We all know how much of money and effort it takes to manage Operational Risk for a financial institution. The thousands of 'person-hours' of Risk, Compliance, IT, Operations, ete have to put in BCP, DR and the works to protect your business.  On top of all the sweat and blood, you have the regulators breathing down your necks to check your state of 'readiness' to handle a contingency like terror attack. Institutions have spent millions of dollars, Euros, pounds.. on systems and people to project their businesses as resilient to a terror attack. That's not all, banks spent zillions of hours and tons of dollars on KYC, blacklists, AML procedures, to make sure you are not helping the cause of terrorists in any manner.

Given these facts, it is galling to note that the terrorists themselves seem to be running a lean machine. This article in the WashingtonPost makes you thoroughly underwhelmed - http://www.washingtonpost.com/wp-dyn/content/article/2008/08/23/AR2008082301962.html?sid=ST2008062302295&s_pos

It looks like while Risk and Compliance Heads are battling to procure approvals for running costs, A.Q Inc seems to be running an operation that will get an approving nod from any bean counter worth his bean. It seems that to launch a major attack probably costs as much as an off-site meeting of branch heads in a bank. So, while the big boys of finance are cutting down on meals, color printing, taxi fare and other sundries, our adversaries are already on a better wicket. As customers already squeezed by the credit crunch where banks are reluctant to let go of any revenue streams, we also have to bear the heavy cost of Compliance and BCP. 

I tell you, this just isn't fair!