Europe has been quietly re-engineering the rules of resilience. A few years ago, the Critical Entities Resilience Directive (CER) officially entered into force, marking a watershed moment for how the EU approaches the safeguarding of essential services across borders and sectors.
The UK government’s plan to modernize its cyber defenses isn’t just another legislative checkbox. It’s a pointed response to a threat that’s evolving faster than policy typically can. With ransomware attacks delaying over 11,000 NHS appointments last year and state-sponsored actors regularly probing UK infrastructure, the forthcoming Cyber Security and Resilience Bill is just trying to catch up.
The European Supervisory Authorities (ESAs) have released their 2024 annual report, offering a detailed overview of their work across key areas of financial regulation, from joint risk assessments to sustainable finance and digital resilience. Throughout 2024, the ESAs’ Joint Committee (JC) focused on assessing cross-sectoral risks to financial stability, producing two significant reports, one in Spring and another in Autumn.
In this article, Norman Marks inspects the concept of "risk appetite," challenging its validity and questioning its role in decision-making. Drawing from personal experiences and real-world examples, Marks argues that the traditional approach to defining and managing risk is overly simplistic and fails to capture the complexity of real-world risk. He critiques the common practice of quantifying risk as a single number and suggests that a more dynamic, objective-driven approach is needed. Rather than focusing on a static "risk appetite," Marks proposes that organizations should consider the likelihood of achieving their objectives, using risk as a factor in the decision-making process.
It’s not every day that major banks start treating a federal regulator like a cybersecurity risk. But after a quiet email breach inside the Office of the Comptroller of the Currency (OCC) stretched on for more than a year undetected, JPMorgan Chase and Bank of New York Mellon have decided to pump the brakes on how much sensitive information they’re sending.
A recent survey from KPMG last month paints a sobering picture of the state of risk management in U.S. organizations. Despite heightened awareness of increasing risks and disruptions, more than half of U.S. organizations are still struggling to integrate proper risk and resilience capabilities. The survey, which gathered insights from 208 C-suite leaders, reveals that 52% of companies have not yet built the necessary organizational structures to effectively manage risk and resilience.
The shadow of financial crime looms larger than ever over Europe, as a new special edition of the 2024 Global Financial Crime Report sheds light on the vast scale of illicit activity across the region. This report dives deep into the financial crime landscape of Europe, with a specific focus on the European Union (EU), the United Kingdom (UK), and the Nordic countries. The findings paint a sobering picture of the challenges ahead, with billions of dollars flowing through illicit channels that pose a significant threat to both financial institutions and society as a whole.