下载文档原格式
互联网金融安全中英文对照外文翻译文献中英文对照外文翻译文献(文档含英文原文和中文翻译)Database Security in a Web Environment IntroductionDatabases have been common in government departments and commercial enterprises for many years. Today, databases in any organization are increasingly opened up to a multiplicity of suppliers, customers, partners and employees - an idea that would have been unheard of a few years ago. Numerous applications and their associated data are now accessed by a variety of users requiring different levels of access via manifold devices and channels – often simultaneously. For example:• Online banks allow customers to perform a variety of banking operations - via the Internet and over the telephone – whilst maintaining the privacy of account data.• E-Commerce merchants and their Service Providers must store customer, order and payment data on their merchant server - and keep it secure.• HR departments allow employees to update their personal information –whilst protecting certain management information from unauthorized access.• The medical profession must protect the confidentiality of patient data –whilst allowing essential access for treatment.• Online brokerages need to be able to provide large numbers of simultaneous users with up-to-date and accurate financial information.This complex landscape leads to many new demands upon system security. The global growth of complex web-based infrastructures is driving a need for security solutions that provide mechanisms to segregate environments; perform integrity checking and maintenance; enable strong authentication andnon-repudiation; and provide for confidentiality. In turn, this necessitates comprehensive business and technical risk assessment to identify the threats,vulnerabilities and impacts, and from this define a security policy. This leads to security definitions throughout the infrastructure - operating system, database management system, middleware and network.Financial, personal and medical information systems and some areas of government have strict requirements for security and privacy. Inappropriate disclosure of sensitive information to the wrong parties can have severe social, legal and regulatory consequences. Failure to address the basics can result in substantial direct and consequential financial losses - witness the fraud losses through the compromise of several million credit card numbers in merchants’ databases [Occf], plus associated damage to brand-image and loss of consumer confidence.This article discusses some of the main issues in database and web server security, and also considers important architecture and design issues.A Simple ModelAt the simplest level, a web server system consists of front-end software and back-end databases with interface software linking the two. Normally, the front-end software will consist of server software and the network server operating system, and the back-end database will be a relational orobject-oriented database fulfilling a variety of functions, including recording transactions, maintaining accounts and inventory. The interface software typically consists of Common Gateway Interface (CGI) scripts used to receive information from forms on web sites to perform online searches and to update the database.Depending on the infrastructure, middleware may be present; in addition, security management subsystems (with session and user databases) that address the web server’s and related applications’ requirements for authentication, accesscontrol and authorization may be present. Communications between this subsystem and either the web server, middleware or database are via application program interfaces (APIs)..This simple model is depicted in Figure 1.Security can be provided by the following components:• Web server.• Middleware.• Operating system.. Figure 1: A Simple Model.• Database and Database Management System.• Security management subsystem.The security of such a system addressesAspects of authenticity, integrity and confidentiality and is dependent on the security of the individual components and their interactions. Some of the most common vulnerabilities arise from poor configuration, inadequate change control procedures and poor administration. However, even if these areas are properlyaddressed, vulnerabilities still arise. The appropriate combination of people, technology and processes holds the key to providing the required physical and logical security. Attention should additionally be paid to the security aspects of planning, architecture, design and implementation.In the following sections, we consider some of the main security issues associated with databases, database management systems, operating systems and web servers, as well as important architecture and design issues. Our treatment seeks only to outline the main issues and the interested reader should refer to the references for a more detailed description.Database SecurityDatabase management systems normally run on top of an operating system and provide the security associated with a database. Typical operating system security features include memory and file protection, resource access control and user authentication. Memory protection prevents the memory of one program interfering with that of another and limits access and use of the objects employing techniques such as memory segmentation. The operating system also protects access to other objects (such as instructions, input and output devices, files and passwords) by checking access with reference to access control lists. Security mechanisms in common operating systems vary tremendously and, for those that are lacking, there exists special-purpose security software that can be integrated with the existing environment. However, this can be an expensive, time-consuming task and integration difficulties may also adversely impact application behaviors.Most database management systems consist of a number of modules - including database querying and database and file management - along with authorization, concurrent access and database description tables. Thesemanagement systems also use a variety of languages: a data definition language supports the logical definition of the database; developers use a data manipulation language; and a query language is used by non-specialist end-users.Database management systems have many of the same security requirements as operating systems, but there are significant differences since the former are particularly susceptible to the threat of improper disclosure, modification of information and also denial of service. Some of the most important security requirements for database management systems are: • Multi-Level Access Control.• Confidentiality.• Reliability.• Integrity.• Recovery.These requirements, along with security models, are considered in the following sections.Multi-Level Access ControlIn a multi-application and multi-user environment, administrators, auditors, developers, managers and users – collectively called subjects - need access to database objects, such as tables, fields or records. Access control restricts the operations available to a subject with respect to particular objects and is enforced by the database management system. Mandatory access controls require that each controlled object in the database must be labeled with a security level, whereas discretionary access controls may be applied at the choice of a subject.Access control in database management systems is more complicated than in operating systems since, in the latter, all objects are unrelated whereas in a database the converse is true. Databases are also required to make accessdecisions based on a finer degree of subject and object granularity. In multi-level systems, access control can be enforced by the use of views - filtered subsets of the database - containing the precise information that a subject is authorized to see.A general principle of access control is that a subject with high level security should not be able to write to a lower level object, and this poses a problem for database management systems that must read all database objects and write new objects. One solution to this problem is to use a trusted database management system.ConfidentialitySome databases will inevitably contain what is considered confidential data. For example, it could be inherently sensitive or its source may be sensitive, or it may belong to a sensitive table, thus making it difficult to determine what is actually confidential. Disclosure is also difficult to define, as it can be direct, indirect, involve the disclosure of bounds or even mere existence.An inference problem exists in database management systems whereby users can infer sensitive information from relatively insensitive queries. A trivial example is a request for information about the average salary of an employee and the number of employees turns out to be just one, thus revealing the employee’s salary. However, much more sophisticated statistical inference attacks can also be mounted. This highlights the fact that, although the data itself may be properly controlled, confidential information may still leak out.Controls can take several forms: not divulging sensitive information to unauthorized parties (which depends on the respective subject and object security levels), logging what each user knows or masking response data. The first control can be implemented fairly easily, the second quickly becomesunmanageable for a large number of users and the third leads to imprecise responses, and also exemplifies the trade-off between precision and security. Polyinstantiation refers to multiple instances of a data object existing in the database and it can provide a partial solution to the inference problem whereby different data values are supplied, depending on the security level, in response to the same query. However, this makes consistency management more difficult.Another issue that arises is when the security level of an aggregate amount is different to that of its elements (a problem commonly referred to as aggregation). This can be addressed by defining appropriate access control using views.Reliability, Integrity and RecoveryArguably, the most important requirements for databases are to ensure that the database presents consistent information to queries and can recover from any failures. An important aspect of consistency is that transactions execute atomically; that is, they either execute completely or not at all.Concurrency control addresses the problem of allowing simultaneous programs access to a shared database, while avoiding incorrect behavior or interference. It is normally addressed by a scheduler that uses locking techniques to ensure that the transactions are serial sable and independent. A common technique used in commercial products is two-phase locking (or variations thereof) in which the database management system controls when transactions obtain and release their locks according to whether or not transaction processing has been completed. In a first phase, the database management system collects the necessary data for the update: in a second phase, it updates the database. This means that the database can recover from incomplete transactions by repeatingeither of the appropriate phases. This technique can also be used in a distributed database system using a distributed scheduler arrangement.System failures can arise from the operating system and may result in corrupted storage. The main copy of the database is used for recovery from failures and communicates with a cached version that is used as the working version. In association with the logs, this allows the database to recover to a very specific point in the event of a system failure, either by removing the effects of incomplete transactions or applying the effects of completed transactions. Instead of having to recover the entire database after a failure, recovery can be made more efficient by the use of check pointing. It is used during normal operations to write additional updated information - such as logs, before-images of incomplete transactions, after-images of completed transactions - to the main database which reduces the amount of work needed for recovery. Recovery from failures in distributed systems is more complicated, since a single logical action is executed at different physical sites and the prospect of partial failure arises.Logical integrity, at field level and for the entire database, is addressed by the use of monitors to check important items such as input ranges, states and transitions. Error-correcting and error-detecting codes are also used.Security ModelsVarious security models exist that address different aspects of security in operating systems and database management systems. For example, theBell-LaPadula model defines security in terms of mandatory access control and addresses confidentiality only. The Bell LaPadula models, and other models including the Biba model for integrity, are described more fully in [Cast95] and [Pfle89]. These models are implementation-independent and provide a powerfulinsight into the properties of secure systems, lead to design policies and principles, and some form the basis for security evaluation criteria.Web Server SecurityWeb servers are now one of the most common interfaces between users and back-end databases, and as such, their security becomes increasingly important. Exploitation of vulnerabilities in the web server can lead to unforeseen attacks on middleware and backend databases, bypassing any controls that may be in place. In this section, we focus on common web server vulnerabilities and how the authentication requirements of web servers and databases are met.In general, a web server platform should not be shared with other applications and should be the only machine allowed to access the database. Using a firewall can provide additional security - either between the web server and users or between the web server and back-end database - and often the web server is placed on a de-militarized zone (DMZ) of a firewall. While firewalls can be used to block certain incoming connections, they must allow HTTP (and HTTPS) connections through to the web server, and so attacks can still be launched via the ports associated with these connections.VulnerabilitiesVulnerabilities appear on a weekly basis and, here, we prefer to focus on some general issues rather than specific attacks. Common web server vulnerabilities include:• No policy exists.• The default configuration is on.• Reusable passwords appear in clear.• Unnecessary ports available for network services are not disabled.• New security holes are not tracked. Even if they are, well-known vulnerabilities are not always fixed as the source code patches are not applied by system administrator and old programs are not re-compiled or removed.• Security tools are not used to scan the network for weaknesses and changes or to detect intrusions.• Faulty and buggy software - for example, buffer overflow and stack smashingAttacks• Automatic directory listings - this is of particular concern for the interface software directories.• Server root files are generally visible or accessible.• Lack of logs and bac kups.• File access is often not explicitly configured by the system administrator according to the security policy. This applies to configuration, client, administration and log files, administration programs, and CGI program sources and executables. CGI scripts allow dynamic web pages and make program development (in, for example, Perl) easy and rapid. However, their successful exploitation may allow execution of malicious programs, launching ofdenial-of-service attacks and, ultimately, privilege escalation on a server.Web Server and Database AuthenticationWhile user, browser and web server authentication are relatively well understood [Garf97], [Ghos98] and [Tree98], the introduction of additional components, such as databases and middleware, raise a number of authentication issues. There are a variety of options for authentication in a simple model (Figure 1). Firstly, both the web server and database management system can individually authenticate a user. This option requires the user to authenticatetwice which may be unacceptable in certain applications, although a singlesign-on device (which aims to manage authentication in a user-transparent way) may help. Secondly, a common approach is for the database to automatically grant user access based on web server authentication. However, this option should only be used for accessing publicly available information. Finally, the database may grant user access employing the web server authentication credentials as a basis for its own user authentication, using security management subsystems (Figure 1). We consider this last option in more detail.Web-based communications use the stateless HTTP protocol with the implication that state, and hence authentication, is not preserved when browsing successive web pages. Cookies, or files placed on user’s machine by a web server, were developed as a means of addressing this issue and are often used to provide authentication. However, after initial authentication, there is typically no re authentication per page in the same realm, only the use of unencrypted cookies (sometimes in association with IP addresses). This approach provides limited security as both cookies and IP addresses can be tampered with or spoofed.A stronger authentication method, commonly used by commercial implementations, uses digitally signed cookies. This allows additional systems, such as databases, to use digitally signed cookie data, including a session ID, as a basis for authentication. When a user has been authenticated by a web server (using a password, for example), a session ID is assigned and is stored in a security management subsystem database. When a user subsequently requests information from a database, the database receives a copy of the session ID, the security management subsystem checks this session ID against its local copy and, if authentication is successful, user access is granted to the database.The session ID is typically transmitted in the clear between the web server and database, but may be protected by SSL or even by physical security measures. The communications between the browser and web servers, and the web servers and security management subsystem (and its databases), are normally protected by SSL and use a web server security API that is used to digitally sign and verify browser cookies. The communications between the back-end databases and security management subsystem (and its databases) are also normally protected by SSL and use a database security API that verifies session Ids originating from the database and provides additional user authorization credentials. The web server security API is generally proprietary while, for the database security API, many vendors have adopted standards such as the Generic Security Services API (GSS-API) or CORBA [RFC2078] and [Corba].Architecture and DesignSecurity requirements for designing, building and implementing databases are important so that the systems, as part of the overall infrastructure, meet their requirements in actual operation. The various security models provide an important insight into the design requirements for databases and their management systems.Secure Database Management System ArchitecturesIn multi-level database management systems, a variety of architectures are possible: trusted subject, integrity locked, kernels and replicated. Trusted subject is used by most of the leading database management system vendors and can be integrated in existing products. Basically, the trusted subject architecture allows users to access a database via an un trusted front-end, a trusted database management system and trusted operating system. The operating systemprovides physical access to the database and the database management system provides multilevel object protection.The other architectures - integrity locked, kernels and replicated - all vary in detail, but they use a trusted front-end and an un trusted database management system. For details of these architectures and research prototypes, the reader is referred to [Cast95]. Different architectures are suited to different environments: for example, the trusted subject architecture is less integrated with the underlying operating system and is best suited when a trusted path can be assured between applications and the database management system.Secure Database Management System DesignAs discussed above, there are several fundamental differences between operating system and database management system design, including object granularity, multiple data types, data correlations and multi-level transactions. Other differences include the fact that database management systems include both physical and logical objects and that the database lifecycle is normally longer.These differences must be reflected in the design requirements which include:• Access, flow and infer ence controls.• Access granularity and modes.• Dynamic authorization.• Multi-level protection.• Polyinstantiation.• Auditing.• Performance.These requirements should be considered alongside basic information integrity principles, such as:• Well-formed transactions - to ensure that transactions are correct and consistent.• Continuity of operation - to ensure that data can be properly recovered, depending on the extent of a disaster.• Authorization and role management – to ensure that distinct roles are defined and users are authorized.• Authenticated users - to ensure that users are authenticated.• Least privilege - to ensure that users have the minimal privilege necessary to perform their tasks.• Separation of duties - to ensure that no single individual has access to critical data.• Delegation of authority - to ensure that the database management system policies are flexible enough to meet the organization’s requirements.Of course, some of these requirements and principles are not met by the database management system, but by the operating system and also by organizational and procedural measures.Database Design MethodologyVarious approaches to design exist, but most contain the same main stages. The principle aim of a design methodology is to provide a robust, verifiable design process and also to separate policies from how policies are actually implemented. An important requirement during any design process is that different design aspects can be merged and this equally applies to security.A preliminary analysis should be conducted that addresses the system risks, environment, existing products and performance. Requirements should then beanalyzed with respect to the results of a risk assessment. Security policies should be developed that include specification of granularity, privileges and authority.These policies and requirements form the input to the conceptual design that concentrates on subjects, objects and access modes without considering implementation details. Its purpose is to express information and process flows in a complete and consistent way.The logical design takes into account the operating system and database management system that will be used and which of the security requirements can be provided by which mechanisms. The physical design considers the actual physical realization of the logical design and, indeed, may result in a revision of the conceptual and logical phases due to physical constraints.Security AssuranceOnce a product has been developed, its security assurance can be assessed by a number of methods including formal verification, validation, penetration testing and certification. For example, if a database is to be certified as TCSEC Class B1, then it must implement the Bell-LaPadula mandatory access control model in which each controlled object in the database must be labeled with a security level.Most of these methods can be costly and lengthy to perform and are typically specific to particular hardware and software configurations. However, the international Common Criteria certification scheme provides the added benefit of a mutual recognition arrangement, thus avoiding the prospect of multiple certifications in different countries.ConclusionThis article has considered some of the security principles that are associated with databases and how these apply in a web based environment. Ithas also focused on important architecture and design principles. These principles have focused mainly on the prevention, assurance and recovery aspects, but other aspects, such as detection, are equally important in formulating a total information protection strategy. For example, host-based intrusion detection systems as well as a robust and tested set of business recovery procedures should be considered.Any fit-for-purpose, secure e-business infrastructure should address all the above aspects: prevention, assurance, detection and recovery. Certain industries are now starting to specify their own set of global, secure e-business requirements. International card payment associations have recently started to require minimum information security standards from electronic commerce merchants handling credit card data, to help manage fraud losses and associated impacts such as brand-image damage and loss of consumer confidence.网络环境下的数据库安全简介数据库在政府部门和商业机构得到普遍应用已经很多年了。
金融专业外文翻译-----电子银行的风险管理外文翻译原文RISK MANAGEMENT OF E-BANKING ACTIVITIESMaterial Source: University Galati, Economic Science FacultyAuthor: Virlanuta Florina,Moga Liliana,Ioan Viorica1. E-banking risksE-banking is defined as the automated delivery of new and traditional banking products and services directly to customers through electronic, interactive communication channels. E-banking includes the systems that enable financial institution customers, individuals or businesses, to access accounts, transact business, or obtain information on financial products and services through a public or private network,including the Internet or mobile phone. Customers access e-banking services using an intelligent electronic device, such as a personal computer (PC), personal digital assistant (PDA), automated teller machine(ATM), kiosk, or Touch Tone telephone.In Romania, over 23 banks implemented and offer now e-banking services. The continuous development of the supporting technology, information security and e-banking strategy reflects on the increasing number of the e-banking customers. According to Communications and Information Technologies Ministry, the number of e-banking users and the transactions performed in this system, as well as the value of these transactions, registered a spectacular rising,2004 2005 2006 2007YearIndex18.259 44.538 100.799 187.471E-bankingcustomersTransactions1.968.1702.244.0673.546.5494.851.427 number7.911.987.706 11.566.348.720 20.510.170.662 44.830.322.635 Transactionsvalue (euro)Source: Communications and Information Technologies MinistryWhile the risks and controls are similar for the various e-banking access channels, this essay focuses specifically on Internet-based services due to the Internet’s widely accessible public network Accordingly, this project begins with a discussion of the two primary types of Internet websites: informational and transactional. Informational websites provide customers access to general information about the financial institution and its products or services.Risk issues examiners should consider when reviewing informational websites include: Potential access to confidential financial institution or customer information if the website is not properly isolated from the financial institution’s internal network; Potential liability for spreading viruses and other malicious code to computers communicating with the institution’s website; and Negative public perception if the institution’s on-line services are disrupted or if its website is defaced or otherwise presents inappropriate or offensive material.Transactional websites provide customers with the ability to conduct transactions through the financial institution’s website by initiating banking transactions or buying products and services. Banking transactions can range from something as basic as a retail account balance inquiry to a large business-to business funds transfer. E-banking services, like those delivered through other delivery channels, are typically classified based on the type of customer they support. The following table lists some of the common retail and wholesale e-banking services offered by financial institutions.Since transactional websites typically enable the electronic exchange of confidential customer information and the transfer of funds, services provided through these websites expose a financial institution to higher risk than basic informational websites. Wholesale e-banking systems typically expose financial institutions to the highest risk per transaction, since commercial transactions usually involve larger dollar amounts. In addition to the risk issues associated with informational websites, examiners reviewing transactional ebanking services should consider the following issues:—— Security controls for safeguarding customer information;—— Liability for unauthorized transactions;——Possible violations of laws or regulations pertaining to consumer privacy, anti-money laundering, anti-terrorism, or the content, timing, or delivery of required consumer disclosures.2. Transaction riskTransaction risk arises from fraud, processing errors, system disruptions, or other unanticipated events resulting in the institution’s inability to deliver products or services. This risk exists in each product and service offered. The level of transaction risk is affected by the structure of the institution’s processing environment, including the types of services offered and the complexity of the processes and supporting technology.In most instances, e-banking activities will increase the complexity of the institution’s activities and the quantity of its transaction/operations risk, especially if the institution is offering innovative services that have not been standardized. Since customers expect e-banking services to be available 24 hours a day, 7 days a week, financial institutions should ensure their e-banking infrastructures contain sufficient capacity and redundancy to ensure reliable service availability. Even institutions that do not consider e-banking a critical financial service due to the availability of alternate processing channels, should carefully consider customer expectations and the potential impact of service disruptions on customer satisfaction and loyalty.The key to controlling transaction risk lies in adapting effective polices, procedures, and controls to meet the new risk exposures introduced by e-banking. Basic internal controls including segregation of duties, dual controls, and reconcilements remain important. Information security controls, in particular, become more significant requiring additional processes, tools, expertise, and testing. Institutions should determine the appropriate level of security controls based on their assessment of the sensitivity of the information to the customer and to the institution and on the institution’s established risk tolerance level.Generally, a financial institution’s credit risk is not increased by the mere fact that a loan is originated through an e-banking channel. However, management should consider additional precautions when originating and approving loans electronically, including assuring management information systems effectively track the performance of portfolios originated through e-banking channels.Funding and investment-related risks could increase with an institution’s e-banking initiatives depending on the volatility and pricing of the acquired deposits. The Internet provides institutions with the ability to market theirproducts and services globally. Internet-based advertising programs can effectively match yield-focused investors with potentially high-yielding deposits. But Internet-originated deposits have the potential to attract customers who focus exclusively on rates and may provide a funding source with risk characteristics similar to brokered deposits. An institution can control this potential volatility and expanded geographic reach through its deposit contract and account opening practices, which might involve face-to face meetings or the exchange of paper correspondence.Compliance and legal issues arise out of the rapid growth in usage of e-banking and the differences between electronic and paper-based processes. E-banking is a new delivery channel where the laws and rules governing the electronic delivery of certain financial institution products or services may be ambiguous or still evolving. Laws governing consumer transactions require specific types of disclosures, notices, or record keeping requirements. These requirements also apply to e-banking, and banking agencies continue to update consumer laws and regulations to reflect the impact of e-banking and on-line customer relationships.Institutions that offer e-banking services, both informational and transactional, assume a higher level of compliance risk because of the changing nature of the technology, the speed at which errors can be replicated, and the frequency of regulatory changes to address e-banking issues. The potential for violations is further heightened by the need to ensure consistency between paper and electronic advertisements, disclosures, and notices.3. Risk managementE-banking has unique characteristics that may increase an institution’s overall risk profile and the level of risks associated with traditional financial services, particularly strategic, operational, legal, and reputation risks. These unique e-banking characteristics include: Speed of technological change, Increased visibility of publicly accessible networks, Less face-to-face interaction with financial institution customers. Management should review each of the processes discussed in this section to adapt and expand the institution’s risk management practices as necessary to address the risks posed by e-banking activities.Financial institution management should choose the level of e-banking services provided to various customer segments based on customer needs andthe institution’s risk assessment considerations. Institutions should reach this decision through a board-approved, e-banking strategy that considers factors such as customer demand, competition, expertise, implementation expense, maintenance costs, and capital support. Some institutions may choose not to provide e-banking services or to limit e-banking services to an informational website.Financial institutions should periodically re-evaluate this decision to ensure it remains appropriate for the institution’s overall business strategy. Institutions may define success in many ways including growth in market share, expanding customer relationships, expense reduction, or new revenue generation. If the financial institution determines that a transactional website is appropriate, the next decision is the range of products and services to make available electronically to its customers. To deliver those products and services, the financial institution may have more than one website or multiple pages within a website for various business lines.Financial institutions should base any decision to implement e-banking products and services on a thorough analysis of the costs and benefits associated with such action. Some of the reasons institutions offer e-banking services include: Lower operating costs, Increased customer demand for services, and New revenue opportunities.The individuals conducting the cost-benefit analysis should clearly understand the risks associated with ebanking so that cost considerations fully incorporate appropriate risk mitigation controls. Without such expertise, the cost-benefit analysis will most likely underestimate the time and resources needed to properly oversee e-banking activities, particularly the level of technical expertise needed to provide competent oversight of in-house or outsourced activities.Security threats can affect a financial institution through numerous vulnerabilities. No single control or security device can adequately protect a system connected to a public network. Effective information security comes only from establishing layers of various control, monitoring, and testing methods. While the details of any control and the effectiveness of risk mitigation depend on many factors, in general, each financial institution with external connectivity should ensure the following controls exist internally or at their TSP.ConclusionsA financ ial institution’s board and management should understand the risks associated with e-banking services and evaluate the resulting risk management costs against the potential return on investment prior to offering e-banking services. Poor e-banking planning and investment decisions can increase a financial institution’s strategic risk. Early adopters of new e-banking services can establish themselves as innovators who anticipate the needs of their customers, but may do so by incurring higher costs and increased complexity in their operations. Conversely, late adopters may be able to avoid the higher expense and added complexity, but do so at the risk of not meeting customer demand for additional products and services. In managing the strategic risk associated with e-banking services, financial institutions should develop clearly defined e-banking objectives by which the institution can evaluate the success of its ebanking strategy.译文电子银行的风险管理资料来源:加拉茨大学经济科学系作者:Virlanuta Florina,Moga Liliana,Ioan Viorica1风险管理的电子银行业务电子银行定义为将传统银行产品通过电子渠道,并直接向客户提供互动服务的的新的自动交付服务。
互联网金融发展外文翻译文献根据要求,我为您翻译了一份互联网金融发展的外文文献。
以下是翻译的文献内容:标题:互联网金融的发展趋势和影响互联网金融是指利用互联网技术进行金融活动的新型金融形态。
近年来,互联网金融在全球范围内快速发展,并对传统金融产生了深远的影响。
本文对互联网金融的发展趋势和影响进行了探讨。
1. 互联网金融的发展趋势互联网金融的发展趋势主要体现在以下几个方面:1.1 移动支付的普及随着智能手机的普及和移动互联网的发展,移动支付成为互联网金融的主要应用之一。
借助移动支付,人们可以实现方便快捷的线上支付,推动了消费惯的变革。
1.2 大数据的应用互联网金融通过收集和分析大量用户数据,可以为用户提供个性化的金融服务。
大数据的应用不仅提高了金融服务的效率,还为金融机构提供了更多的商机和竞争优势。
1.3 金融科技的创新互联网金融与科技的结合推动了金融科技的创新。
人工智能、区块链、云计算等技术的应用,不仅提高了金融服务的智能化水平,还为新型金融业务的发展创造了条件。
2. 互联网金融的影响互联网金融的发展对传统金融产生了深远的影响,主要表现在以下几个方面:2.1 金融服务的普惠性互联网金融通过降低金融服务的门槛,普惠了更多的人群。
无论地域或社会经济地位如何,人们都可以通过互联网金融获得便捷和个性化的金融服务。
2.2 金融风险的挑战互联网金融的快速发展也带来了金融风险的挑战。
、网络诈骗等问题日益突出,监管机构和金融机构需要加强监管和防范措施。
2.3 金融业态的变革互联网金融改变了传统金融业的业态。
传统金融机构面临互联网金融的竞争压力,不得不进行转型升级,提供更高效、智能的金融服务。
结论互联网金融作为一种新兴金融模式,对金融行业产生了深远的影响。
随着技术的不断发展和应用的推广,互联网金融的发展趋势将进一步提升金融服务的效率和普惠性。
然而,互联网金融也带来了新的风险和挑战,需要各方共同努力,加强监管和创新,推动互联网金融的健康发展。
互联网银行风险管理外文及翻译1. Introduction本文目的是探讨互联网银行风险管理的外文资料,并提供翻译。
以下是一些与互联网银行风险管理相关的文献,供参考。
2. 外文文献1Author: John SmithYear: 20152.1 翻译:标题:互联网银行风险管理:综述作者:约翰·史密斯年份:2015年摘要:本文全面回顾了互联网银行风险管理的实践。
涉及的风险类型包括网络安全风险、欺诈风险和运营风险。
文章讨论了在互联网银行环境中管理这些风险的不同策略和最佳实践。
3. 外文文献2Title: Risk Assessment and Mitigation Techniques for Internet Banking SystemsAuthor: Jane DoeYear: 2018Summary: This paper focuses on the assessment and mitigation of risks in internet banking systems. It presents a framework for identifying and evaluating risks specific to internet banking and suggests various techniques for mitigating these risks. The paper also discusses the importance of continuous monitoring and updating of risk management strategies.3.1 翻译:标题:互联网银行系统的风险评估与缓解技术作者:简·多伊年份:2018年摘要:本文侧重于互联网银行系统中风险的评估和缓解。
它提出了一个针对互联网银行特定风险的识别和评估框架,并提出了各种缓解这些风险的技术。
中英文对照外文翻译文献(文档含英文原文和中文翻译)互联网金融对传统金融的影响摘要网络的发展,深刻地改变甚至颠覆了许多传统行业,金融业也不例外。
近年来,金融业成为继商业分销、传媒之后受互联网影响最为深远的领域,许多基于互联网的金融服务模式应运而生,并对传统金融业产生了深刻的影响和巨大的冲击。
“互联网金融”成为社会各界关注的焦点。
互联网金融低成本、高效率、关注用户体验,这些特点使其能够充分满足传统金融“长尾市场”的特殊需求,灵活提供更为便捷、高效的金融服务和多样化的金融产品,大大拓展了金融服务的广度和深度,缩短了人们在时空上的距离,建立了一种全新的金融生态环境;可以有效整合、利用零散的时间、信息、资金等碎片资源,积少成多,形成规模效益,成为各类金融服务机构新的利润增长点。
此外,随着互联网金融的不断渗透和融合,将给传统金融行业带来新的挑战和机遇。
互联网金融可以促进传统银行业的转型,弥补传统银行在资金处理效率、信息整合等方面的不足;为证券、保险、基金、理财产品的销售与推广提供新渠道。
对于很多中小企业来说,互联网金融拓展了它们的融资渠道,大大降低了融资门槛,提高了资金的使用效率。
但是,互联网金融的跨行业性决定了它的风险因素更为复杂、敏感、多变,因此要处理好创新发展与市场监管、行业自律的关系。
关键词:互联网金融;商业银行;影响;监管1 引言互联网技术的不断发展,云计算、大数据、社交网络等越来越多的互联网应用为传统行业的业务发展提供了有力支持,互联网对传统行业的渗透程度不断加深。
20世纪末,微软总裁比尔盖茨就曾断言,“传统商业银行会成为新世纪的恐龙”。
如今,随着互联网电子信息技术的发展,我们真切地感受到了这种趋势,移动支付、电子银行早已在我们的日常生活中占据了重要地位。
由于互联网金融的概念几乎完全来自于商业实践,因此目前的研究多集中在探讨互联网金融的具体模式上,而对传统金融行业的影响力分析和应对措施则缺乏系统性研究。
互联网时代银行的电子风险管理随着互联网的快速发展,银行业也在不断向电子化发展,传统的柜台业务也在逐渐被网上银行和手机银行所取代。
而随之而来的,就是电子风险管理的重要性日益凸显。
在互联网时代,银行的电子风险管理不仅关乎银行自身的利益和声誉,更直接关乎客户的资金安全和个人信息保护。
银行在互联网时代面临着更加严峻的电子风险挑战,必须加强风险管理,保障客户的资金和信息安全。
互联网时代银行的电子风险主要表现在网络安全风险、交易风险、信用风险和操作风险等方面。
在网络安全风险方面,银行需要面对的是网络攻击、数据泄露、网络钓鱼等安全威胁。
在交易风险方面,电子支付、网络转账等电子交易方式的风险也需要得到有效的管理和控制。
而在信用风险方面,客户的信用信息泄露以及信用卡被盗刷等问题也需要引起银行的高度重视。
操作风险也来自于银行工作人员的疏忽大意或者内部控制不力所引起的误操作、错误交易等问题。
银行必须采取一系列的措施,从技术、制度和管理上加强电子风险管理,确保银行的正常运营和客户的利益不受损失。
银行需要加强网络安全技术投入,提高网络安全防护能力。
互联网时代的银行业务已经逐渐从传统的柜台业务向网络银行和手机银行转移,银行必须投入更多的资金和技术力量,提高网络安全防护能力。
银行可以通过建立完善的网络安全系统和监控系统,加强对数据的加密和防护,检测和阻止网络攻击,保护客户的资金和信息安全。
银行还可以通过引入生物识别技术、人脸识别技术等先进技术手段,加强对客户身份的识别和验证,提高交易的安全性和可信度。
银行需要建立健全的风险管理制度和流程,加强对电子交易的监管和控制。
银行可以通过建立专门的风险管理部门,建立风险管理流程和制度,对电子交易进行全程监控和管理。
银行可以通过建立风险评估模型,对不同类型的电子交易进行风险评估和控制,设立风险预警机制,及时发现和应对潜在的风险。
银行还可以通过加强对员工的教育培训,提高员工的风险意识和风险管理能力,加强内部风险控制和管理。
P2P金融风险管控中英文对照外文翻译文献P2P金融风险管控中英文对照外文翻译文献(文档含英文原文和中文翻译)译文:P2P 金融下的中小企业融资摘要中小企业融资难是世界性难题。
文章介绍了互联网金融的概念,重点概括了 P2P 金融在科技和金融创新融合方面的发展,综合了现在学术界对 P2P 金融研究的五大方向方面的各种观点和见解。
指出了当前 P2P 金融发展的突出问题风险控制,并对互联网金融的大趋势进行了分析。
关键词: P2P金融; 金融创新; 风险管控1引言从企业发展的历史看,大型企业都来源于中小企业。
中小企业是国民经济中最具活力的部分,往往走在技术发展的最前端,在高科技产业、清洁能源、绿色经济等方面都有很好的业绩,在经济转型中发挥着巨大作用。
中小企业融资难是世界性难题。
这些中小企业融资环境和渠道狭窄,有 60% 以上无法获得银行贷款。
目前,科技型企业又有轻资产的特点,融资困境,成为困扰可持续发展的巨大瓶颈。
2 互联网金融的概念近两年来,互联网金融呈现井喷式发展, 2014 年以来,互联网金融板块表现强势。
当前经济领域存在两个特别矛盾的现象,一是中小企业在企业总数中占比很大,但普遍存在融资难的问题; 二是民间闲散资金多,但除了股市和房市,往别的领域投资很难。
而以互联网、大数据、云计算为基础和高度契合市场引领的互联网金融的发展,对于解决这两个难题,更好地为实体经济,尤其是中小企业发展创造良好的金融环境,也为中国在国际竞争当中实现弯道超车起到重要作用。
互联网金融除了掌握客户端外,还便于做好上游资本供给方、下游资本使用方点与点的整合,结合互联网的其中特质( P2P) 及金融的本质( 资本) 。
依托互联网金融的发展,金融供给能力得以提高,包容性得以增强,可以动员更多的金融资源,覆盖面更广,覆盖度更多,满足更分散、更多元化的需求。
互联网金融最狭隘的概念就是 P2P( Peer-to-Peer Lend-ing) 金融平台,P2P 模式的核心是: 在这个具有资质的网站平台上,借款人发出借贷信息,并提供借贷项目的具体情况、借款人的相关诚信及经济实力等有关信息; 投资人根据平台上提供的信息,进行决策,最后做出向借款人发放贷款的决定。
电子银行风险管理互联网金融外文文献翻译2013年3000多字E-banking has brought about a new set of risks for financial XXX risks include fraud。
processing errors。
system ns。
and other unforeseen events that can result in the XXX products or services。
It is XXX of the n to the customer and the n。
and to XXX.2.Risk management in e-bankingEffective risk management in e-XXX and analyzing potential risks。
XXX risks。
XXX.3.Security measures in e-bankingns should XXX controls。
n。
firewalls。
XXX systems。
and regular security testing and assessments.4.XXXXXX measures。
XXX passwords。
avoiding phishing scams。
XXX.5.nOverall。
effective risk management is essential for financial XXX。
ns XXX.XXX access accounts。
conduct ns。
and obtain n on financial products and services via public or private orks。
including the。
and mobile phones。
Customers can use us electronic devices。
互联网金融外文翻译随着信息技术的飞速发展,互联网金融已成为当今金融领域的热门话题。
互联网金融是指利用互联网技术和信息通信技术实现资金融通、支付、投资和信息中介服务的新型金融业务模式。
它不仅改变了传统金融的运作方式,也为金融服务带来了更高的效率和更广泛的覆盖范围。
在国际上,对于互联网金融的研究和实践也在不断深入。
许多国外学者和机构从不同的角度对互联网金融进行了探讨和分析。
例如,有学者认为互联网金融降低了金融交易成本,提高了金融市场的透明度和竞争程度。
通过互联网平台,金融机构能够更有效地收集和处理信息,减少信息不对称,从而降低风险和成本。
另外,一些研究指出互联网金融拓宽了金融服务的渠道和受众。
传统金融服务往往受到地域、时间和成本等因素的限制,而互联网金融能够打破这些限制,为更多的个人和企业提供便捷的金融服务。
无论是在偏远地区还是在发展中国家,人们都可以通过互联网获得金融支持,促进了金融的普惠性。
在外文文献中,对于互联网金融的风险控制也是一个重要的研究方向。
由于互联网金融的虚拟性和开放性,其面临着诸如网络安全风险、信用风险和法律风险等多种挑战。
因此,如何建立有效的风险管理体系,保障金融交易的安全和稳定,成为了互联网金融发展中的关键问题。
在翻译互联网金融相关的外文文献时,需要注意一些关键的术语和概念。
例如,“Fintech”(金融科技)、“PeertoPeer Lending”(P2P 借贷)、“Online Payment”(在线支付)、“Digital Currency”(数字货币)等。
准确理解和翻译这些术语对于传达原文的意思至关重要。
同时,由于不同语言的语法和表达习惯存在差异,在翻译过程中还需要灵活调整句子结构和语序,以确保译文通顺自然。
例如,英文中常常使用被动语态和长句,而在中文中则更倾向于使用主动语态和短句。
因此,在翻译时需要进行适当的转换,使译文更符合中文的表达习惯。
此外,对于一些涉及到特定文化背景和行业惯例的内容,翻译时需要进行必要的注释和解释,以便读者更好地理解。
互联网金融作文英文翻译英文:Internet finance, also known as fintech, has revolutionized the way we manage our finances. With therise of online banking, peer-to-peer lending, and mobile payment platforms, the traditional banking industry hasbeen forced to adapt to the changing landscape. Personally, I have found internet finance to be incredibly convenient and efficient. For example, I no longer have to wait inlong lines at the bank to deposit a check or transfer money. Instead, I can simply use my banking app to complete these tasks in a matter of minutes. This level of convenience has made managing my finances much easier and less time-consuming.In addition to convenience, internet finance alsooffers a wide range of investment opportunities. Through online investment platforms, I have been able to diversify my portfolio and explore new investment options that werepreviously inaccessible to me. For instance, I have invested in peer-to-peer lending, which has provided me with higher returns compared to traditional savings accounts. Furthermore, the transparency and accessibility of online investment platforms have allowed me to make more informed decisions about where to allocate my funds.However, it's important to acknowledge that internet finance also comes with its own set of risks. For example, the lack of physical presence and face-to-face interaction with financial institutions can make it easier for scams and fraud to occur. Therefore, it's crucial to conduct thorough research and due diligence before engaging in any financial transactions online. Additionally, the rapid advancement of technology in the fintech industry meansthat regulations and security measures must constantly evolve to keep up with potential threats.Overall, I believe that internet finance has significantly improved the way we manage our finances. The convenience and accessibility it offers have made it easier for individuals to take control of their financial futures.However, it's important to remain vigilant and informed about the potential risks associated with internet finance.中文:互联网金融,也被称为金融科技,已经彻底改变了我们管理财务的方式。
互联网金融外文翻译在当今数字化的时代,互联网金融已成为全球经济领域中一个至关重要的部分。
互联网金融,简单来说,就是利用互联网技术和信息通信技术实现资金融通、支付、投资和信息中介服务的新型金融业务模式。
对于这一领域的研究和理解,外文文献的翻译工作具有不可忽视的重要性。
互联网金融的发展势头迅猛,其影响范围涵盖了全球各个角落。
从个人的日常消费支付到企业的大规模融资,互联网金融都发挥着越来越重要的作用。
在这个背景下,外文文献中蕴含着丰富的前沿理论、实践经验和创新思路,对于我们深入了解和推动国内互联网金融的发展具有极大的参考价值。
然而,互联网金融领域的外文翻译并非易事。
首先,互联网金融本身是一个融合了金融、技术和法律等多学科知识的复杂领域。
相关的专业术语繁多,而且在不同的国家和地区可能存在着不同的表述和定义。
例如,“FinTech”(金融科技)这个词在不同的语境中可能有不同的侧重点和含义。
在翻译时,需要译者对这些术语有准确的理解和把握,以确保翻译的准确性和专业性。
其次,互联网金融领域的发展日新月异,新的概念和技术不断涌现。
这就要求译者能够紧跟时代的步伐,及时了解和掌握最新的行业动态,以便在翻译中能够准确传达原文的意思。
比如,“Blockchain”(区块链)技术在近几年的快速发展,相关的外文文献不断更新,译者需要不断学习和更新自己的知识储备,才能做好翻译工作。
另外,由于不同语言的语法结构和表达方式存在差异,在翻译过程中需要灵活处理,以保证译文的通顺和流畅。
例如,英语中的长句和复杂句较多,在翻译成中文时需要进行适当的拆分和重组,使译文更符合中文的表达习惯。
为了做好互联网金融外文翻译工作,译者需要具备扎实的语言功底和丰富的专业知识。
一方面,译者要熟练掌握源语言和目标语言的语法、词汇和文化背景,能够准确理解原文的意思,并用地道的目标语言进行表达。
另一方面,译者还需要深入了解互联网金融的相关知识,包括金融理论、信息技术、法律法规等,以便在翻译中能够正确处理专业术语和复杂的概念。
互联网金融商业银行中英文对照外文翻译文献(文档含英文原文和中文翻译)原文:Internet Finance's Impact on Traditional FinanceAbstractAs the advances in modern information and Internet technology, especially the develop of cloud computing, big data, mobile Internet, search engines and social networks, profoundly change, even subvert many traditional industries, and the financial industry is no exception. In recent years, financial industry has become the most far-reaching area influenced by Internet, after commercial distribution and the media. Many Internet-based financial service models have emerged, and have had a profound and huge impact on traditional financial industries. "Internet-Finance" has win the focus of public attention.Internet-Finance is low cost, high efficiency, and pays more attention to the user experience, and these features enable it to fully meet the special needs of traditional "long tail financial market", to flexibly provide more convenient and efficient financial services and diversified financial products, to greatly expand the scope anddepth of financial services, to shorten the distance between people space and time, and to establish a new financial environment, which effectively integrate and take use of fragmented time, information, capital and other scattered resources, then add up to form a scale, and grow a new profit point for various financial institutions. Moreover, with the continuous penetration and integration in traditional financial field, Internet-Finance will bring new challenges, but also opportunities to the traditional. It contribute to the transformation of the traditional commercial banks, compensate for the lack of efficiency in funding process and information integration, and provide new distribution channels for securities, insurance, funds and other financial products. For many SMEs, Internet-Finance extend their financing channels, reduce their financing threshold, and improve their efficiency in using funds. However, the cross-industry nature of the Internet Finance determines its risk factors are more complex, sensitive and varied, and therefore we must properly handle the relationship between innovative development and market regulation, industry self-regulation.Key Words:Internet Finance; Commercial Banks; Effects; Regulatory1 IntroductionThe continuous development of Internet technology, cloud computing, big data, a growing number of Internet applications such as social networks for the business development of traditional industry provides a strong support, the level of penetration of the Internet on the traditional industry. The end of the 20th century, Microsoft chairman Bill Gates, who declared, "the traditional commercial bank will become the new century dinosaur". Nowadays, with the development of the Internet electronic information technology, we really felt this trend, mobile payment, electronic bank already occupies the important position in our daily life.Due to the concept of the Internet financial almost entirely from the business practices, therefore the present study focused on the discussion. Internet financial specific mode, and the influence of traditional financial industry analysis and counter measures are lack of systemic research. Internet has always been a key battleground in risk investment, and financial industry is the thinking mode of innovative experimental various business models emerge in endlessly, so it is difficult to use afixed set of thinking to classification and definition. The mutual penetration and integration of Internet and financial, is a reflection of technical development and market rules requirements, is an irreversible trend. The Internet bring traditional financial is not only a low cost and high efficiency, more is a kind of innovative thinking mode and unremitting pursuit of the user experience. The traditional financial industry to actively respond to. Internet financial, for such a vast blue ocean enough to change the world, it is very worthy of attention to straighten out its development, from the existing business model to its development prospects."Internet financial" belongs to the latest formats form, discusses the Internet financial research of literature, but the lack of systemic and more practical. So this article according to the characteristics of the Internet industry practical stronger, the several business models on the market for summary analysis, and the traditional financial industry how to actively respond to the Internet wave of financial analysis and Suggestions are given, with strong practical significance.2 Internet financial backgroundInternet financial platform based on Internet resources, on the basis of the big data and cloud computing new financial model. Internet finance with the help of the Internet technology, mobile communication technology to realize financing, payment and information intermediary business, is a traditional industry and modern information technology represented by the Internet, mobile payment, cloud computing, data mining, search engines and social networks, etc.) Produced by the combination of emerging field. Whether financial or the Internet, the Internet is just the difference on the strategic, there is no strict definition of distinction. As the financial and the mutual penetration and integration of the Internet, the Internet financial can refer all through the Internet technology to realize the financing behavior. Internet financial is the Internet and the traditional financial product of mutual infiltration and fusion, the new financial model has a profound background. The emergence of the Internet financial is a craving for cost reduction is the result of the financial subject, is also inseparable from the rapid development of modern information technology to provide technical support.2.1 Demands factorsTraditional financial markets there are serious information asymmetry, greatly improve the transaction risk. Exhibition gradually changed people's spending habits, more and more high to the requirement of service efficiency and experience; In addition, rising operating costs, to stimulate the financial main body's thirst for financial innovation and reform; This pulled by demand factors, become the Internet financial produce powerful inner driving force.2.2 Supply driving factorData mining, cloud computing and Internet search engines, such as the development of technology, financial and institutional technology platform. Innovation, enterprise profit-driven mixed management, etc., for the transformation of traditional industry and Internet companies offered financial sector penetration may, for the birth and development of the Internet financial external technical support, become a kind of externalization of constitution. In the Internet "openness, equality, cooperation, share" platform, third-party financing and payment, online investment finance, credit evaluation model, not only makes the traditional pattern of financial markets will be great changes have taken place, and modern information technology is more easily to serve various financial entities. For the traditional financial institutions, especially in the banking, securities and insurance institutions, more opportunities than the crisis, development is better than a challenge.3 Internet financial constitute the main body3.1 Capital providersBetween Internet financial comprehensive, its capital providers include not only the traditional financial institutions, including penetrating into the Internet. In terms of the current market structure, the traditional financial sector mainly include commercial Banks, securities, insurance, fund and small loan companies, mainly includes the part of the Internet companies and emerging subject, such as the amazon, and some channels on Internet for the company. These companies is not only the providers of capital market, but also too many traditional so-called "low net worth clients" suppliers of funds into the market. In operation form, the former mainlythrough the Internet, to the traditional business externalization, the latter mainly through Internet channels to penetrate business, both externalization and penetration, both through the Internet channel to achieve the financial business innovation and reform.3.2 Capital demandersInternet financial mode of capital demanders although there is no breakthrough in the traditional government, enterprise and individual, but on the benefit has greatly changed. In the rise and development of the Internet financial, especially Internet companies to enter the threshold of made in the traditional financial institutions, relatively weak groups and individual demanders, have a more convenient and efficient access to capital. As a result, the Internet brought about by the universality and inclusive financial better than the previous traditional financial pattern.3.3 IntermediariesInternet financial rely on efficient and convenient information technology, greatly reduces the financial markets is the wrong information. Docking directly through Internet, according to both parties, transaction cost is greatly reduced, so the Internet finance main body for the dependence of the intermediary institutions decreased significantly, but does not mean that the Internet financial markets, there is no intermediary institutions. In terms of the development of the Internet financial situation at present stage, the third-party payment platform plays an intermediary role in this field, not only ACTS as a financial settlement platform, but also to the capital supply and demand of the integration of upstream and downstream link multi-faceted, in meet the funds to pay at the same time, have the effect of capital allocation. Especially in the field of electronic commerce, this function is more obvious.3.4 Large financial dataBig financial data collection refers to the vast amounts of unstructured data, through the study of the depth of its mining and real-time analysis, grasp the customer's trading information, consumption habits and consumption information, and predict customer behavior and make the relevant financial institutions in the product design, precise marketing and greatly improve the efficiency of risk management, etc.Financial services platform based on the large data mainly refers to with vast trading data of the electronic commerce enterprise's financial services. The key to the big data from a large number of chaotic ability to rapidly gaining valuable information in the data, or from big data assets liquidation ability quickly. Big data information processing, therefore, often together with cloud computing.4 Global economic issuesFOR much of the past year the fast-growing economies of the emerging world watched the Western financial hurricane from afar. Their own banks held few of the mortgage-based assets that undid the rich world’s financial firms. Commodity exporters were thriving, thanks to high prices f or raw materials. China’s economic juggernaut powered on. And, from Budapest to Brasília, an abundance of credit fuelled domestic demand. Even as talk mounted of the rich world suffering its worst financial collapse since the Depression, emerging economies seemed a long way from the centre of the storm.No longer. As foreign capital has fled and confidence evaporated, the emerging world’s stockmarkets have plunged (in some cases losing half their value) and currencies tumbled. The seizure in the credit market caused havoc, as foreign banks abruptly stopped lending and stepped back from even the most basic banking services, including trade credits.Like their rich-world counterparts, governments are battling to limit the damage (see article). That is easiest for those with large foreign-exchange reserves. Russia is spending $220 billion to shore up its financial services industry. South Korea has guaranteed $100 billion of its banks’ debt. Less well-endowed countries are asking for help.Hungary has secured a EURO5 billion ($6.6 billion) lifeline from the European Central Bank and is negotiating a loan from the IMF, as is Ukraine. Close to a dozen countries are talking to the fund about financial help.Those with long-standing problems are being driven to desperatemeasures. Argentina is nationalising its private pension funds, seemingly to stave off default (see article). But even stalwarts are looking weaker. Figures released this week showed that China’s growth slowed to 9% in the year to the third quarter-still a rapid pace but a lot slower than the double-digit rates of recent years.The various emerging economies are in different states of readiness, but the cumulative impact of all this will be enormous. Most obviously, how these countries fare will determine whether the world economy faces a mild recession or something nastier. Emerging economies accounted for around three-quarters of global growth over the past 18 months. But their economic fate will also have political consequences.In many places-eastern Europe is one example (see article)-financial turmoil is hitting weak governments. But even strong regimes could suffer. Some experts think that China needs growth of 7% a year to contain social unrest. More generally, the coming strife will shape the debate about the integration of the world economy. Unlike many previous emerging-market crises, today’s mess spread from the rich world, largely thanks to increasingly integrated capital markets. If emerging economies collapse-either into a currency crisis or a sharp recession-there will be yet more questioning of the wisdom of globalised finance.Fortunately, the picture is not universally dire. All emerging economies will slow. Some will surely face deep recessions. But many are facing the present danger in stronger shape than ever before, armed with large reserves, flexible currencies and strong budgets. Good policy-both at home and in the rich world-can yet avoid a catastrophe.One reason for hope is that the direct economic fallout from the rich world’s disaster is manageable. Falling demand in America and Europe hurts exports, particularly in Asia and Mexico. Commodity prices have fallen: oil is down nearly 60% from its peak and many crops and metalshave done worse. That has a mixed effect. Although it hurts commodity-exporters from Russia to South America, it helps commodity importers in Asia and reduces inflation fears everywhere. Countries like Venezuela that have been run badly are vulnerable (see article), but given the scale of the past boom, the commodity bust so far seems unlikely to cause widespread crises.The more dangerous shock is financial. Wealth is being squeezed as asset prices decline. China’s house prices, for instance, have started falling (see article). This will dampen domestic confidence, even though consumers are much less indebted than they are in the rich world. Elsewhere, the sudden dearth of foreign-bank lending and the flight of hedge funds and other investors from bond markets has slammed the brakes on credit growth. And just as booming credit once underpinned strong domestic spending, so tighter credit will mean slower growth.Again, the impact will differ by country. Thanks to huge current-account surpluses in China and the oil-exporters in the Gulf, emerging economies as a group still send capital to the rich world. But over 80 have deficits of more than 5% of GDP. Most of these are poor countries that live off foreign aid; but some larger ones rely on private capital. For the likes of Turkey and South Africa a sudden slowing in foreign financing would force a dramatic adjustment. A particular worry is eastern Europe, where many countries have double-digit deficits. In addition, even some countries with surpluses, such as Russia, have banks that have grown accustomed to easy foreign lending because of the integration of global finance. The rich world’s bank bail-outs may limit the squeeze, but the flow of capital to the emerging world will slow. The Institute of International Finance, a bankers’ group, expects a 30% decline in net flows of private capital from last year.This credit crunch will be grim, but most emerging markets can avoidcatastrophe. The biggest ones are in relatively good shape. The more vulnerable ones can (and should) be helped.Among the giants, China is in a league of its own, with a $2 trillion arsenal of reserves, a current-account surplus, little connection to foreign banks and a budget surplus that offers lots of room to boost spending. Since the country’s leaders have made clear that they will do whate ver it takes to cushion growth, China’s economy is likely to slow-perhaps to 8%-but not collapse. Although that is not enough to save the world economy, such growth in China would put a floor under commodity prices and help other countries in the emerging world.The other large economies will be harder hit, but should be able to weather the storm. India has a big budget deficit and many Brazilian firms have a large foreign-currency exposure. But Brazil’s economy is diversified and both countries have plenty of reserves to smooth the shift to slower growth. With $550 billion of reserves, Russia ought to be able to stop a run on the rouble. In the short-term at least, the most vulnerable countries are all smaller ones.There will be pain as tighter credit forces adjustments. But sensible, speedy international assistance would make a big difference. Several emerging countries have asked America’s Federal Reserve for liquidity support; some hope that China will bail them out. A better route is surely the IMF, which has huge expertise and some $250 billion to lend. Sadly, borrowing from the fund carries a stigma. That needs to change. The IMF should develop quicker, more flexible financial instruments and minimise the conditions it attaches to loans. Over the past month deft policymaking saw off calamity in the rich world. Now it is time for something similar in the emerging world.5 ConclusionsInternet financial model can produce not only huge social benefit, lowertransaction costs, provide higher than the existing direct and indirect financing efficiency of the allocation of resources, to provide power for economic development, will also be able to use the Internet and its related software technology played down the traditional finance specialized division of labor, makes the financial participants more mass popularization, risk pricing term matching complex transactions, tend to be simple. Because of the Internet financial involved in the field are mainly concentrated in the field of traditional financial institutions to the current development is not thorough, namely traditional financial "long tail" market, can complement with the original traditional financial business situation, so in the short term the Internet finance from the Angle of the size of the market will not make a big impact to the traditional financial institutions, but the Internet financial business model, innovative ideas, and its apparent high efficiency for the traditional financial institutions brought greater impact on the concept, also led to the traditional financial institutions to further accelerate the mutual penetration and integration with the Internet.译文:互联网金融对传统金融的影响作者:罗萨米;拉夫雷特摘要网络的发展,深刻地改变甚至颠覆了许多传统行业,金融业也不例外。
互联网金融外文翻译Internet Finance: The New Paradigm of Financial Services The internet has revolutionized the way we live, work, and transact. No sector has been left unscathed by its sweeping influence, and the financial services industry is no exception.互联网金融,便是这一场革新的见证者和参与者。
互联网金融,以其独特的优势和不断创新的产品,正逐渐改变着金融服务的传统模式,引领着新的金融趋势。
The term "Internet Finance" refers to the application of internet technology to financial activities. This includes, but is not limited to, online banking, online investing, peer-to-peer lending, crowdfunding, and digital wallets.这些互联网技术使得金融服务变得更加便捷、高效,同时也拓宽了金融服务的覆盖面,使得更多的人能够享受到金融服务。
One of the key advantages of Internet Finance is its accessibility. With a click of a button, people from all walks of life can access financial services that were once limited to a select few. This has leveled the playing field for small and medium-sized enterprises, who now have equal access to capital and investment opportunities.这一优势尤其对中小企业来说意义重大,它们现在有了平等的融资和投资机会,不再受限于过去的种种限制。
网络金融风险防范外文翻译文献(文档含英文原文和中文翻译)原文:How to guard against financial risks networkFirst, the definition of network financeNetwork Finance is a computer network for the technical support of the financial activities and related activities in general, is a network of information technology and product of the combination of modern finance, but it is not a simple combination of the two, but a financial industry and even all industries An operating mechanism, is the future of enterprise system development. Narrowly understood, refers to the financial network of financial service providers based on the host to the Internet or communications network for the media, through the financial data and business processes embedded software platform, user interface terminal mode of operation of the new financial ; from a broad understanding of the concept of network finance their mode of operation also includes matching network of financial institutions, networks and related financial markets, regulatory and other external environment. Including: e-money, online banking, online payment, network security and network insurance.Second, the network of financial riskNetwork mainly engaged in the financial settlement of electronic money and electronic virtual financial services, in addition to traditional financial activities which exist in the process of credit risk, liquidity risk, interest raterisk, currency risk and market risk, from a technical, business and legal perspective, There are the following specific risks:1. Technology risk(1) hacker attacks. The operation of the network must rely on financial transactions, computer and Internet, all transactions are stored in the computer, the transmission of online information is easy to become a large network of "hacker" attack. In addition, Web access is a form of Internet service, is also a network of financial institutions trading and services platform, but it depends on TCP / IP protocol, there are many security vulnerabilities. This gives hackers broke into financial institutions through the network to create the conditions for the system. Hackers only need to use loopholes in the system itself, "only need to modify a few settings " you can allow financial institutions to a standstill.(2) technology selection risk. To carry out financial business networks, they must choose a proven technology solutions to support. Once there is choice, there will be a result of selection for the same mistakes which led to the risk. One possibility is to choose the technology system and client terminal software compatibility due to poor speed of information transmission interruption or reduction, another risk is that of technical alternatives have been eliminated, resulting in relatively backward technology, the network out of date, leading to enormous technical and Lossof business opportunities. Financial terms of the network, technology choice may lose all of the market failure, or even lose the basis for survival.2. Business risks.(1) operational risk. Operational risk from the system reliability, stability and security caused major defects in the possibility of potential loss may come from the negligence of online financial customers, may also come from the financial security system network and its products, design flaws and operational errors . Operational risk relates primarily to authorize the use of online financial accounts, the network of financial risk management systems, networks, financial institutions and the exchange of information among customers, true and false recognition of electronic money.(2) the risk of market signals. Market risk is due to signal asymmetric information network of financial institutions led to the face of adverse selection and moral hazard arising from business risks. Such as Internet banking customers can not identify the risk level of the Internet at a disadvantage, online customers may use their hidden information and action to make the network to their advantage at the expense of the interests of the decision-making banks and leaving because of adverse public comment on Internet Banking Risk of losing customers and sources of funding risks.(3) credit risk. Reputation risk is the network of financial institutions can not create good customer relations, can not establish their own good reputation, and thus can not engage in financial business. Once the virtualnetwork of financial institutions to provide financial services can not achieve the expected level of the public, or adverse reactions in the community, or network security system of financial institutions have been destroyed to forma network of financial credit risk.3. Legal risks. The legal risks of financial networks, mainly from two aspects: First, violation of relevant laws, regulations and system requirements, and online transactions failed to comply with the provisions of the relevant rights and obligations. These laws and regulations, including consumer protection laws, financial disclosure system, privacy protection, intellectual property protection law and currency system. Second, the lack of network financial law. China Internet Finance still in its infancy, is still quite a lack of appropriate laws and regulations. Therefore, using the Internet to provide or receive financial services, signed an economic contract rights and obligations in the face considerable legal risk, vulnerable to undue disputes, not only increase the cost of online financial transactions, and even affect the Development of the financial health of the network.Third, improve the network to prevent and control financial risks Point of the network of financial risks, involving a wide range of interests, it is necessary to perfect legal environment, strengthening access management, a sound regulatory system, adjust the regulatory strategy and other aspects, a multi-pronged, comprehensive treatment.1. Improve the legal system.(1) legislative efforts to increase the network of financial, clear the network of financial rights and obligations of relevant subjects.(2) to develop rules of fair trade network. In the identification and validation of digital signatures, transactions preservation of evidence, the transaction and both parties share responsibility for the protection of personal information of consumers to make detailed provisions to ensure transaction security, digital evidence when disputes arise and transactions in a real and effective personal Privacy.2. Enhanced market access management.(1) The status of the technology infrastructure as one of the conditions of market access. Financial services applications for operating the network of financial institutions not only a considerable scale of network equipment, but also need to have confirmed the legality of trading partners, to prevent tampering with trading information and prevent information leakage and other aspects of key technologies.(2) to develop rigorous internal control system. Publicity for the network of financial services, information disclosure, and system design have institutional arrangements, the establishment of a network of financial institutions or a new business, the must have sound risk identification, identification, management, risk cover and disposal programs.(3) to develop and improve the types of transactions operating procedures. Applications to open accounts for customers, customerauthorization statement, the general development of trading procedures, rules to prevent illegal trading and online financial transaction system against criminal activities.(4) the implementation of the network type of financial business management. Development of classification standards, banking and financial services capabilities and the ability to credit rating, thus a variety of services on the network to carry out the financial restrictions and permits.3. Improve the regulatory system.(1) improve the network of financial risk monitoring systems. The establishment of "national (network) Financial Risk Management Committee."(2) to strengthen collaborative supervision. "Committee" of the member units and other relevant regulatory authorities to share information resources among each other and opening up their own information database, and regularly informed of their supervision, promote joint supervision, supervision of financial risks to improve network accuracy and timeliness.(3) to strengthen international cooperation in financial supervision network. Meanwhile, the network with international cooperation in financial supervision to strengthen the network of bank borrowing way illegal tax evasion, money laundering and other acts, the way the use of Internet banking transnational smuggling, illegal arms trafficking activities such as arms and drug trafficking, illegal attack on the use of Internet banking othersites internet bank hackers, and other international criminal activities a full range of monitoring, the formation of the network can effectively protect the financial health of the global network operations and is responsible for the supervision of the financial system.4. Adjust the control strategy.(1) and improve the modernization level of financial supervision network. In the practice, we should have complete control of the network of financial institutions to improve the business operation of the network capacity and the forecast level of financial risk, and enhance macro-control of the systematic and forward-looking, but also to strengthen financial supervision and standardization of network construction, improve the network of financial supervision modern and scientific level.(2) improve the network of financial and non-site inspection of the site content system. On-site inspection should focus on the technical elements to be checked.(3) the establishment of mandatory information disclosure system. Follow the "open, fair and just" principle, development of financial services than the traditional more stringent information disclosure rules, norms, disclosure of the content, format, frequency and responsibilities and so on, through the financial statements, disclosure of the online publicity and other means of financial networks business information.(4) Innovative forms of regulation. Take full advantage of informationsuperiority, the establishment of real-time tracking and monitoring systems, strengthen monitoring, while also taking on the network "rules, patrol checks," the way the operational status of the network and whether the financial "irregularities" carry out spot checks found that, in a timely manner to correct or take punitive measures.5. Building security system.(1) accelerate research and development with China's own intellectual property rights of advanced information technology. Including computer equipment, communications equipment, system software, encryption algorithms, from the protection of national financial security and national economic security perspective to improve network security.(2) improving the network operating environment. Computer networks and centers to strengthen the management of the engine room, increase physical security measures for computer input, and enhance computer systems of key technologies and key equipment against attacks, anti-virus capabilities, maintenance of computer hardware security, ensure network banks rely on network hardware The normal operation of the environment safe.(3) secure access. On the one hand through the network of physical and logical isolation means isolation, and physical resources to unauthorized users isolated from each other, on the other hand through the application ofthe authentication and grading systems such as login authorization to restrict access to unauthorized users.译文:如何防范网络金融风险一、网络金融的定义网络金融是对以电脑网络为技术支撑的金融活动和相关活动的总称,是网络信息技术与现代金融相结合的产物,但它并不是二者的简单结合,而是一种金融业乃至所有行业的一种运行机制,是未来企业机制发展的方向。
互联网时代银行的电子风险管理随着互联网的迅速发展和普及,银行业也在不断转型升级,将传统金融服务与互联网技术相结合,推出了一系列电子化服务。
这些电子化服务让用户可以通过互联网、手机等渠道进行线上银行业务操作,极大地方便了人们的生活。
与之相应的电子风险管理问题也越来越突出。
互联网时代的银行电子风险管理变得尤为重要。
本文将对互联网时代银行的电子风险管理进行深入探讨。
1. 技术安全风险互联网时代,银行的运营系统和客户信息都是依赖于计算机网络和各种软硬件设备的。
而这些设备和系统在日常运营中都存在着被黑客攻击、病毒感染、硬件故障等各种技术安全风险。
一旦这些风险发生,将直接影响到银行的业务正常运营和客户的信息安全。
2. 数据安全风险随着网络技术的发展,银行业务处理的信息量也在不断增加,用户的资金、交易记录、个人信息等大量数据都被存储在银行的网络系统中。
这些数据一旦泄露、被篡改或丢失,将对用户的资金安全和个人隐私造成严重影响。
3. 信用风险网络平台的互联网结构使得用户能够更快速地完成银行业务,降低了用户的行为门槛。
这也增加了银行面临的信用风险。
用户可能通过虚假信息、欺诈手段等途径获得不当利益,给银行带来潜在的信用风险。
4. 业务风险随着移动支付,网络借贷等新型金融业务产品的快速推出,金融业务更加多样、复杂,也更容易带来一定的业务风险。
这些新业务往往涉及到不同的风险管理体系,银行需要及时响应并有效防范。
5. 法律合规风险在互联网时代,银行的运营离不开各种网络平台以及第三方支付机构的合作。
而这些合作也可能涉及到跨境支付、数据隐私保护、网络安全法规等各种法律合规风险。
1. 完善的技术安全保障体系银行需要构建完善的技术安全保障体系,包括数据加密和传输技术、防火墙和入侵检测系统、身份认证技术、安全审计和监控等。
还需要及时跟上最新的网络安全技术和对策,及时更新系统软件补丁、强化内部员工安全意识培训等。
2. 健全的数据安全管理体系银行需要建立健全的数据安全管理体系,包括数据备份和恢复体系、数据监控和分级访问权限控制、安全的数据交换机制等。
电子银行研究互联网金融外文文献翻译文献出处:Safeena R. The study on the development of electronic banking business [J]. International Journal of Information, 2015, 12(2): 55-65.原文The study on the development of electronic banking businessSafeena RAbstractThis article mainly from the electronic banking business development present situation and problems, this paper carefully analyses the electronic banking operational risk, reputation risk and legal risk, so as to find out the healthy development of the electronic banking technology security measures should be taken, the external resource management, professional and technical training and the establishment of the emergency measures, etc., To vigorously promote the development of electronic banking business.Keywords: Electronic banking; Business development; strategy1 IntroductionRefers to the banking financial institutions to use electronic banking facing the social public open communication channel, or open the public network, as well as the bank for particular self-service facilities or customers to establish dedicated network, provide banking services to customers. Way to the new service for the customer, make customer not limited by geographical and time and space, (Anytime), at any time, Anywhere (Anywhere), in any way (Anyhow) to provide services, namely say usually 3Aservice. Banks through electronic channels to provide customers with related products and services include: commercial POS terminals, ATM teller machines, telephone banking, personal computer, Internet, mobile phone, etc. Electronic banking business belongs to a whole new way of banking services, is the combination of information technology and the existing banking product innovation, and added to the promotion of counter service. Electronic banking business from scratch, since the childhood, in recent years has entered a fast track of development, with online banking, telephone banking, mobile banking, self-service banking, online securities, such as online insurance new service way, for the majority of users has brought convenient service experience.2 The existing problems in the development of electronic banking business2.1 Electronic trading ideas are fairly weakAlthough the bank has now had the very big development, but there are quite a few people remain skeptical about whether electronic trading actually, the idea of people also can't keep up with the development of network technology and quality. Electronic trading requires not only the popularity of network terminal equipment, also need to participants for mastering and using of e-commerce and network technology, and the several aspects are also quite weak.2.2 Lack of national unity, authority CA authentication centerAt present, the bank on the net is directly or indirectly, the CA founded on their own. From the perspective of the specification, only to the construction of unified national public certification center, can play the role of neutral, authoritative certification center. The people's bank has sent in April 1999, thetender, start building unified CA authentication center, but progress has been slow. When this kind of situation hindered the pace of construction of commercial bank for online banking, commercial Banks or pedestrian area of the branch will be redesigned. If Banks or regions are building their own CA authentication center, construction before they are unified, there will be a cross certification, if coupled with cross with foreign Banks. Certification, will greatly hinder the bank on the net service efficiency and accuracy, and can also lead to repeated construction and waste of resources.2.3 Credit mechanism is not sound, the market environment is imperfectDespite the current market economy has had the very big development, but the bottom of the credit system development process is relatively low, the current commercial bank electronic payment system is fragmented, patchy credit, enterprises and individual customers cannot share information resources, its overall advantages is not apparent. Associated with electronic payment of customs, taxation, transportation department failed to form a complete set of network with the bank of network level, restrict the development of electronic banking business.2.4 SecurityCustomer identification and guarantee data confidentiality and integrity, is the fundamental guarantee of electronic banking development. Due to the openness of the Internet it and the complexity of electronic banking in technology, information security problems become the core problem in the course of the construction of electronic banking. The network bank three hidden trouble in security: one is the most computer hardware equipment mainly rely on imports from;2 it is system encryptionprogram is not enough, easy resulting in the loss of customer funds; Three is a network system is not stable, easy operating problems, etc.2.5 The laws and regulations is still relatively lagging behindThe rules are in use electronic banking information transmission is the TCP/IP protocol, clear with the customer in a signed a contract on the basis of the rights and obligations relations, problems are resolved through arbitration. Because of the lack of related laws, problem involves responsibility identification, bear, after the execution of arbitration results such as complex legal relationship is difficult to solve now. The new "contract law" although admitted the legal effect of electronic contract, did not solve the problem of the digital signature. These virtually increase the bank and customer trouble of electronic bank financial transactions and risk.2.6 Poor single financial varieties, system integrationTo build an electronic bank, first should basically have the following characteristics: service to all-ionization, risk diversification, information integration, electronic business market, the internationalization of standards and methods. But the single most varieties of banking and finance, the risk is very concentrated; Poor internal business systems integration, data is not uniform, it is difficult to link up the relevant unit organically, and the electronic banking and electronic commerce management and service system also can't keep up with, can't meet the needs of customers. Social economy and the rapid development of science and technology, the overall management of commercial Banks had a profound effect, since entering the foreign Banks gradually into the financial markets, the increasingly fierce competition of banking, electronicbanking become an important competitive weapon. Commercial Banks in order to continue to survival and development under the newsituation, put forward the fundamental requirement to the development of electronic banking, not only effectively pushing it forward quickly, and determines the final development direction.Economic globalization, social information, changed people's thinking and ideas of a new life pattern are emerging. Faster and faster pace of life, more and more active economic activities, make people more and more pursuit of all-weather, anywhere, in any way can enjoy convenient service to the bank. In order to meet this need, commercial Banks must speed up the use of information technology, to launch all kinds of electronic banking self-service products, fully replace traditional counter business, realize electronic banking service mode 3A to permeate the full range of social and economic life, so as to occupy the market, stable customer. In the long run, the income structure of commercial Banks will change, the savings and loan will be more and smaller, poor by loan is poor profit space also more and more narrow, non interest income share will increase steadily. In response to this change, commercial Banks must take electronic banking platform construction into and securities, insurance, funds and other financial enterprises cooperation platform, key development has broad market prospects of electronic banking business innovation, including securities, investment, consulting, intermediary business, how kind of modern business, expanding profit channel and source of income, improve comprehensive selling long-term profitability.3 The operation risk of electronic banking businessWith the rapid development of information in the bank, electronic banking potential risk is increasingly revealed. Because of the electronic banking business is different with the traditional banking business has many characteristics, such as networking, virtualization, self-support, categories of the risk, risk control methods and means there are a lot of particularity, realize electronic banking risk, effective risk prevention, to avoid risk of banking industry and ensure steady and healthy development of the electronic bank has great significance to the maintenance aspects and so on bank credit. Electronic banking business risk the variety, content and form is differ, but generally can be divided into operation risk, reputation risk and legal risk, etc.3.1 Operating riskOperational risk refers to the incomplete due to internal procedure or failure and problems about system, system or manual operation, or the risk of external factors. Concrete and including security risk, system design, operation and maintenance of the risk. Security risk. Due to the increase of the electronic computer function route entry points in the geographic dispersion, and include the Internet public networks such as the use of various communication systems, to enter the bank's core accounting control system and risk management systems are becoming increasingly complicated, a variety of specific access and authentication problems could happen, make the electronic banking system of external attack. Banks will also be due to the negligence of employee fraud and negligence at risk. The system design, operation and maintenance. Banks face the choice of system design is not perfect or run the risk of not smooth. Such as electronic banking system may not be the matchthe needs of customers, business development sluggish; External service providers may not have the necessary professional technology or not update in time or because of their own enterprise fails to fulfill the obligation of technical services; Application system paralysis is not back to normal in time, etc. Due to the development of information technology with each passing day, Banks face the risk of system to be eliminated, and so on.3.2 Reputation riskReputation risk is caused by negative public opinion on bank risk, the bank's ability to establish and maintain customer relationship severely damaged, leading to the significant loss of financing or customer base. For example, online banking products and services produced negative public opinion, or process so that seriously affects the Banks' earnings or damage to the bank's capital, reputation risk when they generate. It will affect the Banks to build new client relationships, so that the agency faces lawsuits, financial losses or reputation losses.3.3 The legal risksLegal risk is due to the violation of laws, regulations, rules or trading habits orprofessional moral and ethical standards, or inconsistent with, or the rights and obligations of the parties fail to allocate, or through electronic media to conclude the agreement for the risks caused by uncertainty, and so on and so forth. Due to lack of electronic banking development can be based on standards, and electronic banking business in trading rules, the validity of contracts, the trade both parties responsibilities and consumers' rights and interests protection, compared with the traditional bank more complex and more difficult to define, the existence ofthe corresponding laws and regulations blank, it is easy to produce fringes of phenomenon, and once a dispute is difficult to solve.译文电子银行业务发展研究Safeena R摘要本文主要从电子银行业务发展的现状及其存在的问题入手, 认真分析了电子银行存在的操作风险、声誉风险和法律风险,从而找出电子银行健康发展应采取的技术安全措施、外部资源的管理、专业技术的培训和应急措施的建立等, 以大力促进电子银行业务发展。
网络金融风险防范外文文献翻译(含:英文原文及中文译文)英文原文How to guard against financial risks network ProfessorKristian BehrensFirst, the definition of network finance Network Finance is a computer network for the technical support of the financial activities and related activities in general, is a network of information technology and product of the combination of modern finance, but it is not a simple combination of the two, but a financial industry and even all industries An operating mechanism, is the future of enterprise system development. Narrowly understood, refers to the financial network of financial service providers based on the host to the Internet or communications network for the media, through the financial data and business processes embedded software platform, user interface terminal mode of operation of the new financial ; from a broad understanding of the concept of network finance their mode of operation also includes matching network of financial institutions, networks and related financial markets, regulatory and other external environment. Including: e-money, online banking, online payment, network security and network insurance. Second, the network of financial riskNetwork mainly engaged in the financial settlement of electronicmoney and electronic virtual financial services, in addition to traditional financial activities which exist in the process of credit risk, liquidity risk, interest rate risk, currency risk and market risk, from a technical, business and legal perspective, There are the following specific risks:1. Technology risk(1) hacker attacks. The operation of the network must rely on financial transactions, computer and Internet, all transactions are stored in the computer, the transmission of online information is easy to become a large network of "hacker" attack. In addition, Web access is a form of Internet service, is also a network of financial institutions trading and services platform, but it depends on TCP / IP protocol, there are many security vulnerabilities. This gives hackers broke into financial institutions through the network to create the conditions for the system. Hackers only need to use loopholes in the system itself, "only need to modify a few settings " you can allow financial institutions to a standstill.(2) technology selection risk. To carry out financial business networks, they must choose a proven technology solutions to support. Once there is choice, there will be a result of selection for the same mistakes which led to the risk. One possibility is to choose the technology system and client terminal software compatibility due to poor speed of information transmission interruption or reduction, another risk is that of technical alternatives have been eliminated, resulting in relativelybackward technology, the network out of date, leading to enormous technical and Loss of business opportunities. Financial terms of the network, technology choice may lose all of the market failure, or even lose the basis for survival.2. Business risks.(1) operational risk. Operational risk from the system reliability, stability and security caused major defects in the possibility of potential loss may come from the negligence of online financial customers, may also come from the financial security system network and its products, design flaws and operational errors . Operational risk relates primarily to authorize the use of online financial accounts, the network of financial risk management systems, networks, financial institutions and the exchange of information among customers, true and false recognition of electronic money. (2) the risk of market signals. Market risk is due to signal asymmetric information network of financial institutions led to the face of adverse selection and moral hazard arising from business risks. Such as Internet banking customers can not identify the risk level of the Internet at a disadvantage, online customers may use their hidden information and action to make the network to their advantage at the expense of the interests of the decision-making banks and leaving because of adverse public comment on Internet Banking Risk of losing customers and sources of funding risks. (3) credit risk. Reputation risk isthe network of financial institutions can not create good customer relations, can not establish their own good reputation, and thus can not engage in financial business. Once the virtual network of financial institutions to provide financial services can not achieve the expected level of the public, or adverse reactions in the community, or network security system of financial institutions have been destroyed to form a network of financial credit risk.3. Legal risks. The legal risks of financial networks, mainly from two aspects: First, violation of relevant laws, regulations and system requirements, and online transactions failed to comply with the provisions of the relevant rights and obligations. These laws and regulations, including consumer protection laws, financial disclosure system, privacy protection, intellectual property protection law and currency system. Second, the lack of network financial law. China Internet Finance still in its infancy, is still quite a lack of appropriate laws and regulations. Therefore, using the Internet to provide or receive financial services, signed an economic contract rights and obligations in the face considerable legal risk, vulnerable to undue disputes, not only increase the cost of online financial transactions, and even affect the Development of the financial health of the network.Third, improve the network to prevent and control financial risksPoint of the network of financial risks, involving a wide range ofinterests, it is necessary to perfect legal environment, strengthening access management, a sound regulatory system, adjust the regulatory strategy and other aspects, a multi-pronged, comprehensive treatment.1. Improve the legal system.(1) legislative efforts to increase the network of financial, clear the network of financial rights and obligations of relevant subjects.(2) to develop rules of fair trade network. In the identification and validation of digital signatures, transactions preservation of evidence, the transaction and both parties share responsibility for the protection of personal information of consumers to make detailed provisions to ensure transaction security, digital evidence when disputes arise and transactions in a real and effective personal Privacy.2. Enhanced market access management.(1) The status of the technology infrastructure as one of the conditions of market access. Financial services applications for operating the network of financial institutions not only a considerable scale of network equipment, but also need to have confirmed the legality of trading partners, to prevent tampering with trading information and prevent information leakage and other aspects of key technologies. (2) to develop rigorous internal control system. Publicity for the network of financial services, information disclosure, and system design have institutional arrangements, the establishment of a network of financialinstitutions or a new business, the must have sound risk identification, identification, management, risk cover and disposal programs.(3) to develop and improve the types of transactions operating procedures. Applications to open accounts for customers, customer authorization statement, the general development of trading procedures, rules to prevent illegal trading and online financial transaction system against criminal activities.(4) the implementation of the network type of financial business management. Development of classification standards, banking and financial services capabilities and the ability to credit rating, thus a variety of services on the network to carry out the financial restrictions and permits.3. Improve the regulatory system.(1) improve the network of financial risk monitoring systems. The establishment of "national (network) Financial Risk Management Committee."(2) to strengthen collaborative supervision. "Committee" of the member units and other relevant regulatory authorities to share information resources among each other and opening up their own information database, and regularly informed of their supervision, promote joint supervision, supervision of financial risks to improve network accuracy and timeliness.(3) to strengthen international cooperation in financial supervision network. Meanwhile, the network with international cooperation in financial supervision to strengthen the network of bank borrowing way illegal tax evasion, money laundering and other acts, the way the use of Internet banking transnational smuggling, illegal arms trafficking activities such as arms and drug trafficking, illegal attack on the use of Internet banking other sites internet bank hackers, and other international criminal activities a full range of monitoring, the formation of the network can effectively protect the financial health of the global network operations and is responsible for the supervision of the financial system.4. Adjust the control strategy.(1) and improve the modernization level of financial supervision network. In the practice, we should have complete control of the network of financial institutions to improve the business operation of the network capacity and the forecast level of financial risk, and enhance macro-control of the systematic and forward-looking, but also to strengthen financial supervision and standardization of network construction, improve the network of financial supervision modern and scientific level.(2) improve the network of financial and non-site inspection of the site content system. On-site inspection should focus on the technical elements to be checked. (3) the establishment of mandatory informationdisclosure system. Follow the "open, fair and just" principle, development of financial services than the traditional more stringent information disclosure rules, norms, disclosure of the content, format, frequency and responsibilities and so on, through the financial statements, disclosure of the online publicity and other means of financial networks business information. (4) Innovative forms of regulation. Take full advantage of information superiority, the establishment of real-time tracking and monitoring systems, strengthen monitoring, while also taking on the network "rules, patrol checks," the way the operational status of the network and whether the financial "irregularities" carry out spot checks found that, in a timely manner to correct or take punitive measures.5. Building security system.(1) accelerate research and development with China's own intellectual property rights of advanced information technology. Including computer equipment, communications equipment, system software, encryption algorithms, from the protection of national financial security and national economic security perspective to improve network security.(2) improving the network operating environment. Computer networks and centers to strengthen the management of the engine room, increase physical security measures for computer input, and enhance computer systems of key technologies and key equipment against attacks, anti-virus capabilities, maintenance of computer hardware security,ensure network banks rely on network hardware The normal operation of the environment safe.(3) secure access. On the one hand through the network of physical and logical isolation means isolation, and physical resources to unauthorized users isolated from each other, on the other hand through the application of the authentication and grading systems such as login authorization to restrict access to unauthorized users.中文译文网络金融风险防范克里斯蒂安·贝伦斯网络金融的定义网络金融是计算机网络对于金融活动和相关活动的技术支持一般,是信息技术与现代金融相结合的产物,但它不是简单的组合这两个,但一个金融业乃至所有行业的一个运营机制,是企业系统发展的未来。
文献出处:Florina V, Liliana M, Viorica I. RISK MANAGEMENT OF E-BANKING ACTIVI TIES[J]. Annals of the University of Oradea, Economic Science Series, 2013, 17(3).原文RISK MANAGEMENT OF E-BANKINGACTIVITIESSummary: E-banking risk arises from fraud, processing errors, system disruptions, or other unanticipated events resulting in the institution’s inability to deliver products or services. This risk exists in each product and service offered. Institutions should determine the appropriate level of security controls based on their assessment of the sensitivity of the information to the customer and to the institution and on the institution’s established risk tolerance level.Keywords: e-banking, risk management, security1. E-banking risks1. E-banking risksE-banking is defined as the automated delivery of new and traditional banking products and services directly to customers through electronic, interactive communication channels. E-banking includes the systems that enable financial institution customers, individuals or businesses, to access accounts, transact business, or obtain information on financial products and services through a public or private network,including the Internet or mobile phone. Customers access e-banking services using an intelligent electronic device, such as a personal computer (PC), personal digital assistant (PDA), automated teller machine(ATM), kiosk, or Touch Tone telephone.In Romania, over 23 banks implemented and offer now e-banking services. The continuous development of the supporting technology, information security and e-banking strategy reflects on the increasing number of the e-banking customers. According to Communications and Information Technologies Ministry, the number of e-banking users and the transactions performed in this system, as well as the value of these transactions, registered a spectacular rising, displayed in the graphicsbelow:While the risks and controls are similar for the various e-banking access channels, this essay focuses specifically on Internet-based services due to the Internet’s widely accessible public network Accordingly, this project begins with a discussion of the two primary types of Internet websites: informational and transactional. Informational websites provide customers access to general information about the financial institution and its products or services.Risk issues examiners should consider when reviewing informational websites include: Potential access to confidential financial institution or customer information if the website is not p roperly isolated from the financial institution’s internal network; Potential liability for spreading viruses and other malicious code to computers communicating with the institution’s website; and Negative public perception if the institution’s on-line services are disrupted or if its website is defaced or otherwise presents inappropriate or offensive material.Transactional websites provide customers with the ability to conduct transactions through the financial institution’s website by initiating banking transactions or buying products and services. Banking transactions can range from something as basic as a retail account balance inquiry to a large business-to business funds transfer. E-banking services, like those delivered through other delivery channels, are typically classified based on the type of customer they support. The following table lists some of the common retail and wholesale e-banking services offered by financial institutions.Since transactional websites typically enable the electronic exchange of confidential customer information and the transfer of funds, services provided through these websites expose a financial institution to higher risk than basic informational websites. Wholesale e-banking systems typically expose financial institutions to the highest risk per transaction, since commercial transactions usually involve larger dollar amounts. In addition to the risk issues associated with informational websites, examiners reviewing transactional ebanking services should consider the following issues:—— Security controls for safeguarding customer information;—— Liability for unauthorized transactions;—— Possible violations of laws or regulations pertaining to consumer privacy, anti-money laundering, anti-terrorism, or the content, timing, or delivery of required consumer disclosures.2. Transaction riskTransaction risk arises from fraud, processing errors, system disruptions, or other unanticipated events resulting in the institution’s inability to deliver products or services. This risk exists in each product and service offered. The level of transaction risk is affected by the structure of the institution’s processing environment, including the types of services offered and the complexity of the processes and supporting technology.In most instances, e-banking activities will increase the complexity of the institution’s activities and the quantity of its transaction/operations risk, especially if the institution is offering innovative services that have not been standardized. Since customers expect e-banking services to be available 24 hours a day, 7 days a week, financial institutions should ensure their e-banking infrastructures contain sufficient capacity and redundancy to ensure reliable service availability. Even institutions that do not consider e-banking a critical financial service due to the availability of alternate processing channels, should carefully consider customer expectations and the potential impact of service disruptions on customer satisfaction and loyalty.The key to controlling transaction risk lies in adapting effective polices, procedures, and controls to meet the new risk exposures introduced by e-banking. Basic internal controls including segregation of duties, dual controls, and reconcilements remain important. Information security controls, in particular, become more significant requiring additional processes, tools, expertise, and testing. Institutions should determine the appropriate level of security controls based on their assessment of the sensitivity of the information to the customer and to the institution and on the institution’s established risk tolerance level.Generally, a financial institution’s credit risk is not increased by the mere fact that a loan is originated through an e-banking channel. However, management should consider additional precautions when originating and approving loans electronically, including assuring management information systems effectively track the performance of portfolios originated through e-banking channels.Funding and investment-related risks could increase with an institution’s e-banking initiatives depending on the volatility and pricing of the acquired deposits. The Internet provides institutions with the ability to market their products and services globally. Internet-based advertising programs can effectively match yield-focused investors with potentially high-yielding deposits. But Internet-originated deposits have the potential to attract customers who focusexclusively on rates and may provide a funding source with risk characteristics similar to brokered deposits. An institution can control this potential volatility and expanded geographic reach through its deposit contract and account opening practices, which might involve face-to face meetings or the exchange of paper correspondence.Compliance and legal issues arise out of the rapid growth in usage of e-banking and the differences between electronic and paper-based processes. E-banking is a new delivery channel where the laws and rules governing the electronic delivery of certain financial institution products or services may be ambiguous or still evolving. Laws governing consumer transactions require specific types of disclosures, notices, or record keeping requirements. These requirements also apply to e-banking, and banking agencies continue to update consumer laws and regulations to reflect the impact of e-banking and on-line customer relationships.Institutions that offer e-banking services, both informational and transactional, assume a higher level of compliance risk because of the changing nature of the technology, the speed at which errors can be replicated, and the frequency of regulatory changes to address e-banking issues. The potential for violations is further heightened by the need to ensure consistency between paper and electronic advertisements, disclosures, and notices.3. Risk managementE-banking has unique characteristics that may increase an institution’s overall risk profile and the level of risks associated with traditional financial services, particularly strategic, operational, legal, and reputation risks. These unique e-banking characteristics include: Speed of technological change, Increased visibility of publicly accessible networks, Less face-to-face interaction with financial institution customers. Management should review each of the processes discussed in this section to adapt and expand the institution’s risk management practices as necessary to address the risks posed by e-banking activities.Financial institution management should choose the level of e-banking services provided to various customer segments based on customer needs and the institution’s risk assessment considerations. Institutions should reach this decision through a board-approved, e-banking strategy that considers factors such as customer demand, competition, expertise, implementation expense, maintenance costs, and capital support. Some institutions may choose not to provide e-banking services or to limit e-banking services to an informational website.Financial institutions should periodically re-evaluate this decision to ensure it remains appropriate for the institution’s overall business strategy. Institutions may define success in many ways including growth in market share, expanding customer relationships, expense reduction, or new revenue generation. If the financial institution determines that a transactional website is appropriate, the next decision is the range of products and services to make available electronically to its customers. To deliver those products and services, the financial institution may have more than one website or multiple pages within a website for various business lines.Financial institutions should base any decision to implement e-banking products and services on a thorough analysis of the costs and benefits associated with such action. Some of the reasons institutions offer e-banking services include: Lower operating costs, Increased customer demand for services, and New revenue opportunities.The individuals conducting the cost-benefit analysis should clearly understand the risks associated with ebanking so that cost considerations fully incorporate appropriate risk mitigation controls. Without such expertise, the cost-benefit analysis will most likely underestimate the time and resources needed to properly oversee e-banking activities, particularly the level of technical expertise needed to provide competent oversight of in-house or outsourced activities.Security threats can affect a financial institution through numerous vulnerabilities. No single control or security device can adequately protect a system connected to a public network. Effective information security comes only from establishing layers of various control, monitoring, and testing methods. While the details of any control and the effectiveness of risk mitigation depend on many factors, in general, each financial institution with external connectivity should ensure the following controls exist internally or at their TSP.ConclusionsA financial institution’s board and m anagement should understand the risks associated with e-banking services and evaluate the resulting risk management costs against the potential return on investment prior to offering e-banking services. Poor e-banking planning and investment decisions can increase a financial institution’s strategic risk. Early adopters of new e-banking services can establish themselves as innovators who anticipate the needs of their customers, but may do so by incurring higher costs and increased complexity in their operations. Conversely, late adopters may be able to avoid the higher expense and added complexity, but do so at the riskof not meeting customer demand for additional products and services. In managing the strategic risk associated with e-banking services, financial institutions should develop clearly defined e-banking objectives by which the institution can evaluate the success of its ebanking strategy.译文电子银行的风险管理活动摘要:电子银行风险起因于欺诈、处理误差、系统中断或其他意外事件导致该机构无法提供产品或服务。
