EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Limited, each of which is a separate legal entity. Ernst & Young Limited is a Swiss company with registered seats in Switzerland providing services to clients in Switzerland.
Recent Searches
Trending
-
Transfer Pricing in Swiss Asset Management: Where challenges are likely to emerge in 2026
23 Apr 2026 Financial services -
EY Client Tax Reporting Survey 2025
17 Apr 2026 Banking capital markets transformation growth -
How to prepare for the EU Pay Transparency Directive – Including the Swiss Perspective
06 Feb 2026 Workforce
Digital risks: Market trends and expectations of the 2nd Line of Defense
In its 2025 Risk Monitor and Guidance 02/2026 on digital fraud risks, FINMA emphasizes that digital risks continue to grow and that companies should carefully monitor ICT and cyber risks, in particular.
In the light of this development, financial institutions are under increasing pressure to prove their digital resilience. This includes the identification of redundancies in ICT systems, an effective incident management and a consistent management of third-party dependencies.
These issues have an impact on key functions and processes, underscoring the importance of a close link with operational risk management, especially from a 2nd Line of Defense perspective. At the same time, the CISO’s role as a central governance and interface function is coming more into focus.
Resilience in practice: Findings from FINMA’s on-site reviews
Following the publication of its Guidance 05/2025, FINMA announced that it would conduct on-site reviews of operational resilience at the premises of several institutions. FINMA made it clear that it has higher expectations regarding the maturity of existing frameworks.
The focus of these on-site reviews is on effective implementation, resilience testing, dependencies on other risk frameworks, along with effective reporting.
Against this background, we will share our experiences from on-site reviews attended by EY.
Dynamically instead of annually: New requirements for operational risk assessments
In an increasingly volatile environment, traditional annual risk assessments are no longer sufficient to effectively manage operational risks. Today, risks emerge dynamically, they are triggered by regulatory changes, new products, transformation, technological dependencies or geopolitical developments. At the same time, FINMA requires that risk assessments be conducted ad hoc and prior to major changes in products, processes, activities and systems, and that new risks be proactively identified. In the third part of our roundtable session, we will therefore explore how dynamic risk assessments can supplement static annual assessments and show practical approaches on how to integrate these methods into the overall risk assessment.
Agenda:
08.45 | Registration and coffee
09.00 | Welcome and introduction
09.15 | Digital risks
09.55 | Resilience in practice
10.35 | Dynamic risk assessment
11.15 | Summary and conclusion
11.30 | Apéro riche
Additional information:
- This event will be held in German
- Attendance by personal invitation only