The European Central Bank (ECB) has published its 2024-2026 priorities for ensuring bank resilience. As geopolitical and financial challenges persist across Europe, the ECB has identified three broad areas of focus for the next 24 months.
MBK Search has produced this high-level take on what the bank’s plans and what risk managers across the continent can expect.
Intensifying Downside Risks
With rising rates, high inflation and geopolitical tensions impacting growth, the ECB warns of potential funding stresses, asset quality erosion and financial volatility ahead. Risk managers need to closely monitor lending portfolios and credit risk indicators to mitigate emerging weaknesses proactively.
Boosting Risk Oversight
Persistent governance gaps, especially around strategic steering capabilities and risk data, require urgent attention. Risk managers need to implement robust frameworks for aggregating risk data, reporting it clearly to executives and governing bodies, and leveraging it enterprise-wide to enable sound decision making.
Addressing Climate and Digital Challenges
Banks face a pressing need to fully integrate climate risk analysis across the organization by late 2024. Granular assessments of both transition and physical risk transmission channel should account for short, medium and long-term horizons. This requires deploying quantitative scenario modelling to estimate exposure to stranded assets, credit deterioration, operational disruptions and business model shifts under various policy and temperature pathways.
On the digital front, institutions must draft and execute prudent technology transformation roadmaps to boost competitiveness. This must happen while inroducing strong cyber-risk and resilience frameworks given rising threats. Risk managers should evaluate third-party dependency risks associated with modernization, provide guidance on exposures from AI/ML adoption, advise executives on risk/reward tradeoffs and assess cyber-attack readiness through rigorous testing.
Operational Stability Critical
With banks relying more on third parties for core banking functions, oversight of outsourcing arrangements becomes crucial for risk managers. This includes keeping detailed inventories of supplier relationships, conducting robust due diligence on vendors, monitoring concentration risks across providers, and ensuring comprehensive contracts stipulate adequate security and resilience safeguards in line with regulatory guidance.
As operational dependencies on external partners through cloud adoption or managed services grow, risk managers need to thoroughly evaluate exposures to service disruptions through robust business impact analyses and continuity testing. Risk teams should also assess third-parties’ own operational resilience through comprehensive audits and continuous monitoring, while building response plans for failure scenarios.
