This article is the first in a short series called Taking Uncertainty Seriously, exploring how risk analysis changes when we stop pretending the future is known and start treating uncertainty as a first-class input to decision-making.
Austria’s financial sector is entering 2026 on solid footing, according to the country’s financial watchdog, but the risks facing banks, insurers, and markets are becoming more complex and more global. In presenting its Goals and Priorities for Supervision for 2026, the Austrian Financial Market Authority said it will sharpen its focus on resilience and stability while pushing to streamline supervision and cut unnecessary bureaucracy.
In a recent GRC Report piece, Risk Is Our Business: Why the GRC Market of 2030 Will Look Nothing Like Today, I argued that the governance, risk, and compliance market is not heading into another cycle of incremental change, but a structural break. The core claim was that risk has outgrown the architectures, assumptions, and mental models most GRC platforms and programs still rely on, and AI bolted onto legacy thinking will not save them.
Norway’s financial system remains resilient heading into 2026, but beneath the strength sit familiar and growing fault lines. That’s what Finanstilsynet’s latest Risk Outlook is telling us, which shows that high household debt, stretched property values, and global instability are still Norway’s biggest vulnerabilities.
The European Commission said it has formally acknowledged Meta’s commitment to introduce a clearer, more meaningful decision point for Facebook and Instagram users across the EU. Beginning in January 2026, people will be offered two distinct paths—continue sharing their full data footprint for highly tailored advertising, or opt for a version of the apps that relies on less personal information and delivers more limited ad personalization.
The Bank of England’s Prudential Regulation Authority has issued a refreshed set of expectations for how banks and insurers manage climate-related risks, a big shift from early awareness-building to full integration in risk processes.
The European Commission has updated its list of high-risk jurisdictions that pose strategic threats to the integrity of the EU financial system due to shortcomings in anti-money laundering and counter-terrorist financing (AML/CFT) regimes. Bolivia and the British Virgin Islands are the latest to join the list, meaning banks and other EU-regulated entities must apply enhanced vigilance to any dealings connected to those jurisdictions.