Swiss Authorities Warn of Intensifying Cyber, Geopolitical, & Environmental Pressures in New Assessment

Key Takeaways

• Geopolitical Headwinds: FINMA reports that rising inflation, trade tensions, and global political instability are keeping existing risks elevated for Swiss financial institutions.
• Nine High-Level Risks Identified: The regulator categorizes nine principal risks as high, including mortgage vulnerabilities, credit and liquidity risks, money laundering risks, sanctions exposures, outsourcing risks, cyber threats, and ICT weaknesses.
• Real Estate Pressures Persist: FINMA highlights renewed price increases, regional overheating in investment properties and holiday homes, and generous affordability assessments contributing to heightened mortgage risks.
• Cyber and ICT Fragility Growing: Cyberattacks increased significantly over the past year, with nearly half originating from third-party providers; ICT risks from complex, outdated systems are also rising.
• Climate Risk Integrated for the First Time: FINMA’s climate risk report appears in the Risk Monitor for the first time, concluding that transition and physical climate risks will continue to intensify.

Deep Dive

Switzerland’s financial supervisor is warning that the country’s financial centre is heading into 2025 with a risk landscape that is more complex, more interconnected, and more difficult to navigate than in previous years. In its newly published 2025 Risk Monitor, FINMA highlights a mix of geopolitical uncertainty, technological fragility, and persistent real estate pressures that, taken together, are shaping a more demanding environment for institutions across the sector.

The picture that emerges from this year’s assessment is one of steady accumulation: global inflation that has begun to tick upward again, trade tensions that continue to weigh on economic prospects, rising government debt in major economies, and a geopolitical climate that remains tense. Sanctions, FINMA notes, continue to be a meaningful source of risk. These conditions have kept existing vulnerabilities elevated, and in some cases deepened them.

Digitalization, a long-running priority across Swiss finance, is also sharpening risk exposure. Cyber threats continue to grow in scale and frequency, while underlying IT systems are becoming more complex and more prone to errors and outdated components.

A Concentration of High-Level Risks

FINMA identifies nine principal risks that it considers high. On the financial side, these include:

• Real estate and mortgage-related vulnerabilities
• Credit risks tied to other loans
• Credit spread risks
• Liquidity and funding risks

Non-financial risks include:

• Money laundering-related risks
• Sanctions risks
• Outsourcing risks
• Cyberattack-related risks
• ICT risks tied to system complexity, software issues, and outdated technology

In the report, FINMA CEO Stefan Walter describes the risk landscape as “increasingly complex,” emphasizing that strong governance, a healthy risk culture, and forward-looking supervision are essential for maintaining the resilience of the Swiss financial centre. He also points to the planned reform of Switzerland’s “too big to fail” regulation as an important step for systemically important institutions.

Real Estate and Mortgage Pressures Show No Signs of Easing

FINMA’s concerns about the mortgage market remain front and centre. Real estate prices have climbed again in the low interest rate environment, and certain regions, particularly where investment properties and holiday homes are concentrated, are showing signs of overheating. Per-capita mortgage debt in Switzerland remains among the highest in the world.

Retail banks are especially exposed to sharp corrections, given their business models. FINMA notes that many institutions are applying affordability criteria too generously and increasingly extending loans outside their own internal guidelines. The regulator says it will continue to scrutinize these practices and may impose targeted supervisory measures or additional capital charges where appropriate.

Life insurers and pension funds have also taken on more real estate exposure in recent years, heightening their vulnerability to market shifts. FINMA will monitor how upcoming changes to residential property taxation, along with demographic trends, could influence long-term demand, loan growth, and institutional risk profiles.

Cyber and ICT Risks Are Becoming More Entrenched

Cyberattacks on financial institutions and their service providers rose significantly over the past year, and nearly half of all reported incidents originated from third-party providers, a clear sign of the sector’s increasing dependence on a concentrated group of external service partners.

But cyber incidents are only part of the story. FINMA reports that ICT risks unrelated to cyber, such as system errors, software failures, and outdated infrastructure, are also rising. With IT stacks growing more complex, even minor issues can have broader operational impact. The regulator expects institutions to strengthen their technological resilience so that core functions can continue even when individual components fail.

Climate Risk Becomes a Permanent Feature

For the first time, FINMA’s Risk Monitor includes the supervisor’s climate risk report, published under its obligations in the CO₂ Act. The report outlines where climate-related risks currently stand across Swiss financial institutions, how firms are incorporating those risks into their internal frameworks, and the steps FINMA is taking to address them.

Climate-related risks, whether transition risks tied to shifts in the economy or physical risks linked to natural disasters, will continue to grow. Institutions, FINMA notes, are working to embed climate considerations more fully into their overall risk management.

The 2025 Risk Monitor ultimately serves as both a snapshot and a roadmap, laying out the areas where FINMA sees growing pressure and where it intends to intervene early to protect the resilience of Switzerland’s financial system. The regulator’s message this year is that risks are evolving quickly, and the systems designed to manage them must evolve just as fast.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.