AI adoption in finance introduces risks like model inaccuracies, data security issues, and cyber threats. FINMA notes many institutions are at early development stages for AI governance. It urges better risk management to protect business models and enhance the financial center's reputation.
The ECB has decided to keep capital requirements largely unchanged for 2025 due to the strong performance of banks. However, specific banks will face additional capital requirements due to insufficient provisioning for non-performing loans and high exposures to leveraged loans. The ECB emphasized the need for banks to address governance, risk management, and operational resilience, particularly in light of macroeconomic threats and digital transformation challenges.
The FCA's proposed new regulations require firms to report operational incidents that could harm consumers or the financial system. This broadens the scope of reporting beyond traditional principles. Additionally, firms must notify the FCA of material third-party arrangements, including those that pose risks to the financial system or the firm's ability to meet regulatory obligations. This expanded regulatory focus on the entire lifecycle of services and activities highlights the increasing importance of operational resilience and third-party risk management.
The OCC reports that operational risk is elevated due to cyber threats and complex operations. Compliance risks are also significant, especially in areas like BSA/AML and fraud prevention. External fraud targeting consumers and banks is increasing, requiring strong fraud management practices. Banks should prioritize risk management, maintain sound controls, and educate customers to mitigate these risks.
The PRA’s proposals aim to enhance safety, soundness, and policyholder protection by collecting timely, accurate data on operational incidents. This data will improve monitoring, support industry feedback, and help address vulnerabilities and emerging risks, bolstering operational resilience across the sector.
This paper examines AI's transformative impact on banking and insurance, enhancing efficiency, risk management, and customer experience. It highlights generative AI's unique risks, such as hallucination, while existing frameworks address most AI risks. Key regulatory gaps include governance, model risk management, data governance, and oversight of non-traditional players and third-party providers.
This paper studies how to optimally protect electronic devices from cyberattacks. It uses mathematical models to understand the spread of attacks and determines the best times to apply protection measures. The researchers developed a complex mathematical framework to solve this problem and used numerical methods to illustrate the results. They found that the optimal protection strategy depends on the type of attack, with different strategies being effective for constant and random attacks.
This notice emphasizes the importance of culture risk management in financial institutions. It outlines the responsibilities of senior management and the board in shaping and overseeing the organization's culture. By aligning policies, practices, and behaviors with desired cultural values, financial institutions can mitigate risks.
“In its Opinion EIOPA is calling on the European Commission to take the necessary actions to avoid disproportionate compliance efforts from small insurance undertakings in the transition period prior to the application of the revised Solvency II Directive.”
The FCA encourages firms to assess and implement necessary adjustments to their financial crime systems and controls, which may involve updating internal policies, enhancing monitoring systems, providing training, improving governance, and refining other system components.