Nos derniers articles

AI is not just an incremental improvement but a "paradigm shift" in regulatory compliance. By automating KYC, AML, and transaction monitoring, financial institutions can achieve unprecedented levels of efficiency, accuracy, and risk management. However, this transformative potential comes with significant responsibilities regarding data governance, ethical considerations, and maintaining human oversight. Success in this evolving landscape will hinge on strategic AI implementation, continuous adaptation to regulatory changes, and strong collaboration across the industry and with regulatory bodies. The long-term goal is a more "secure and resilient financial ecosystem."

On 12 August 2025, the European Banking Authority (EBA) published a report on the use of supervisory technology (SupTech) in anti-money laundering and counter-terrorist financing (AML/CFT) oversight. It draws on a November 2024 survey of 31 competent authorities across 25 EU member states (plus three outside) and a January 2025 workshop with the European Commission’s AMLA Task Force.
Global Regulation Tomorrow
. The report notes that 47 % of SupTech tools are already in production, 38 % are under development, and 15 % are exploratory. Benefits include improved data quality, analytics, efficiency and collaboration, while challenges involve limited resources, governance issues, legal uncertainties and organizational readiness.
.

The draft strengthens governance arrangements, clarifies management body roles, and enhances oversight of internal control, risk management, and compliance functions. It incorporates ICT and security risk management in line with DORA, requiring institutions to integrate digital operational resilience into governance frameworks. The revisions also address anti-money laundering, conflicts of interest, and gender-neutral remuneration. Stakeholders can submit feedback until October 2025, with final guidelines to replace the 2017 version.

There is an increasing AI use in insurance—50% in non-life, 24% in life. To address emerging risks, undertakings must clarify supervisory responsibilities, maintain full accountability, and implement proportionate governance. Risk managers should conduct impact-based assessments, emphasizing data sensitivity, consumer impact, and financial exposure. Strong governance includes fairness, data quality, transparency, cybersecurity, and human oversight. Oversight extends to third-party providers, with contractual safeguards required. AI systems must align with existing frameworks like ERM and POG, ensuring traceability, explainability, and resilience throughout their lifecycle. Supervisory convergence across the sector remains a key regulatory goal.

The position paper underscores insurance’s central role in financial resilience, noting that roughly 90% of EU consumers hold at least one insurance product. It urges that the new Agenda:
• formally recognize insurance as a strategic enabler of economic and social stability;
• simplify and align regulation to insurance’s specific characteristics;
• support innovation in digitalization and AI with coherent rules;
• streamline consumer disclosures and enhance financial and insurance literacy to aid informed decision‑making.

This Final Report (EBA/RTS/2025/03) presents draft Regulatory Technical Standards (RTS) under the Capital Requirements Regulation (CRR) III. It addresses three mandates:
• An operational risk taxonomy with Level 1 event types, Level 2 categories and supplementary attributes (including ESG and ICT risks), to standardise how institutions classify loss events.
• Criteria for deeming the annual‑operational‑risk loss calculation “unduly burdensome” for certain institutions, allowing temporary waivers.
• Rules for adjusting loss‑data sets when firms merge or acquire entities, including currency conversion, re‑classification and fallback proxies.

Le rapport « 2025 stress test of euro area banks » du 1er août 2025 détaille l'exercice de test de résistance mené par la Banque centrale européenne (BCE) pour évaluer la capacité des banques de la zone euro à résister à des chocs économiques et financiers. Cet exercice projette l'évolution de la position de capital des institutions sur trois ans, de 2025 à 2027, sous un scénario de base et un scénario défavorable hypothétique, ce dernier impliquant une aggravation des tensions géopolitiques. Le document analyse l'impact de ces scénarios sur les risques de crédit, de marché et opérationnels, ainsi que sur la rentabilité des banques, intégrant également les nouvelles règles du Règlement sur les exigences de fonds propres 3 (CRR3). Le rapport conclut que le secteur bancaire de la zone euro est globalement robuste, tout en soulignant la nécessité d'une planification prudente du capital face aux incertitudes actuelles.

𝗘𝗜𝗢𝗣𝗔 released its July 2025 𝙄𝙣𝙨𝙪𝙧𝙖𝙣𝙘𝙚 𝙍𝙞𝙨𝙠 𝘿𝙖𝙨𝙝𝙗𝙤𝙖𝙧𝙙, offering an assessment of the European insurance sector's financial health as of Q1 2025 Solvency II data and Q2 2025 market data. Overall, the report indicates a stable risk landscape at a medium level for the European insurance sector, demonstrating notable resilience. However, it also highlights a negative outlook in certain areas over the next year, influenced by complex global dynamics such as geopolitical tensions and market volatility. Specifically, market risks due to fixed income volatility and cyber and digitalization risks are identified as growing concerns, necessitating continued vigilance despite general stability.

A joint initiative by the American Bankers Association and the Financial Services Coordinating Council supports expanding cloud deployment while aiming to mitigate associated risks. Published July 29, 2025, the ABA Banking Journal outlines collaboration among federal regulators, banks and major cloud providers (AWS, Microsoft Azure, Google Cloud, IBM). It highlights key risks—such as CSP‑related operational incidents, misconfigurations under shared‑responsibility models, monitoring gaps, tool and talent deficiencies, and market concentration. The article details a voluntary 16‑section reference tool covering audit, supply‑chain risk, contractual provisions, operational resilience and more. It aims to enhance transparency, cyber‑resilience and regulatory alignment in cloud adoption.

The guide emphasizes a foundational set of principles that apply across all risk types. These include robust governance, comprehensive documentation, sound data management, and effective model risk management.