By Sonia Dribek-Pfleger, Radka Margitova

Artificial intelligence (AI) is becoming a structural component of modern bank management. It increases speed, scalability and cost and process efficiency, but at the same time changes the origin, linkage, controllability and accountability of existing financial and non-financial risks. Against this backdrop, the CRO function is becoming much more strategically important. It is becoming the central integration instance. The paper argues that AI does not create new types of risk, but rather expands the core of risk management. What is required is not a parallel AI framework, but systematic embedding in existing management, governance and control structures.

By Cristina Has

Generative Artificial Intelligence (GenAI) has moved rapidly from technological curiosity to strategic priority in banking. Since 2023, institutions have launched numerous pilots, from internal chat assistants to automated document analysis. While these projects show impressive capabilities, many struggle to turn experimentation into measurable economic value. This gap reflects not technological immaturity, but misalignment with regulatory, organisational, and contextual realities. As hype fades, pressure grows to justify investments with tangible returns.

By Dana Wengrzik, Carsten Demski

Since 2020, the global economy has been impacted by a series of exogenous shocks that have had a profound and lasting effect. These include the coronavirus crisis (Q1 2020 – Q1 2022), the war in Ukraine and the associated energy crisis (from February 2022), the sharp rise in inflation (peaking in 2022/2023), which the central banks then countered with a more restrictive monetary policy (ECB from mid-2022). Since March/April 2025, the US government under Trump has also kept the world on tenterhooks with its erratic and protectionist trade and customs policy. The events listed are not exhaustive. However, they show that banks and companies are facing major challenges: They find themselves in a highly volatile environment in which their business situation and, as a result, their credit rating can deteriorate quickly and unexpectedly.

By Dr. Benjamin Clapham, Prof. Dr. Peter Gomber, Prof. Dr. Jan Muntermann

Digital asset markets (DAMs) are marketplaces for cryptocurrencies and stablecoins. In recent years, numerous hacks and frequent incidents of fraud and manipulation on these markets have made headlines, unsettled investors and led to considerable financial losses. Prominent examples include the collapse of FTX, in which customers lost over USD 1 billion, and the hack of Bybit, in which hackers stole USD 1.5 billion. The FIRM-funded project “Integrity of Digital Asset Markets” supports investors, financial intermediaries, regulators and researchers in assessing the integrity of DAMs and estimating trading risks. To this end, integrity-relevant characteristics and integrity violations were identified, quantitative and qualitative assessment measures were derived and empirically evaluated, and market reactions to cases of official prosecution of integrity violations were investigated.

By Dr. Aaron Kamm, Dr. Felix Mackenroth

Effectively combating money laundering is one of the key challenges for the stability, integrity and reputation of the European financial system. Despite considerable investment in compliance frameworks and monitoring systems, financial institutions have thus far only to a limited extent been able to identify complex money laundering networks at an early stage. The reason for this is less a lack of data than its fragmentation along institutional and national borders. While criminal actors spread their activities across numerous banks, financial institutions are confined to a distinct insular view, which is further reinforced by data protection law, banking secrecy and regulatory requirements.

By Prof. Dr. Jennifer Kunz, Dr. Niclas Dürst

Since the last financial market crisis, risk culture has repeatedly become the focus of regulation. A current example is the statements in the 7th MaRisk amendment, which calls on institutions to further develop their risk culture and make it controllable. This article takes up this discussion and highlights the critical points that are relevant to the successful and sustainable management of risk culture. It addresses the basic attitude towards risk culture management, its practical implementation and its consolidation.

By Oliver Behrens

Financial crime and money laundering pose a threat to the integrity of global financial systems today. The establishment of the new EU authority for combating money laundering and terrorist financing (AMLA) in Frankfurt am Main is a milestone for European financial supervision and regulation. At the same time, and initially less obviously, it is a mission and an opportunity for the financial center of Frankfurt to establish itself as a European center for data analysis, the development of AI applications to combat financial crime and the corresponding training, networking and exchange of experts.

By Dr. Silke Luckmann, Albert Sailer, Simone Tillmann

In the DZ BANK Group, the MEFAK test is the central tool for checking the calibration of a rating procedure. It is a method for simulating default figures to appropriately determine acceptance bands, which can also take correlations into account. As a further development of the well-known binomial test with asset correlation (Basel one-factor model), the MEFAK test takes into account the complete, multi-year data basis and can also map time-dependent correlations using an additional parameter. The distributions of default figures are not only simulated at portfolio level, but also at rating class and annual level.

By Dr. Adrian Schnitzler, Dr. Philipp Schröder

Even though Germans are still attached to cash, there are various current developments towards digital forms of payment which, in addition to the associated technical challenges, also have a significant impact on bank management. Examples of this include the obligation to make SEPA Instant Payments and the planned introduction of the digital euro. This article looks at the impact of these developments on banks’ asset liability management, refinancing strategy and liquidity risk management.

By Dr. Michael Kalkbrener, Prof. Dr. Natalie Packham

Point-in-time (PIT) and through-the-cycle (TTC) rating philosophies are both firmly established in credit risk management, yet their conceptual differences are often handled without a unified modelling framework. Based on the recent work by Kalkbrener and Packham [2026], this article provides a formal characterization of PIT and TTC properties in terms of rating migrations and default behaviour, clarifying where cyclicality enters a rating system and how this affects default probabilities over different time horizons. The underlying mathematical model of rating migration processes explicitly conditions credit ratings on economic states to reflect the impact of macroeconomic developments on default rates. A stylised example illustrates how PIT and TTC ratings coexist within a single framework and how their long-run behaviour can be aligned.

By Ihno Raab

The AI Act [EU 2024] provides the first Europe-wide, legally binding framework for the use of artificial intelligence. For HR departments, this represents a paradigm shift: what was previously viewed as an innovation project now also becomes a compliance issue. Systems for candidate selection, performance evaluation, or workforce planning are classified as “high-risk AI” – with far-reaching consequences for governance, documentation, and control. The regulatory clock is ticking: from August 2026, the AI Act applies to new HR systems.

By Prof. Dr. Markus Rudolf

26 years ago, in March 2000, the European Council in Lisbon formulated an ambitious goal: The EU was to become the most competitive and dynamic knowledge-based economic area in the world. Today, the Global Competitiveness Index (GCI) shows an enormous race to catch up by China since 2000, which has now caught up with Europe. The USA is still in the lead. Europe has stagnated. The stagnation of European competitiveness is not only evident in the field of artificial intelligence. It is also evident in the financial industry.

By Prof. Dr. Josef Scherer, Fabian Pothorn

The current situation in times of multiple crises, various transformations due to numerous megatrends and numerous armed conflicts is full of risks, as the Global Risks Report 2026, CEO’s Annual Survey 2026 and the Allianz Risk Barometer 2026 show almost unanimously. Many new opportunities are the flip side of this coin if the so-called future skills are developed at an early stage.

By Andreas Scheurer, Michael Droßel

As digitalization progresses and the influence of modern technologies on the financial sector continues to grow, the use of artificial intelligence (AI) is increasingly becoming the focus of strategic considerations. However, in addition to great potential, AI also brings new challenges. Against this backdrop, an expert survey of the participants in the FIRM Banking Risk Round Table is intended to shed light on this: What is the status of the practical implementation of AI in risk controlling? How deeply is AI already rooted in the strategy of the institutions? And what opportunities and challenges do industry experts see in the implementation and use of AI?

By Prof. Dr. Martin Spindler

The increasing availability of large amounts of data and powerful machine learning processes has fundamentally changed the financial industry in recent years. In risk management in particular, data-driven models are now routinely used to forecast credit risks, market movements or fraud probabilities. However, despite their high predictive accuracy, traditional machine learning approaches have conceptual limitations: they provide correlations but no cause-and-effect relationships.

By Cristina Reuter, Oleg Burd, Lars Temme

State funds are not sufficient to finance the urgently needed investments in important fields of action such as energy and transportation networks, security and digital infrastructure in Germany and Europe. Mobilizing private capital for this is a contribution that promotional banks should and can make. KfW can effectively leverage this with equity investments and as an anchor investor in funds, among other things. However, increased investment in the private equity business also requires adequate risk assessment procedures.

By Paddy Gilling, Steffen Fink, Sven Dölp

The gap between customer expectations and the actual performance of recovery processes has never been wider. Today, accounts can be opened in minutes, money can be moved around the world and spending can be controlled via intuitive apps that adapt to individual behavior. However, when a payment is missed, many people still encounter standardized letters, rigid conversation guides and severely limited contact options. For one UK retail bank, this discrepancy has long been more than just a customer experience issue. While large parts of the organization had modernized, the recovery processes had remained virtually unchanged for decades.

By Oliver Wulle, Alexander Vesper

In the draft standard “Risk Mitigation Accounting” published on December 3, 2025, the IASB proposes a completely new model to account for interest rate risk management at portfolio level, particularly for banks. The objectives of the risk mitigation accounting model (RMA model) are to appropriately reflect the economic effects of asset liability management (ALM) and to provide meaningful information on the management derivatives used for this purpose in IFRS financial statements.

By Thomas Bley, Alex Bogun

Institutional investors with long-dated liabilities and illiquid allocations face a structurally elevated liquidity risk, especially when capital calls or liability payments coincide with market stress and depressed asset prices. The methodology described below builds a statistically grounded, vintage‑diversified capital‑call model that allows such investors to set liquidity buffers to avoid forced sales while limiting unnecessary cash drag.

By Dr. Lukas Figge-Muschalik, Luca Steinhauer, Matthias Hübner

As the shift toward a net-zero economy accelerates, banks face mounting pressure to realign their business models and credit portfolios with the 1.5°C pathway while maintaining financial resilience. Strategic transition planning has therefore become a strategic management task rather than a compliance exercise. Its effectiveness determines whether institutions can translate climate ambition into actionable steering, manage emerging risks and retain credibility with regulators, clients, and investors. At the same time, banks must navigate heterogeneous sectoral pathways, data limitations and the trade-off between long-term resilience and short-term profitability. This article is based on the cluster initiative on transition plans and outlines the key strategic trade-offs, investor expectations and organisational building blocks that banks need to turn transition plans into a strategic management tool [see Sustainable Finance Cluster 2025].

By Dr. Henning Dankenbring, Dina Friedrichs, Elvira Niedermeier

The ongoing digitalization of the financial sector has significantly increased dependence on information and communication technologies (ICT) and specialist ICT third-party providers. At the same time, cyberattacks, operational disruptions and concentration risks are increasing. Digital operational resilience has thus become a key stability factor for institutions and the European financial market. With the Digital Operational Resilience Act (DORA), a uniform European framework for managing ICT, cyber and ICT third-party risks was created for the first time.

By Markus Quick, Armina Schädle, Dr. Holger Spielberg, Dr. Clemens Wieck

The financial world is undergoing profound change: environmental problems, social expectations and geopolitical instability are increasing the pressure on banks. The interlinked challenges are jeopardizing the long-term stability of financial institutions. At the same time, external requirements are becoming stricter – for example due to the omnibus package and new EBA guidelines. ESG risk management is therefore no longer just strategically relevant, but a clear regulatory expectation.

By Prof. Dr. Andreas Igl

For a long time, the management of third-party service providers in the German banking industry was determined by a national outsourcing management system in accordance with MaRisk AT 9. With DORA and the reorientation of the EBA, a fundamental change is now taking place towards “uniform European” third-party risk management (TPRM). Instead of a contractually and organizationally dominated perspective, a function- and risk-oriented management approach is emerging.

By Dr. Jochen Papenbrock, Dr. Sebastian Fritz-Morgenthal, Dr. Mark Währisch

Artificial intelligence is profoundly changing banks' risk management. After years of rule-based automation, the rise of so-called agentic AI systems is opening up a new dimension: AI models that not only analyse, but also independently prepare decisions, prioritize tasks and coordinate processes. This shifts the focus from reactive data evaluation to proactive management of complex risk and compliance processes.

As part of the Artificial Intelligence Round Table, FIRM is addressing the question of how financial institutions can shape this development - with a view to governance, data quality, supervisory capability and cultural requirements. The key finding of the discussions so far is that agentic AI is not technological hype, but a strategic lever for resilience, efficiency, innovation and regulatory security.

By Dr. Til Bünder, Gerold Grasshoff, Emilia Zimermann

The economic structure around the globe is becoming increasingly complex and trade conflicts and military tensions are posing various risks for national economies, companies and financial institutions. In such a situation of uncertainty, proactive risk management is more important than ever for banks. The current FIRM position paper Banks Navigating Global Crises: Analysis of Geopolitical Risks and their Impact on the Financial Sector summarizes what needs to be considered, how scenarios are defined, quantified and appropriate mitigation measures derived.

The authors Gerold Grasshoff, Dr. Til Bünder and Emilia Zimermann look at the potential impact of recent developments in China, the Middle East and the political change of course in the USA. The analysis focuses on German and European banks: how do geopolitical risks affect their credit, market, liquidity, business, sanctions and cyber risks? The position paper offers comprehensive guidelines for dealing with geopolitical challenges in the financial sector.