Risk & Resilience

European insurers might not be in the eye of the storm, but they’re certainly navigating some choppy waters. The European Insurance and Occupational Pensions Authority (EIOPA) just released its latest Insurance Risk Dashboard, offering a snapshot of an industry that’s stable—at least for now—but not without its fair share of concerns. Market volatility and real estate price swings continue to cast shadows over an otherwise steady outlook, with liquidity and funding conditions tightening just enough to keep insurers alert.

The winds of 2025 are carrying more than just a chill for Germany's financial sector—they're bringing storm clouds of risk. Climate change, geopolitical tensions, and a sluggish economy are converging to create what the Federal Financial Supervisory Authority (BaFin) calls a “highly challenging” environment. In its Risks in Focus 2025 report, released today, BaFin lays out the threats with an unflinching eye, urging financial institutions to prepare for the unpredictable.

Every few years, the European Banking Authority (EBA) holds up a mirror to the banking sector, asking a straightforward yet critical question: “What if?” The 2025 EU-wide stress test is no different—but this time, the stakes feel particularly high.

On January 17, 2025, the EU takes a significant step towards fortifying the financial sector’s ability to weather the storm of today’s digital and cyber risks with the official rollout of the Digital Operational Resilience Act (DORA). This isn’t just another regulation—it’s a bold response to the growing recognition that the financial sector’s resilience is now as important as its profitability.

For professionals in the realm of risk, compliance, and IT security, the role of the Chief Information Security Officer (CISO) has long been a cornerstone of organizational defense. But as technology evolves and risks become more interconnected, the role itself is undergoing a significant transformation. In a recent analysis in my piece The Death of the CISO: A Eulogy & Reincarnation, I discussed the impending end of the traditional CISO in favor of a more expansive role — the Digital Risk & Resilience Officer (DRRO).

January 17, 2025, marks the day the Digital Operational Resilience Act (DORA) stops being a talking point and becomes a reality. While financial institutions across Europe have been gearing up for this moment, the Dutch Authority for the Financial Markets (AFM) has outlined its plans for supervision and what firms can expect in the year ahead. If you haven’t started implementing DORA’s requirements yet, you’re already behind.

A new report from KPMG reveals that digital transformations are finally gaining momentum, with nearly 90% of US companies reporting improved performance and profitability from their tech investments. This is a significant leap from last year, where only 45% of businesses were seeing tangible benefits. As artificial intelligence (AI), enhanced data analytics, and third-party technology providers continue to drive these transformations, companies are not only optimizing their internal processes but are also investing in technology that helps them manage risks, meet regulatory requirements, and stay competitive.