Skip to main content
Marsh logo

Article

Navigating a new operating architecture: How financial institutions can manage interconnected risks

Today's risks are interconnecting. This reality signals the need to move toward an approach that aligns governance, risk transfer, and commercial strategy.

06/02/2026 · 6 minute read

The risk environment for financial institutions is changing at an unprecedented pace. The era of clear boundaries, where risks were neatly compartmentalized and managed by specialist teams operating within rigid governance frameworks, is giving way to a new reality. Today, risks are converging and interconnecting, dissolving the clear control perimeters that once defined banking risk management.

Cyber threats and risks associated with digital assets, open banking, and the rapid integration of generative artificial intelligence (AI) are no longer isolated concerns, but are becoming the operating architecture of modern banking. This shift suggests that institutions treating these developments as discrete compliance workstreams might remain strategically exposed.

For risk and insurance leaders, this reality signals the need to move beyond transactional risk management toward a strategic, integrated approach that aligns governance, risk transfer, and commercial strategy.

Converging risks create cascading exposures for financial entities

As risks continue to stack and cascade in ways that traditional taxonomies and quantification methods struggle to understand and categorize, it is critical for banks to consider two dynamics.

First, today’s financial institutions have become increasingly fintech-like; digital capabilities are no longer a support function, but a core business model. Real-time payments, open banking APIs, and embedded finance accelerating transaction velocity can be an advantage for consumers but a risk multiplier for firms whose governance and controls were designed for an era of slower banking. As speed increases the exposure window and compresses the time available for detection, response, and regulatory notification, having the right structures in place becomes all the more critical.

Second, the rise of digital assets, tokenization, and decentralized finance presents a significant shift for the industry. While many of the largest global banks have begun to navigate these challenges, mid-tier and smaller institutions are transitioning at different speeds and with uneven maturity when it comes to implementing the controls needed to address these risks effectively. These gaps can create asymmetrical risk profiles across the sector. Crucially, these developments create new transmission pathways: a cyber breach may morph into a consumer liability issue, which triggers regulatory inquiries, which could, in turn, contribute to liquidity stress, shareholder impact, exposures for directors and officers, and reputational challenges — often simultaneously.

And rather than slow down, these risks are only expected to accelerate.

These cascading effects raise measurement challenges. Institutions often recognize the problems, but struggle to fully dimension the quantum of risk, how it could compound over time, and where second- and third-order impacts could land. Without definitive answers, boards and senior leaders may find it more difficult to make informed decisions about risk appetite, capital allocation, or insurance purchasing.

3 actions to address evolving risks

The majority of financial institution clients are underpricing technology-related risks when measured through a single lens — for example, their cyber insurance contract — and not capturing how risk accumulates. To bridge these issues in risk financing efforts and build a strategy that is fit for today’s reality and prepared for the future risk landscape, senior leaders should consider three critical actions.

selected option

Leaders must systematically map how discrete events propagate across the enterprise. This means looking beyond the four corners of an insurance contract to better understand how a single event can reverberate across multiple policy areas and business units. This requires recognizing that in today’s interconnected environment, a single risk event rarely remains contained within the domain where it originated, but instead creates a cascade of consequences that can simultaneously impact operational, consumer, and regulatory spheres. For example, a major financial institution that carried out this exercise uncovered that a single cyber event could create exposures for directors and officers aside from reputational challenges. By mapping the transmission pathways, they were able to identify gaps within the existing insurance program that were previously not accounted for.

Understanding these linkages enables senior leaders to move away from traditional models that treat different risks in isolation and create risk frameworks that are aligned to the interconnected way risk moves through the company’s architecture.

There is often a disconnect between risk finance, enterprise risk management, operational risk, and frontline business units, with each team operating with different taxonomies and metrics. Bridging this gap requires establishing shared terminology and equivalent quantification methods that enable different departments to view risk in a comparable way, providing them with a unified view of risk.

This integrated approach aligns parties that are typically working disparately around a singular understanding of the complex risk landscape, enabling faster, coordinated response. It also creates a more credible foundation for strategic conversations with the board, turning technical debates into commercially actionable choices about when to retain risk, buy protection, or change product design. It also provides a more informative basis for conversations with insurers.

Traditional risk financing efforts capture where you are; forecasting helps you understand where you’re going. Financial institutions that build multi-year risk forecasts aligned to commercial strategy and product mix can gain the advantage of being able to act before risks fully materialize. For example, one major financial institution that utilized a multi-year forecast discovered that its liability exposure was set to grow by close to a third over the next three years due to a significant digital expansion. This early warning allowed the firm to preemptively adjust its risk-taking appetite and negotiate more favorable market terms before the risk actually matures.

This strategic foresight provided by forecasting exercises also supports scenario testing against policy language, allowing firms to present their risk more accurately to the insurance market at a time when underwriters tend to reward clarity and demonstrable risk management maturity, potentially gaining a competitive advantage during renewals.

Risk forecasting allows banks to decide how to manage a risk before the risk decides for them.

In a fast-evolving environment, the question is not whether risks will change; it’s how quickly they will do so and what the consequences will be. Banks that continue to govern their risk management strategy and purchase insurance based on yesterday’s risk architecture may remain vulnerable to the impacts.

By connecting the dots between operational reality and strategic risk finance, financial institutions can move from a state of constant alert to one of resilient growth, focusing on a future of banking that revolves around more connected risk intelligence and that delivers results.

Contact us

Contact us to get in touch with a financial institutions specialist, learn more about a specific solution or submit a sales inquiry.

Our people

Jackie Quintal

Jacqueline Quintal

Managing Director, Financial Institutions & Digital Asset Industry Leader

  • United States

Reid Sawyer

Reid Sawyer

Managing Director, Head Emerging Risks Group, Marsh

  • United States

Related insights

Finger on ipad obtaining statistics and analysing data

Article

Balancing growth, innovation, and risk

05/13/2026
Business person walks up escalator in city

Article

Risk outlook for digital assets in 2026

03/24/2026
Placeholder Image

Article

Changing risk and operating environment creating new challenges

03/10/2026
Creative business group sitting at the round table

Article

Navigating an evolving risk environment

03/01/2026
View more