Risk & Resilience

Europe’s insurers and pension funds might be standing tall right now (capital buffers solid, premiums growing, and profits holding up) but the European Insurance and Occupational Pensions Authority (EIOPA) is urging them not to let their guard down. In its June 2025 Financial Stability Report, the regulator strikes a careful balance: acknowledging the sector’s resilience while pointing to a world growing less predictable by the day.

Amid signs of a fragile recovery, Finland’s financial watchdog is warning that stability could be at risk if aggressive global power politics, mounting geopolitical tensions, and a slower-than-expected economic rebound persist. While the financial system remains stable for now, the Financial Supervisory Authority (FIN-FSA) and the Bank of Finland urge increased resilience measures and macro-prudential reforms to brace for what may come.

In a previous article I wrote, The “R” in GRC: What Risk Management Software Should Really Deliver, I discussed the challenges many organizations face with risk management technology—how too often, what’s marketed as “risk management” software falls short, becoming little more than digital filing cabinets that serve bureaucratic needs instead of strategic decision-making. While many risk modules excel at routing forms, assigning tasks, and storing data, they fail to provide the kind of insight necessary for meaningful risk management.

In an address to industry leaders at the 2025 AFIA Risk Summit, Chris Gower, Executive Director of Cross-industry Risk at the Australian Prudential Regulation Authority (APRA), outlined the increasing need for financial institutions to bolster their operational resilience in response to an evolving geopolitical landscape. Drawing a compelling parallel to the "1991 Perfect Storm," Gower described how three converging risks (technology dependence, third-party vulnerabilities, and geopolitical volatility) are creating challenges that could shake the financial system’s stability.

The European Banking Authority (EBA) has just published three new technical standards that will reshape how banks calculate and report operational risk capital. These updates are part of the ongoing EU Banking Package, and they aim to streamline processes, reduce costs, and improve overall transparency for both institutions and regulators alike.

In this article, Graeme Keith dives into the limitations of traditional risk matrices and presents an alternative approach to risk management. By exploring the need for a model that better aligns with real-world decision-making, Keith highlights the shortcomings of compliance-driven exercises and offers a framework that allows businesses to better assess and prioritize risks across the enterprise.

In a year shaped by war, elections, cyber threats, and the steady march of artificial intelligence, the European Insurance and Occupational Pensions Authority (EIOPA) didn’t just keep pace but it stayed focused. Its newly released 2024 Annual Report tells the story of a regulator under pressure, facing a storm of digital, political, and economic disruption, yet managing to deliver across a wide policy front.