Skip to main content
Marsh logo

Article

Changing risk and operating environment creating new challenges

Navigating evolving operational risks is key for financial institutions to build resilience, adapt strategies, and sustain competitive advantage.
Person's name and title

By Jacqueline Quintal

Managing Director, Financial Institutions & Digital Asset Industry Leader

03/10/2026 · 2 minute read

From cybersecurity threats to severe weather to shifting customer expectations, financial institutions are operating in an increasingly challenging and interconnected risk environment.

And as they strive to remain competitive in a saturated market, firms are making investments that could also expose them to new risks, potentially impacting their operations and profitability.

As the landscape becomes more complex and interconnected, identifying emerging and evolving risk  will be instrumental for financial institutions like yours, allowing you to put in place strategies to mitigate and transfer these risks in order to remain resilient and competitive.

4 top operational risks

A variety of risks can disrupt operations, requiring senior leaders to be aware of the potential challenges and implement proactive measures to address them. The most pressing challenges include:

The rise of digital banking, open banking, and cloud-based infrastructure has increased the interconnectedness among financial institutions. Although this connectivity can enhance customer experience, it also amplifies the risk of cyber threats. A breach in one institution’s network can have ripple effects across the entire financial ecosystem. For example, a cyberattack on a payment processor can disrupt transactions for multiple banks, potentially leading to customer dissatisfaction, reputational damage, and even financial losses. From an insurance perspective, cyber incidents can trigger impacts across multiple lines of coverage. 

In an effort to improve their operations, many financial institutions are embracing advanced technologies at a fast clip. Tools like artificial intelligence (AI) and machine learning can unlock new opportunities for efficiency and help provide better customer service. However, it is important for financial institutions to develop strong governance and risk frameworks when deploying AI to avoid inadvertently overlooking certain risks, including liability exposure from explainability gaps, regulatory exposure, model bias, cybersecurity and data privacy risks. As financial institutions deploy advanced technologies, sophisticated attackers are doing the same, developing more advanced phishing scams and AI-powered fraud.  

From storms to wildfires, severe weather-related events are increasing in frequency and severity; 46% of weather events with losses exceeding $1 billion (CPI-adjusted) tracked over the past 24-year period have occurred in the most recent seven years. Severe weather events can lead to significant losses within financial institutions’ loan portfolios, particularly when an entity has an aggregation of financed properties concentrated in disaster-prone regions and as claims become more frequent and severe in areas not historically considered high-risk. In some  circumstances it has become more difficult and expensive for borrowers to secure adequate insurance coverage for properties, potentially increasing loan default risk.

The global economic landscape is marked by uncertainty, influenced by geopolitical tensions, inflationary pressures, and other macroeconomic challenges. Today, uncertainty itself, rather than any specific policy outcome, is a dominant macroeconomic driver. Financial institutions should consider how volatility and uncertainty may act as a catalyst that stresses operational systems, processes, and people, potentially increasing the likelihood and impact of operational risks. Volatility can be thought of as a risk multiplier, which can transform latent operational weakness into material incidents. Navigating volatility – while acknowledging low-probability, high-impact risks is critical. 

Addressing operational risks through a multipronged plan

Effectively managing operational risks requires a clear strategy that allows you to prioritize your actions and make the needed risk mitigation, retention and transfer investments. Key strategies include:

  1. Evolving from cyber defense to digital trust:. Financial institutions have historically made significant investments in cybersecurity, including controls, regular risk assessments, employee training, and incident response plans. However, in today’s hyper-connected financial ecosystem, it is imperative to shift from a traditional cyber defense mindset to one focused on building and managing digital trust. This means not only protecting systems and data, but also measuring and monetizing trust as a critical asset.. Cyber risk should be viewed holistically -  as a vector that includes insurable and non-insurable aspects and has potential cascading impacts beyond immediate financial loss to impact reputation, regulatory compliance, and shareholder confidence. While Cyber insurance can help manage the financial impact of a cyber-attack, a cyber event can impact multiple lines of coverage including D&O, E&O, and FI Bond/Crime. This multi-line impact underscores the importance of a comprehensive insurance strategy integrated with risk management to address the complex and evolving cyber threat landscape. 
  2. Aligning technology strategies and risk: Consider implementing agile technology strategies that allow for rapid adaptation to  emerging threats, evolving opportunities, and shifting regulatory expectations. This includes regular AI model validation and implementing AI governance frameworks focused on transparency, explainability, and fairness. . Similarly, seek to evaluate technology risk at an enterprise and ecosystem level, inclusive of third- and fourth-party risk due diligence and monitoring. These steps are essential for managing risk to the institution and protecting customer information and trust.
  3. Integrating climate risk into decision-making: Incorporating climate risk assessments into lending and investment decisions can help understand potential vulnerabilities and identify aggregations in areas at a heightened risk of severe weather. This involves evaluating the potential impact of severe weather events on asset values, insurance availability and affordability, and borrower repayment capabilities.
  4. Developing risk forecasts in an uncertain environment: Legacy risk models – designed for discrete, siloed threats – are ill-suited in today’s environment. As risks accelerate and interconnect, utilizing a scenario-based approach, over multiple time horizons can help frame risks in terms of how your business and operating environment are evolving.

As risks continue to emerge and converge, the FI industry has an opportunity to anticipate challenges, avoid operational disruption, and  redefine how risk is priced, funded, retained, and/or transferred. Addressing these risks effectively through proactive strategies can allow your organization to unlock long-term resilience and financial efficiency.

This is the second article in a series. Read the first article here. We will next explore the operational challenges that can hinder financial institutions’ growth plans.

Related insights

Creative business group sitting at the round table

Article

Navigating an evolving risk environment

08/26/2025
Cable cars gliding in the mountains

Report

Credit Risk Transfer (CRT) solutions for banks in US/Canada

06/17/2024
Creative forex data chart

Article

Managing risk in digital asset custody partnerships

03/22/2024
Diverse business people partners group negotiating at boardroom meeting.Multiethnic executive team discussing financial partnership agreement project strategy brainstorming sitting at table in office.

Article

How reinsurance can enhance governance and growth for life insurers

02/14/2024
View more

Talk to us

Contact us to learn more about a specific solution or submit a sales inquiry.

Contact us