Alyned Thinking

Why new thinking is needed and how we are putting our expertise to work.
Multiple arrows pointing in the upward direction on a blue background

How to succeed as a new CISO — Part 1

Congratulations! You have a new job as something like CISO (Chief Information Security Officer), CSO (Chief Security Officer), Head of Information Security or similar. This can be a great gig or it can be your worst nightmare (sometimes more or less at the same time).

I’ve been there and I have the scars and credentials to prove it. So, let me give you some tips for your first days.

Read more ...
Multi-coloured measuring tape

Doing Risk Assessments Right

Most organisations follow a sample based approach to identifying risk or gaining assurance for reasons of cost and practicality. Risk Assessments are already widely used and accepted as a method for risk identification and assurance and can be an extremely powerful and cost effective tool when done right and an utterly useless tool if done wrong. Consider the global practice of filing tax returns as a highly effective way of getting billions of people to declare their income and deductibles through a self assessment process. The previous Safe Harbor scheme, on the other hand, is an example of applying self assessments without any controls or meaningful oversight and using self assessments very poorly.

Read more ...
A typewriter and an old printer on a street next to a park

Can Risk Management and Compliance be digitalized?

Digitalization is a seemingly new buzz word on the agenda in many organizations as well as in pitch decks of savvy consultants. It describes the introduction of digital technology to an organizational process to make existing activities more effective or deliver a new service to the organization. Avoiding manual steps, human intervention and any unnecessary interfaces are commonly a focus point. Over the past decades, the term has been used in various contexts, from actually transforming physical processes like type setting to digital printing or using computer aided design instead of pencil and paper. However, in today’s practice, businesses usually mean leveraging X-as-a-Service offerings to apply flexible and scalable technology to optimize a specific business outcome when talking about digitalization.

Read more ...
Business people walking next to a glass building

Supporting the development and adoption of RegTech

This text was submitted as an answer to the UK Financial Conduct Authority’s Call for Input on Regtech. We’re publishing it also here on our blog to foster wider discussion.

Based on our extensive experience in this field, we have been discussing several RegTech-related ideas here at Alyne (further thinking on this in our blog).

In the tradition of other “-Techs” (such as “FinTech”), we understand RegTech as digitisation of regulatory compliance processes. Digitisation is of course a buzzword itself, but it helps to frame it more in the context of automation. In other industries and topic areas, it is envisioned to completely substitute manual processes at some point or at least augment human capabilities and capacity to rapidly scale and leverage the output of manual processes.

Read more ...
Smaller picture of people starting a running race

5 Promises a RegTech Company needs to keep to be relevant in 2016

2016 has arrived and if we are to believe the talking heads on blogs, Twitter and LinkedIn, it is the year FinTech companies will continue to dismantle and replace banks and the RegTech force awakens.

My prediction is that RegTech developments will certainly be closely watched by like-minded entrepreneurs, B2B focussed investors and regulated companies. The open question remains, who will actually emerge as relevant in the RegTech space in 2016 and why. I believe there are five promises a relevant RegTech company will have to keep in order to justify the current attention in this area.

Read more ...