Nos derniers articles

The 𝙀𝙪𝙧𝙤𝙥𝙚𝙖𝙣 𝘾𝙤𝙢𝙢𝙞𝙨𝙨𝙞𝙤𝙣 has published a 𝗱𝗿𝗮𝗳𝘁 Delegated Regulation amending Regulation (EU) 2015/35 under the 𝗦𝗼𝗹𝘃𝗲𝗻𝗰𝘆 𝗜𝗜 framework. This follows Directive (EU) 2025/2, effective from January 28, 2025, and applicable from January 30, 2027. The proposal seeks to align prudential insurance rules with updated legislation, improve proportionality for smaller insurers, and strengthen supervisory cooperation and macroprudential oversight. It addresses identified issues such as volatility, investment disincentives, and reporting burdens. The changes aim to enhance insurers’ capacity to support the EU economy through increased capital allocation to long-term and sustainable investments, including securitisation and venture capital.
𝗙𝗲𝗲𝗱𝗯𝗮𝗰𝗸 𝗽𝗲𝗿𝗶𝗼𝗱:
17 July 2025 - 05 September 2025

Lack of high-quality public cyber incident data hinders empirical research and predictive modeling for cyber risk. Companies' reluctance to disclose incidents, fearing reputational damage, perpetuates this challenge. Actuarial solutions focus on enhancing existing datasets and employing advanced modeling. A new InsurTech framework is proposed to enrich cyber incident data with entity-specific attributes, addressing the gap in publicly available information. Machine learning models predict incident types and estimate frequencies, demonstrating improved robustness when incorporating InsurTech-derived features. This framework aims to generate transparent, entity-specific cyber risk profiles, supporting tailored underwriting and proactive risk mitigation for insurers and organizations.

L'𝗔𝗖𝗣𝗥 met en garde les institutions financières, notamment les banques en ligne, concernant l'utilisation croissante de « comptes rebonds » pour le 𝗯𝗹𝗮𝗻𝗰𝗵𝗶𝗺𝗲𝗻𝘁 𝗱'𝗮𝗿𝗴𝗲𝗻𝘁 issu de 𝗳𝗿𝗮𝘂𝗱𝗲𝘀. Le rapport de l'ACPR, basé sur des données de 2022 et 2023, révèle que ces comptes servent à recevoir rapidement des fonds frauduleux avant de les transférer, souvent à l'étranger, rendant leur récupération difficile. 𝗘𝗻 𝟮𝟬𝟮𝟯, 𝗽𝗹𝘂𝘀 𝗱𝗲 𝟳𝟬 𝟬𝟬𝟬 𝗰𝗼𝗺𝗽𝘁𝗲𝘀 𝗳𝗿𝗮𝗻ç𝗮𝗶𝘀 𝘀𝘂𝘀𝗽𝗲𝗰𝘁𝘀, 𝗮𝘆𝗮𝗻𝘁 𝘁𝗿𝗮𝗻𝘀𝗶𝘁é 𝗽𝗿è𝘀 𝗱'𝘂𝗻 𝗺𝗶𝗹𝗹𝗶𝗮𝗿𝗱 𝗱'𝗲𝘂𝗿𝗼𝘀, 𝗼𝗻𝘁 é𝘁é 𝗳𝗲𝗿𝗺é𝘀. L'ACPR exhorte les organismes à renforcer leurs dispositifs de prévention et de détection face à cette menace croissante.

The paper 𝙏𝙝𝙚 𝙍𝙚𝙜𝙪𝙡𝙖𝙩𝙞𝙤𝙣 𝙤𝙛 𝘿𝙖𝙩𝙖 𝙋𝙧𝙞𝙫𝙖𝙘𝙮 𝙖𝙣𝙙 𝘾𝙮𝙗𝙚𝙧𝙨𝙚𝙘𝙪𝙧𝙞𝙩𝙮 by Jasmin Gider (Tilburg University - Tilburg University School of Economics and Management), Luc Renneboog (Tilburg University - Department of Finance), and Tal Strauss (European Central Bank ECB) compares and contrasts the regulatory landscapes of data privacy and cybersecurity in the EU and the US. It outlines the fragmented nature of US regulations, often relying on state-specific laws and sectoral approaches, in contrast to the EU's more unified framework like 𝗚𝗗𝗣𝗥 and 𝗡𝗜𝗦 Directives. The text details the increasing costs and frequency of cyber incidents, emphasizing the insufficient mandatory disclosure requirements in both regions. Furthermore, it identifies gaps in current legislation and ongoing efforts, such as the 𝗘𝗨'𝘀 𝗖𝘆𝗯𝗲𝗿 𝗥𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝗲 𝗔𝗰𝘁 and the US.'s 𝗖𝗜𝗥𝗖𝗜𝗔, to enhance 𝗱𝗶𝗴𝗶𝘁𝗮𝗹 𝗿𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝗲 and address underinvestment in 𝗰𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆.

This document introduces a novel two-step methodology for money laundering detection that significantly improves upon existing rule-based and traditional machine learning methods. The first step involves representation learning using a transformer neural network, which analyzes complex financial time series data without requiring labels through contrastive learning. This self-supervised pre-training helps the model understand the inherent patterns in transactions. The second step then leverages these learned representations within a two-threshold classification procedure, calibrated by the Benjamini-Hochberg (BH) procedure, to control the false positive rate while accurately identifying both fraudulent and non-fraudulent accounts, addressing the significant class imbalance in money laundering datasets. Experimental results on real-world, anonymized financial data demonstrate that this transformer-based approach outperforms other models in detecting fraudulent activities.

The ESAs DORA guide explains the framework's objectives, principles, structure, activities, processes, and expected outcomes. It covers CTPP designation based on criticality, risk assessment, and detailed oversight activities including ongoing monitoring, requests for information, general investigations, and inspections. The document also outlines the issuance of non-binding recommendations for identified deficiencies and subsequent follow-up procedures to ensure compliance, ultimately aiming to enhance digital operational resilience and financial system stability across the EU.

EIOPA submitted three draft technical standards and one revised guideline to the European Commission to support the implementation of the updated Solvency II Directive. The documents address criteria for identifying insurance groups under dominant or unified control, assessing cross-border activity relevance, updating lists of regional authorities for capital calculations, and revising guidance on undertaking-specific parameters. The Commission has three months to decide on adoption. These measures aim to clarify supervisory responsibilities, enhance cross-border oversight, and align technical rules with current legal frameworks, contributing to more effective and coordinated insurance supervision across the EU.

This consultation package is aimed at easing the reporting burden on insurance and reinsurance companies under the Solvency II framework. The proposed amendments seek to reduce reporting requirements by at least 26% for solo undertakings and 36% for small and non-complex undertakings. Key changes include reducing template frequency, deleting annual templates, and introducing technical simplifications. The EIOPA expects these changes to substantially reduce the burden on European insurers without compromising policyholder protection or financial stability. Stakeholders can provide feedback via the EU Survey until October 10, 2025.

This study develops a machine learning framework to identify high-risk enterprise financial reports, comparing Support Vector Machine, Random Forest, and K-Nearest Neighbors models. Using 2020–2025 audit data from the Big Four firms, Random Forest showed the highest performance (F1-score: 0.9012), excelling in detecting fraud and compliance issues. While KNN struggled with high-dimensional data, SVM performed well but was computationally intensive. The study highlights the potential of machine learning in auditing but notes limitations, including reliance on structured data and exclusion of external economic factors.

These proposed guidelines update the 2019 EBA Guidelines on Outsourcing to align with the Digital Operational Resilience Act (DORA). Key aspects include:
◾ 𝗥𝗶𝘀𝗸 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸: Financial entities must assess, monitor and mitigate risks throughout the third-party arrangement lifecycle, including due diligence, contractual phases and exit strategies.
◾ 𝗣𝗿𝗼𝗽𝗼𝗿𝘁𝗶𝗼𝗻𝗮𝗹𝗶𝘁𝘆 𝗣𝗿𝗶𝗻𝗰𝗶𝗽𝗹𝗲: The guidelines provide specific criteria for applying proportionality, limiting documentation burdens on financial entities and authorities.
◾ 𝗖𝗼𝗻𝘀𝗶𝘀𝘁𝗲𝗻𝗰𝘆 𝘄𝗶𝘁𝗵 𝗗𝗢𝗥𝗔: A single register can be used for both ICT and non-ICT services, streamlining information storage and reducing administrative burdens.
◾ 𝗧𝗿𝗮𝗻𝘀𝗶𝘁𝗶𝗼𝗻 𝗣𝗲𝗿𝗶𝗼𝗱: Financial entities have two years to review and amend existing arrangements and update their registers.

The consultation runs until October 8, 2025, allowing stakeholders to provide feedback on the draft guidelines.