Sebastien Rousseau

CATEGORY

Policy & resilience

DORA, EU AI Act, NIST standards, third-party risk — the supervisory pressure shaping technology decisions.

4 tags

Tags in this category

  • DORA — 54 articles

    Digital Operational Resilience Act — register of information, ICT third-party risk, threat-led penetration testing, and the operational resilience programme banks must run.

  • EU AI Act — 5 articles

    Implementation guidance, supervisory expectations, high-risk system classification, and the conformity-assessment burden the Act puts on banks.

  • NIST — 4 articles

    NIST standards relevant to banking — FIPS 203/204, AI RMF, SP 800/1800 series — and the supervisory adoption patterns around them.

  • Third-party risk — 2 articles

    ICT third-party risk under DORA, EBA outsourcing guidelines, and the supervisory expectation around critical-vendor concentration.

APPLIED AI

Agentic AI Index para sa mga Bangko sa 2026: Pagsukat ng Autonomy

Agentic AI is operational infrastructure in 2026. This index measures it the way banks measure capital and credit: a six-dimension readiness score across autonomy tiers, the control plane, regulatory evidence, unit economics, organisational readiness, and global regulatory alignment.

PAYMENTS & MONEY

Open Source, FINOS at ang Cloud-Native CIB Stack

Dumodoble ang Morgan Stanley, JPMorgan at Citi sa FINOS at Linux Foundation. Isang Rust-and-zero-dependency stack — noyalib, http-handle, hsh, KyberLib — ang nagpapakita kung ano ang anyo ng cloud-native CIB stack sa 2026 sa ilalim ng PSD3, FiDA at DORA.

PAYMENTS & MONEY

Always-On CIB: Cyber Recovery, Fallback Rails at Quantum-Safe Treasury

Itinuturing na ng corporate at investment banks ang cyber recovery, ISO 20022 fallback rails sa RTGS, instant at tokenised networks, at quantum-safe treasury controls bilang iisang always-on operating model — ang board-grade na tugon sa DORA Articles 5 at 6, sa FHE, QKD at PQC primitives, at sa ICT third-party concentration risk.

PAYMENTS & MONEY

Ang Post-Quantum Banking Resilience Index sa 2026: EO 14409, Mga Pandaigdigang Takdang Petsa, at Fiduciaryong Cryptographic Agility

Inilipat ng Executive Order 14409, ng mahigpit na takdang petsang 2030 ng ANSSI at ng DORA Article 5 ang post-quantum cryptography mula sa isang pangmatagalang teknikal na layunin tungo sa isang aktibong regulatoryong mandato. Kinukumberte ng index na ito ang pagseseguro sa mga registry, high-frequency ledger at SWIFT channel tungo sa isang 0–5 scorecard na handa para sa lupon na nagtutugma sa mga primitive na ML-KEM, ML-DSA at SLH-DSA sa fiduciaryong pananagutan at panganib sa balance sheet.

PAYMENTS & MONEY

Ang 2026 Global Payments Outlook: Operating Model, Risk, at Revenue sa Mundong Agentic, Invisible, at Real-Time

Ang 2026 global payments cycle ay tinutukoy ng tatlong sabay-sabay na puwersa — agentic commerce, invisible embedded payments, at real-time execution — na nakapatong sa isang tokenised unified ledger sa ilalim ng Project Agorá at sa isang matigas na novembre 2026 SWIFT structured-address cut-over. Pinagsasama ng piyesang ito ang 2026 outlook ng J.P. Morgan, Global Payments, HSBC at Payments Association sa isang four-pillar G-SIB operating model.

INFRASTRUCTURE & CRYPTOGRAPHY

Quantum Dawn para sa CIB: Mula KyberLib tungo sa Quantum-Resilient Payments Stack

Inalis ng BIS Quantum Dawn at ng G7 janvier 2026 PQC roadmap ang post-quantum cryptography mula research patungo sa board agenda. Pinapalawak ng piyesang ito ang KyberLib mula toolkit tungong enterprise CIB transition programme — sumasaklaw sa high-value rails, trade finance, custody, at sa mga disclosure na hinihingi na ngayon ng mga regulator.

APPLIED AI

Mula Pain.001 Tungong Programmable Liquidity: ISO 20022 Bilang Autonomic Nervous System ng Treasury sa 2026

Ang ISO 20022 sa 2026 ang autonomic nervous system ng treasury. Mas mayaman ang dalang datos ng pain.001 at pacs.008 kaysa sa anumang MT message. Halos kalahati ng mga bangko ay off-track pa rin sa SWIFT MT/MX cut-over sa Nobyembre 2026, ginagawang mandatoryo ang structured address, at hindi mabubuhay ang agentic treasury nang walang MX-native API. Iginuguhit ng artikulong ito ang engineering reality, mula sa CBPR+ validation rules hanggang sa isang totoong pain.001 fragment na may PstlAdr field.

POLICY & RESILIENCE

http-handle: High-Performance, Zero-Dependency Edge Ingress para sa Banking noong 2026

Ang http-handle ay isang statically linked na Rust binary na naghahatid ng 180,000 kahilingan bawat segundo sa banking edge nang walang runtime dependencies, na may integrated mTLS at JWT validation, ALPN-negotiated HTTP/2 at HTTP/3, at OTLP observability — na tinatapatan ang mga security at resilience gaps na iniwan ng Nginx at Envoy.