Risk & Resilience

Gamifying the Way We Prepare for Risk

Every crisis begins with a moment of disbelief. The thing that wasn’t supposed to happen suddenly has, and the assumptions that felt so comfortable a day earlier now feel paper-thin. That’s when risk management either shows up or falls apart.

ESMA Puts Cyber Resilience at the Heart of Its 2026 Supervisory Agenda

The European Securities and Markets Authority (ESMA) is doubling down on digital resilience. The EU’s markets watchdog announced that cyber risk and operational resilience will again headline its Union Strategic Supervisory Priorities (USSPs) in 2026, extending its focus on one of the most pressing challenges facing Europe’s financial system.

Why Model Risk?

In this article, Graeme Keith explores the deeper purpose of risk modeling—not as a mathematical exercise in prediction, but as a disciplined way of thinking. Drawing parallels from military planning to decision science, Keith examines why the act of modeling itself often yields greater value than the models it produces. Through reflections on clarity, logic, and the pursuit of usefulness over perfection, he argues that modeling is as much about understanding uncertainty as it is about managing it.

AWS Outage Exposes Fragile Digital Dependencies Across the Internet

When AWS falters, the internet trembles. That’s what millions experienced early Monday as websites and apps across the world slowed, stalled, or disappeared altogether after Amazon Web Services’ Northern Virginia data center went down. The disruption began just after midnight Pacific time, triggered by what AWS later described as a failure in “an internal subsystem responsible for monitoring the health of our network load balancers.”

What is “Risk”, Really?

In this candid and thought-provoking piece, Norman Marks challenges conventional definitions of risk and risk management, arguing that most frameworks fail to resonate with how real-world decisions are made. Drawing from his decades of executive experience and referencing the ideas of Grant Purdy and Roger Estall, Marks reframes “risk” as simply “what might happen”, a practical, plain-English approach that bridges the gap between theory and management reality.

Dutch Regulators Warn That Digital Dependence Is Becoming a Systemic Risk

The Dutch Authority for the Financial Markets (AFM) and De Nederlandsche Bank (DNB) are warning that the Netherlands’ financial system is becoming increasingly fragile, not because of balance sheets or liquidity, but because of its digital backbone.

Agencies Withdraw Climate Risk Management Principles for Large Banks

The Federal Deposit Insurance Corporation (FDIC), the Federal Reserve Board (FRB), and the Office of the Comptroller of the Currency (OCC) have jointly withdrawn their Principles for Climate-Related Financial Risk Management for Large Financial Institutions, rescinding guidance that had been in place since October 2023 in a major policy reversal.