Agents — and Why Governance Will Decide the Winners -  Artificial intelligence agents are moving from pilot projects to production systems at remarkable speed. In 2026, the conversation is no longer about experimentation. It is about deployment, infrastructure, and control. This shift represents more than a technology upgrade. It signals a structural change in how organizations think about automation, decision-making, and productivity. But acceleration brings new risks alongside measurable gains. The Enterprise Shift When Jensen Huang, CEO of Nvidia, recently described enterprise adoption of AI agents as “skyrocketing,” he linked the surge directly to explosive demand for compute infrastructure. The implication is clear. Companies are not simply testing AI tools. They are building the backbone for agentic systems capable of planning, reasoning, and acting with increasing autonomy. This aligns with forwar...

  The BCI Horizon Scan Report 2025 looks at the complexity of the operating environment, providing a well-established benchmarking tool for both expert practitioners and newcomers to the business continuity and resilience industry. The report examines threats ranging from digital challenges and the adoption of new technologies to geopolitical changes and natural hazards, trying to capture the levels of current impact and future concern for practitioners. Furthermore, the results consider the effectiveness and the evolution of the techniques and tools that practitioners use to scan the risk and threat horizon. The rise of new technologies, such as artificial intelligence, is challenging traditional methodologies, but practitioner still see value in the interpersonal exchange of information.

By Stanley Epstein -  Introduction: More Than Just a Digital Nuisance When a cyberattack brought production at Asahi, one of Japan’s largest brewers, to a halt, the consequences were felt in local beer halls running out of popular lagers. Similarly, when hackers struck carmaker Jaguar Land Rover, assembly lines fell silent, costing the company millions per week. These incidents reveal a critical truth: cybercrime is no longer an abstract IT problem. It is a tangible force that can halt manufacturing, disrupt supply chains, and affect the availability of everyday consumer goods. While carried out by different criminal groups, many of these disruptive attacks share a common feature: the use of ransomware to paralyse a business and extort payment. The threat has evolved in sophisticated and surprising ways, and this article explores the most impactful new realities of the modern cybercrime landscape. Takeaway 1: Your Boss Is Calling—Or Is It? The Rise of AI-Powered Deception Artifici...

Introduction: The "White Elephant" in the Room For any manager tasked with monthly reporting, the process is painfully familiar: hours spent pulling data from disparate sources, struggling to create a connected view, only to produce a static report that's outdated the moment it's finished. In response, organizations have built countless dashboards promising a real-time, data-driven view into every corner of the business. Yet, many of these meticulously crafted tools end up as digital "white elephants"—expensive assets that consume time and money but sit unused, providing little to no real value. The core problem isn't the technology, the choice of chart, or the color scheme. The difference between a high-value dashboard and a digital paperweight lies in the strategic framework behind it. A dashboard's success begins long before the first line of code is written and continues long after it has been launched. There are five counter-intuitive but critic...

Risk management, when aligned with business objectives, becomes a powerful strategic tool rather than a mere compliance function. Organizations that integrate risk management into their strategic framework can proactively identify potential threats, capitalize on opportunities, and ensure long-term sustainability. This article explores how businesses can achieve this alignment for greater impact and resilience. 1. Integrating Risk Management into Strategic Planning Risk management should be an integral part of strategic decision-making rather than an afterthought. Organizations should: Conduct comprehensive risk assessments during strategic planning. Align risk priorities with corporate goals to ensure balanced risk-taking. Use risk intelligence to enhance forecasting and decision-making. By embedding risk management early in the planning phase, businesses can anticipate potential pitfalls and develop contingency strategies that support growth. 2. Defining Risk Appetite and Tolerance A...

Introduction Internal controls are foundational elements within any organization, intended to provide reasonable assurance that processes operate smoothly, risks are minimized, and objectives are achieved efficiently. Leaders depend on these controls to function as a reliable safeguard, trusting that they’re well-designed, correctly installed, and actively maintained. Yet, a recurring pattern emerges through countless audits: controls inevitably break down over time. This breakdown can arise from various factors, including changing organizational priorities, rapid technological advancements, staff inexperience, or simple human error. Without ongoing attention and diligence, even the most robust control frameworks are vulnerable. Such failures not only expose the organization to potential risks but also create an opportunity for improvement when properly addressed. Auditors and compliance professionals are instrumental in diagnosing control breakdowns and recommending solutions to mitig...

Introduction In an age where we’re constantly surrounded by “experts,” it’s natural to wonder: how much do they really know? We see experts making predictions, giving advice, and influencing decisions in almost every aspect of society—from economics to medicine to psychology. Yet, it often feels like their conclusions can be as variable as the weather, leaving us to question their credibility. Are experts truly experts, or is their authority overestimated? In a world where information is easy to access but difficult to validate, distinguishing between genuine expertise and overconfidence is more crucial than ever. This article explores what expertise is, how it varies across disciplines, and why a healthy dose of skepticism can be valuable when navigating fields marked by high levels of uncertainty. By understanding what constitutes expertise—and where it can falter—we can make better-informed decisions and cultivate a balanced view of expert opinions. The Nature of Expertise: Stabilit...

Introduction In a world that champions optimism, the idea of focusing on potential pitfalls might seem counterproductive. Yet, when it comes to managing risks, particularly operational risks in sectors like banking, adopting a mindset that anticipates problems rather than avoids them can be a powerful tool. While the phrase “Positive Power of Negative Thinking” may resonate with those who remember psychologist Julie Norem’s 2002 book by that name, our use of the concept here differs significantly. Norem’s work on “defensive pessimism” illustrated how anticipating challenges could improve personal resilience and performance. But in risk management, this strategy extends further, creating a proactive framework for anticipating, assessing, and mitigating potential threats. This approach—thinking critically about what could go wrong—has proven indispensable in my own journey within risk management since 1991. The fundamental idea is that by rigorously identifying everything that could go w...

Strategies for Risk Professionals to Navigate an Uncertain Global Landscape Introduction In an era of unprecedented global change, the convergence of political, economic, and social dynamics has given rise to new challenges for businesses across the globe. Geopolitical risks, once considered peripheral concerns, are now central to corporate strategy and risk management. Companies, regardless of size or industry, must navigate a complex and often volatile geopolitical environment. Whether it's trade wars, sanctions, political instability, or climate change, the ripple effects of these global events can significantly impact operations, supply chains, and profitability. Mastering geopolitical risk management is crucial for professionals tasked with safeguarding organizational assets and ensuring long-term stability. This article offers an in-depth exploration of how risk professionals can identify, evaluate, and mitigate geopolitical risks. Through the use of theoretical frameworks a...