Risk & Resilience

In a modern era marked by rapid technological advancement and global uncertainty, organizations worldwide are grappling with an increasingly complex risk landscape. The Risk in Focus 2025 report, a comprehensive study based on surveys conducted by the Internal Audit Foundation and the European Confederation of Institutes of Internal Auditing (ECIIA), sheds light on the current and future risk priorities of businesses across the globe.

European financial regulators have issued a formal opinion challenging the European Commission's (EC) recent rejection of proposed technical standards under the Digital Operational Resilience Act (DORA). This dispute highlights the complexities in implementing digital resilience measures across the European Union's financial sector.

The European Supervisory Authorities (ESAs) - comprising the European Banking Authority (EBA), the European Insurance and Occupational Pensions Authority (EIOPA), and the European Securities and Markets Authority (ESMA) - have announced the appointment of Marc Andries as the Director for DORA joint oversight. This appointment marks a significant step in implementing the Digital Operational Resilience Act (DORA), a key regulation aimed at strengthening the IT security and resilience of the European financial sector.

The Dutch Authority for the Financial Markets (AFM) has released its fifth update on the Digital Operational Resilience Act (DORA), providing critical guidance on the testing of digital operational resilience for financial firms. Since its implementation in January 2023, DORA aims to fortify financial organizations against IT risks, ensuring they are better equipped to withstand cyber threats and maintain operational continuity.

The German Federal Financial Supervisory Authority (BaFin) has issued new guidance notes aimed at helping banks and insurers transition to the requirements set forth by the Digital Operational Resilience Act (DORA). Set to take effect from January 17, 2025, DORA introduces a comprehensive framework for managing ICT risks and third-party risks, marking a significant shift from the existing supervisory frameworks.

The European Supervisory Authorities (ESAs)—comprising the European Banking Authority (EBA), the European Insurance and Occupational Pensions Authority (EIOPA), and the European Securities and Markets Authority (ESMA)—have issued their Autumn 2024 Joint Committee Report, highlighting a landscape fraught with economic and geopolitical uncertainties. This comprehensive assessment underscores the pressing need for heightened vigilance across all financial market participants.

The Federal Reserve is set to revise its proposed capital rules for banks, emphasizing a more nuanced, risk-based approach. Michael S. Barr, Vice Chair for Supervision at the Federal Reserve, unveiled these plans in a recent speech at the Brookings Institution, signaling a significant shift in how regulators view bank resilience and risk management.