ESBG submitted its response on resolvability testing to the EBA consultation


February 16, 2023

On 14 February, ESBG submitted its response to the consultation launched by the European Banking Authority (EBA) in November on its amended guidelines, which aim to improve resolvability testing and to promote a deeper involvement of the institutions in the resolution planning process.

In this respect, they are requested to assess whether the arrangements in place are still fit for purpose to support the execution of the resolution strategy through a self-assessment and a master playbook for the most complex banks. The resolution authorities (RAs) will be asked to adopt a multi-annual resolvability testing programme for the institutions under their remit.

In its response, ESBG firstly warns against the risk of duplicated and overlapped requirements. The EBA consultation highlights several areas where the objective to be reached remains unclear. All the requirements that are already covered by the supervision authorities should not be duplicated in these guidelines. Given that the published EBA report on self-assessment is not expected to be complementary, proper, harmonized and stable reporting would be appreciated. Moreover, considering that the master playbook does not replace the other existing playbooks, ESBG also recommends maintaining only one set of documents to avoid unnecessary duplications, or overlaps in updating periods.

Secondly, a deeper cooperation needs to be encouraged between the institutions and the RAs. Such cooperation will lead to a better understanding of the resolvability expectations and thus will benefit financial stability. However, ESBG recalls that the institutions do not have full insight into the resolution plan and that the RAs share information on a ‘need-to-know basis’. The guidelines should be enhanced by the requirement for the RAs to present the authority’s assessment to the banks in order to identify areas for improvement and to avoid miscommunication. In addition, before asking banks to set up a master playbook, any guidance from the RAs on a successful resolution process would be welcome.

Finally, these new requirements should be better proportionated and time phased. The EBA Guidelines should not only provide proportionality for compliance but also for the possibility to adjust the scope of the self-assessment report based on individual requirements given by the group resolution authority. Provided that the non-resolution entities requirement is new, the deadline for the submission of their report should be set to 2025. Besides, keeping in mind the considerable effort required, ESBG deems that an every-two-year submission would be justified for both the self-assessment report and the master playbook.

Executive SummaryFull Position Paper


Interview with ESBG President Dominique Goursolle-Nouhaud: “The Savings Bank model is the model of the future ”

Dominique Goursolle-Nouhaud
President of the European Savings and Retail Banking Group

One year after her election as the President of the European Savings and Retail Banking Group (ESBG), Dominique Goursolle-Nouhaud reflects on the main projects undertaken so far and tells us about the values guiding her mandate.

What is your assessment of this first year as the President of the European Savings and Retail Banking Group?

This first year in office came about in a difficult context, marked by multiple crises at the European and international level. These crises highlighted the need to come together and work collectively. To face this situation, savings banks have demonstrated their effectiveness and resilience. At the end of a year of commitment where the social approach has been decisive, not to say fundamental, I am very satisfied to see that we have been able to form a common front to build an approach based on the general interest and social values that carry me in the exercise of my tenure. In addition to my function within the ESBG, I am also the President of the National Federation of Savings Banks (la Fédération nationale des Caisses d’Epargne). Representing the interests of the French savings banks through its cooperative model of regional insurance banks, being the pioneers in social transitions, and belonging to its member-clients, has been feeding my discussions led with my European counterparts. Focussing on the positive impact of each of our decisions, I am supporting certain values, such as financial inclusion particularly in these difficult times where inequality is spreading. These are the values I have been defending for so many years and which reinforce my action. And I must say that there is still so much to do!

Does representing the savings banks help you defend its values?

Absolutely! When we represent the French Savings Banks, we carry their values and their convictions. We are proud to exemplify a unique model concerned about people, which contributes to the economic and social development of the territories and strives to be at the forefront of major transformations of society. The challenge is to explain our distinction to other countries and regulatory bodies, such as the European Central Bank (ECB), whose interests can sometimes diverge. I strongly believe in fair banking. In my opinion, the savings bank model is the model of the future. We have been coming through many crises by protecting and supporting the most vulnerable. Therefore, when I am around a table with my European counterparts, I need no lessons from anyone because I know that we are the pioneers!

In the performance of your duties, is being a woman a game-changer?

Yes, I have the impression that there is less of a power relationship. My male colleagues take more precautions with me (laughs)! And that creates a certain consensus.
On the other hand, my relatively positive experience as a female executive in a man’s world does not change the fact that in the banking sector, we tend to overvalue masculine leadership traits like charisma, confidence and decisiveness, and we undervalue more feminine traits like empathy, humility and high emotional intelligence. People might have biases towards what they believe are “good” behaviours, which tends to undervalue what women bring to the table. But I would like to remind a quote from Christine Lagarde who said back in 2010 “if Lehman Brothers had been ‘Lehman Sisters’ today’s economic crisis clearly would look quite different.” It was a quip, of course, but it summaries the situation very well and I think it is still applicable today.
Moreover, as a woman, I make it my mission to raise the subject of the “place of woman” in the financial world. I am very proud to have contributed to the organization of the conference “My world, my knowledge, my future: a female approach to financial education”, the first of its kind to highlight the importance of the role of banking institutions in the financial education for women…because without financial independence, there is no freedom.
But of course the prerequisite of financial independence is to have access to education, and also to financial education. I do believe that ensuring all women to have access to quality education is essential in respecting their rights and accelerating the construction of a just and sustainable world which we all need. In this respect, I must say that I am very proud to take the lead of an institution who attaches priority to financial education.

What has been your greatest pride so far?

I think it is to have succeeded, with the members of the ESBG, in finding a common and urgent European solution in the beginning of the Ukrainian crisis. In one weekend, members showed their support by committing to waive transaction fees on bank transfers to Ukraine. It was not an easy task, because this country is not a part of the European Union and it was necessary to carry out all the operations manually. We, the European Savings and Retail Banks, reacted in consultation and made a strong and united commitment.
Apart from this humanitarian initiative, as one of our most prominent endeavours in the past year, ESBG has sharpened its advocacy strategy by defining priorities and key policy dossiers on a bi-annual basis in consultation with members of each ESBG committee. As a result of our renewed advocacy strategy, 67% of ESBG amendments to key files of EU legislation have been retained by the policy makers. As proven, the fact that we are stronger together does not only make our voices heard; it also ensures that our messages are taken into account by the top legislators. Hence, it is our continuous aim to make the voice of retail and savings banks heard both at the European and global level.

What are your future challenges?

I would like to strengthen our cooperation at the European level, particularly with CaixaBank, with whom I believe it is important to share best practices in terms of inclusive innovations. We need to work hand in hand to develop microcredit, so that the poorest households can benefit from appropriate support and financing. I would also like to take up the challenge of restoring the image of the banker and the bank. In order to do this, we need to make an additional effort in communication and cultural adaptation with the general public who are still too often unaware of our model. We must make it known to as many people as possible!

About the Fédération nationale des Caisses d’Epargne

The “National Federation of Savings Banks” is the representative and expression body for 15 Savings banks, regional cooperative banks, 4.4 million members and 2,600 elected representatives. Its main missions are to coordinate and lead the relations between the members and the Savings Bank, represent their common interests, in particular with the public authorities, to support and train members’ elected representatives, to define, coordinate and promote the social and environmental actions of the Savings Banks.

Version française

Press Contact from WSBI-ESBG
Nihan Cevirgen
Communications Manager

Press Contact from FNCE
Guénaëlle BEZAULT
Cheffe de projets Editorial & Digital


EBIC, chaired by ESBG, addressed policy makers ahead of upcoming trilogue negotiations on AML

The AML package was published by the European Commission in 2021. Besides the establishment of an EU-wide AML authority, the package shall create a coherent legislative framework (‘single rulebook’) to improve the fight against money laundering and terrorist financing.

Notably, a first ever AML Regulation shall ensure a coherent set of rules for the private sector, including banks. One and a half years later, the discussions in the European Parliament are coming to an end and the final text will be discussed in trilogue meetings later this year.

To equip negotiators with background information on the banks’ concerns, the European Banking Industry Committee (EBIC) sent, on 7 February 2023, some main considerations to policy makers. The paper highlights selected priority issues of particular concern shared by the wider European banking sector, such as the exchange of information (both between group members of obliged entities and, in certain cases, private entities that operate within networks) and the measures to be taken regarding politically exposed persons.

The letter signed by the newly elected EBIC President Peter Simon also pointed to the importance of outsourcing possibilities, especially regarding the reporting of suspicious activities or threshold-based declarations to highly specialised service providers and elaborates on major concerns in the context of beneficial ownership.

In addition to other important messages, the EBIC stressed to disagree with reducing the percentage threshold serving as an indication of ownership of a legal entity from 25% to 5%, as suggested by some members of the European Parliament.

Read the full letter

Click to open


ESBG responds to the Commission consultation on defining violations of Union restrictive measures

Restrictive measures are an essential tool for maintaining international peace and supporting democracy, the rule of law and human rights.

To preserve these values, the EU currently has over 40 sets of restrictive measures in place which are binding on Member States and on any person or entity under their jurisdictions, including banks. While the adoption of Union restrictive measures has intensified over recent decades, national systems still differ significantly in the criminalisation of their violation. Against this background, the European Commission published a proposal for a Directive on the definition of criminal offences and penalties for the violation of Union restrictive measures in December 2022 to support the efficient enforcement of the rules.

In our response to the Commission’s call for feedback on the proposal, ESBG highlighted important points focused on the roles of banks in the sanctions compliance, such as removing the penalization of serious negligent violations. Additionally, a non-punishable voluntary self-disclosure for employees should be introduced to sufficiently protect them when a mistake happens. This shall prevent the criminalisation of human errors in sanction checks. Furthermore, we stressed that criminal liability requires a precise conceptual delineation of rights and obligation of the involved parties, and provided more remarks on the particular provisions.



Advocating on the EU deforestation regulation


February 3, 2023

What lessons can be learnt from a French diplomat from the XIX century?

By Adrien Boudet

As Charles-Maurice de Talleyrand, a French diplomat from the XVIII and XIX centuries who was notably the French negotiator during the Congress of Vienna in 1815 used to say, “Beware of your first impressions, they are often the right ones (1)”. This maxim finds a particular echo regarding the deforestation regulation.

Before going any further, let us come back to the regulation itself. It was initiated when the European Commission adopted a proposal on 17 November 2021. It aims to curb deforestation and forest degradation that is provoked by EU consumption and production. It also lays down rules regarding the placing and making available on the European Union market, as well as the export from the Union market, of cattle, cocoa, coffee, oil palm, soya and wood (‘relevant commodities’) and products.

Nonetheless, at a very late stage of the negotiations, several members of the European Parliament (MEPs) tabled amendments that included financial institutions in the scope of the regulation considering that their services could contribute to the activities linked directly or indirectly to deforestation and forest degradation. According to the MEPs’ proposal, the regulation should have established obligations for financial institutions operating in the Union that provide financial services to entities or corporate groups doing business in the commodities and products covered by the regulation. In particular, financial institutions would have been prohibited from providing financial services to customers if there was a risk (more than negligible) that the services in question may provide support directly or indirectly to activities leading to deforestation and forest degradation.

After several months of advocacy and negotiations in the “trilogues (2) ”, EU negotiators finally agreed not to include financial institutions in the scope of the regulations in December 2022. Even if the text has not yet been formally adopted since amendments can be tabled in the European Parliament until 21 April, it will be surprising to have a different outcome when it comes to the exclusion of financial institutions (3) . So, “fin de l’histoire?” Well, it seems that one must “beware of his first impressions”. Why so? Several points come to one’s mind.

On the one hand, regarding the procedure, it is quite worrying that this dossier could set up a precedent. Indeed, tabling a last-minute amendment to include financial institutions in the scope of the regulation whereas such a possibility was neither assessed by any proper impact assessment nor suggested by any other key stakeholder, does not seem to be the best way to proceed. In terms of legal certainty as well as implementation feasibility, this method could be quite dangerous and troublesome if it was to become the norm.

On the other hand, regarding the substance of the text, one must be careful as well. As the compromise draft stands, even though financial institutions are not included in the scope, this might not be the case in the medium-term. Indeed, the text mentions that a review clause must be conducted by the Commission two years after the adoption of the text at the latest: “The assessment… shall also evaluate the role of financial institutions in preventing financial flows contributing directly or indirectly to deforestation and forest degradation and assess the need to provide for any specific obligations for financial institutions in EU legislation in that regard, taking into account any relevant existing horizontal and sectoral legislation.” In other words, financial institutions should, from now on, be prepared to comply with the regulation’s requirements and to reflect on some key messages to push forward. If they do not, they will run the risk of being ineffective when addressing again the EU policymakers in two years. Advocating for the non-inclusion in the scope will be repetitive. Instead, they must be proactive and come up with concrete and implementable solutions to efficiently tackle the financing of deforestation. Especially so since addressing this issue is a fair request.

Overall, this dossier also reveals the current trend among EU policymakers to implement new requirements for financial institutions. Whether banks should contribute to sustainability is beyond question. Nevertheless, they already have to comply with several EU legislations’ requirements in this regard, such as the EU Taxonomy, the Sustainable Finance Disclosure Regulation (SFDR), the Corporate Sustainability Reporting Directive (CSRD) and probably as well the currently discussed Corporate Sustainability Due Diligence Directive (CSDDD), to name a few. All these regulations imply different requirements and are not necessarily always coordinated between one another. Hence, the number of rules financial institutions must comply with regarding sustainability is increasing continuously and may lead eventually to difficulties. In other words, financial institutions will struggle (and already are struggling to some extent) to understand what is exactly expected from them. As stated by “le diable boiteux” Talleyrand, “Anything excessive is insignificant (4)”.

When all arguments have been heard, financial institutions shall contribute to sustainability in every way that they can. Now, they must begin to think on how they could effectively fight the financing of deforestation. If they do not, they might end up being obliged to comply with complex and burdensome requirements. In the meantime, EU policymakers should make sure that rules are clear and that a consistent framework is being implemented. “If it goes without saying, it goes better when it is said (5)”.

Adrien Boudet is WSBI-ESBG advisor with expertise on sustainable finance

Meet the Advocacy Team

  1. « Défiez-vous de vos premières impressions, ce sont souvent les bonnes. »
  2. Informal negotiations between the Commission, the Council and the European Parliament.
  3. In order to be formally adopted, the text must be voted by the European Parliament in plenary session and formally approved by the Council.
  4. « Tout ce qui est excessif est insignifiant. »
  5. « Si cela va sans dire, cela va mieux en le disant. »


WSBI Encuentro Internacional de Líderes de Banca Retail


EVENTO: Tendencias globales en educación financiera, ciberseguridad y finanzas sostenibles

WSBI Encuentro Internacional de Líderes de Banca Retail

17 MARZO 2023

Regístrese para el evento

Este encuentro reunirá a líderes del sector de la banca retail, así como reguladores y organismos técnicos de avanzada, para un enriquecedor intercambio sobre los temas más apremiantes a nivel mundial y regional.

Encabezado por el presidente del WSBI, Sr. Isidro Fainé (presidente de la Fundación ‘”la Caixa”); y el presidente regional de WSBI para América y el Caribe, el Sr. Diego Prieto Rivera (Presidente del Banco Caja Social, Colombia), esta será una ocasión única para el intercambiar conocimientos, y crear vínculos con los miembros de la directiva del Instituto, representantes de nuestra prestigiosa organización provenientes de todo el mundo, así como con actuales y potenciales miembros de la región Latinoamericana.


8.00 – 8.30 AM
8.30 – 9.00 AM
Mensajes de bienvenida

Peter Simon
Director General WSBI-ESBG

Diego Prieto Rivera
Presidente Regional del WSBI para América y el Caribe y Presidente de Banco Caja Social (Colombia)

09.00 – 10.30 AM

PRIMERA SESIÓN: Historias de éxito en Digitalización y Ciberseguridad

Carlos Morales Roviralta, Director de la Oficina de Representación de CaixaBank en Colombia


    • Al-Amine Nejjar, CEO de Al Barid Bank y presidente regional del
      WSBI para Africa (Marruecos)
    • Alok Kumar Choudhary, Director general de Operaciones del Banco estatal de India (virtual)
    • Fabián Hernández, Presidente CEO de Telefónica Movistar Colombia
    • Daniel Madrid Díaz, Responsable global de la práctica de consultoría en riesgo tecnológico y ciberseguridad en Minsait

10.30 – 11.00 AM

Pausa café   ☕ Hot Beverage Emoji

11.00 – 12.30 PM

SEGUNDA SESIÓN : Finanzas sostenibles

Discurso introductorio: Helmut Schleweis, Presidente de la Asociación Alemana de Cajas de
Ahorro (DSGV)


José María Méndez, Director General de CECA y CEO de Cecabank (España)


  • Marcela Ponce Pérez
    Directora del Programa de Finanzas Climáticas en Latinoamérica y el Caribe International Finance Corporation (IFC)
  • Mariana Escobar Uribe
    Líder del Grupo de Trabajo de Finanzas Sostenibles de la Superintendencia Financiera de Colombia
  • Eugenio Solla
    Chief Sustainability Officer y Miembro del Comité de Dirección de CaixaBank (virtual)
  • Clemente del Valle
    Director del Centro Regional de Finanzas Sostenibles de Uniandes y miembro del sustainable Development Investment Future Council del World Economic Forum

12.30 – 02.00 PM Almuerzo

02.00 – 03.30 PM

TERCERA SESIÓN: La educación financiera como medio para la inclusión financiera

Discurso introductorio: Dominique Goursoulle- Nouhaud, Presidenta de ESBG y de la Fédération Nationale des Caisses d’Epargne (FNCE) (Francia)


Moderador: Joan Rosás, Director de Relaciones Institucionales Internacionales CaixaBank


  • Faustino Laínez Mejía, Presidente de Banco Atlántida (Honduras)
  • Jorge Solís, Presidente de la Federación Peruana de Cajas Municipales de Ahorro y Crédito (FEPCMAC)
  • Diego Prieto Rivera, Presidente de Banco Caja Social (Colombia)

03.30 – 04.05 PM

Discurso de clausura

  • Isidro Fainé, Presidente del WSBI y presidente de la Fundación “la Caixa”


4.40 PM
Transporte hacia el hotel Santa Clara

6.00 PM
Transporte desde los hoteles Santa Clara y Radisson al muelle de La Bodeguita

6.30 PM
Tour de la bahía

7.45 PM
Arribo al restaurant del Club de Pesca

8.00 PM

Transporte de regreso a los hoteles Santa Clara y Radisson

Sobre Cartagena de Indias

Pretty street in Cartegna

Una de las joyas del Caribe, Cartagena de Indias combina el sabor colonial de su ciudad amurallada protegida por la UNESCO con la modernidad de un destino de primera para convenciones y reuniones de negocios. Todo esto realzado por la hospitalidad y alegría de su gente.

descubrir más

Clima y código de vestimenta

En marzo, típicamente Cartagena de Indias tiene 25°C como temperatura mínima y 32°C como temperatura máxima. En esta ciudad tropical costera, la humedad en el ambiente se mantiene constante a un nivel del 100%.

Se recomienda vestir telas frescas como el lino y el algodón.

WSBI International Retail Banking Leaders Conference


EVENT: Global trends on financial education, cybersecurity and sustainable finance

WSBI International Retail Banking Leaders Conference

17 MARCH 2023

Register for the event

This Conference will bring together leaders and decision makers from the retail banking sector for an enriching exchange on the most pressing topics at the global and regional levels.

Hosted by the WSBI President, Mr Isidro Fainé (President at ‘La Caixa’ Foundation); and the WSBI Regional President for The America and Caribbean, Mr Diego Prieto (President at Banco Caja Social, Colombia), this will be a unique knowledge exchange and networking occasion. The conference will count with the participation of members of the WSBI Board representing the sector at the global level, and of current and potential members from Latin America.


8.00 – 8.30 AM
8.30 – 9.00 AM
Welcome Messages

Peter Simon
WSBI-ESBG Managing Director

Diego Prieto
WSBI, Regional President for America and the Caribbean and President of Banco Caja Social

09.00 – 10.30 AM

PANEL 1: Success stories in Digitization, Big Data and Cybersecurity


Carlos Morales Roviralta, CaixaBank Colombia


    • Al-Amine Nejjar, CEO of Al Barid Bank and regional president of the WSBI for Africa (Morocco)
    • Alok Kumar Choudhary, Managing Director for Retail Business & Operations at State Bank of India (online)
    • Daniel Madrid Díaz, Strategic Cybersecurity and Technological Risk Director at Minsait
    • Fabián Hernández, President CEO of Telefónica Movistar Colombia

10.30 – 11.00 PM

Coffee Break  ☕

11.00 – 12.30 PM

PANEL 2 : Sustainable finance


  • Helmut Schleweis, President of the German Savings Bank Association (DSVG)


Jose María Méndez, Managing Director at CECA and CEO at Cecabank (Spain)


  • Marcela Ponce Pérez, Climate Finance Leader for Latin America and the Caribbean, International Finance Corporation (IFC)
  • Mariana Escobar Uribe, Advisor to the Financial Superintendent of Colombia and Head of the Sustainable Finance Hub at Superintendencia Financiera de Colombia
  • Eugenio Solla, Chief Sustainability Officer and member of the CaixaBank Management Committee (virtual)
  • Clemente del Valle, Member of the Sustainable Development Investment Future council and the Infrastructure 4.0 Community

12.30 – 02.00 PM LUNCH

02.00 – 03.30 PM

PANEL 3: Financial education as a means for financial inclusion


Dominique Goursoulle- Nouhaud, President Chairman of the National Federation of Caisses d’Epargne (FNCE).

Panel discussion


Joan Rosás, Head of International Institutional Relations at CaixaBank


  • Faustino Laínez Mejía, President of Banco Atlantida (Honduras)
  • Jorge Solís, President of the Peruvian Federation of Municipal Savings and Credit Banks (FEPCMAC)
  • Diego Prieto Rivera, President of Banco Caja Social (Colombia)

03.30 – 04.05 PM

Closing Speech

  • Isidro Fainé, President of the WSBI and President of the La Caixa Foundation


4.40 PM
Transportation to the Santa Clara hotel

6.00 PM
Transportation from Santa Clara and Radisson Hotels to La Bodeguita

6.30 PM
Board a catamaran for a tour of the bay.

7.45 PM
Arrival at the Fishing Club Restaurant

8.00 PM

About Cartagena de Indias

Pretty street in Cartegna

One of the jewels of the Caribbean, Cartagena de Indias combines the colonial flavour of its UNESCO protected walled city with the modernity of a top destination for conventions and business gatherings. All of this enhanced by the effortless hospitality of its lively people.

Discover more

Weather and dress code

In March, typically Cartagena de Indias has 25°C as the lowest and 32°C as the highest daily temperatures. This Coastal tropical city, the humidity level is constant at 100%.

Wearing fresh fabrics such as linen and cotton is recommended even for business or formal occasions.

ESBG co-signs cross-business statement on future corporate due diligence rules

As the discussions around the proposed EU Directive on Corporate Sustainability Due Diligence continue, ESBG, together with 26 other business associations, addressed policy makers with a number of recommendations and concerns.

The statement focused on key messages that large parts of the international business sector identified as essential to creating a feasible and coherent set of rules. The associations highlighted that carrying out the required due diligence checks across the entire value chain is neither manageable nor realistic, and recommended implementing a truly risk-based approach instead.
The obligation to exercise due diligence must be proportionate to the size and means of the company in question. Furthermore, the parties stressed that the list of conventions in the Annex to the Directive is too extensive and generates legal uncertainty, considering that these norms are only applicable to states and not to private legal entities.
The statement also made clear that directors should not be held liable for the company’s compliance with the rules and that legal liability provisions need to be balanced. Regarding the overall design of the Directive, the associations called for an option to organise the due diligence measures at group level and warned of the risks that a fragmented European legal landscape would bring.
In general, the business actors asked for clear guidance ahead of the new rules’ entry into force, and reiterated that more emphasis should be put on multi-stakeholder initiatives. The European Parliament is expected to vote on its position in May 2023, before negotiations with the Council and the Commission on the final text will start.




WSBI-ESBG Managing Director Peter Simon appointed EBIC Chair

Peter Simon, WSBI-ESBG Managing Director

Brussels, 18 January 2023 – The EBIC announced today that Peter SIMON was appointed as Chair of the European Banking Industry Committee (EBIC) for a two-year mandate. Peter Simon, Managing Director of the World Savings and Retail Banking Institute – European Savings and Retail Banking Group (WSBI-ESBG), succeeds Wim Mijs, CEO of the European Banking Federation (EBF).

Nina Schindler, CEO of the European Association of Co-operative Banks (EACB), was appointed as the EBIC’s Vice-Chair. The overall secretariat, which rotates along with the chair, will be in the hands of the EBF as of today.

The change comes at a busy time for the EBIC with several critical pieces of legislation under negotiation by the co-legislators (CRR3, CRD6, AMLD6, AMLR, TFR, CCD, DMFSD) and the revision of the Crisis Management Framework (BRRD3) and Mortgage Credit Directive (MCD2) still to come.

Mr Simon said: “I look forward to facilitating, together with the secretariat of the EBF, the dialogue between the EBIC members and to ensure, that this platform channels the united views of the industry as efficiently and effectively as possible. I want to thank my predecessor, Wim Mijs and the secretariat of the EACB, for their work in the past two years and in particular for bringing together the EBIC associations on the topic of COVID and its consequence on society and banks.”

Established in 2004, EBIC is committed to giving the EU banking sector a common voice within the context of the Union’s legislative initiatives in finance and banking, maintaining an open and fruitful dialogue with the EU institutions and international bodies. As an advisory committee that is regularly called upon to provide expertise, EBIC is also a forum for the European banking industry’s representatives. Throughout the drafting, adoption, implementation, and enforcement process of financial legislation, EBIC ensures a representative and sound industry contribution toward better regulation across the EU.

Click to access the Press Release

Press contact: Nihan Cevirgen
Communications Manager
Tel. +32 2211 1190

Captions Picture 2: From Left to Right: Nina Schindler, CEO of the European Association of Co-operative Banks | Peter Simon, WSBI-ESBG Managing Director | Wim Mijs, CEO of the European Banking Federation


The very real challenge of cybersecurity and how to face it



Criminals do not rob banks gun in hand and wearing masks anymore, in the way old films show, but they still break into banks. How? Hiding behind their computer screens and covering their digital tracks.

By Janine Barten

Cyber-attack risks increased over the past years, resulting in cybersecurity and digital operational resilience being a top priority for banks all over the globe. Most banks are prone to cyberattacks now customers are relying more and more on digital channels and electronic banking to perform their daily transactions. The risks that the banking sector faces are multiplied by the large number of users involved – and the lack of control banks have over the behavior of these users. That is why financial institutions are significantly investing in cybersecurity strategies, to remain one step ahead of cybercriminals.

The gap between cybersecurity and business needs

Despite all the security measures taken, banks continue to face certain challenges to protect their systems, their customers and their data, and their financial holdings. Ransomware and phishing attacks remain a common issue and are also getting more disruptive. Cybersecurity awareness is improving, however, especially as more ransomware attacks get publicized in the media. But as time progresses, the level of complexity increases. IT systems and software are getting increasingly interconnected and more complex in general – and so must be the cybersecurity measures that are put in place to protect banks and their customers.

One of the main issues is bridging the gap between cybersecurity and business needs. Good cybersecurity means adapting to the business needs. Philipp Schaefer, Cyber Risk Expert and Peter Mikeska, Cyber Security Expert at Erste Bank Group, highlighted the organisational challenges banks are dealing with: “As savings banks find themselves in an environment of ever-increasing cyber threats, the heterogenic nature of how saving banks are organised provides challenges for a sound response to sudden cyber challenges. Swift communication lines among saving banks and towards their ICT are key for identifying threats quickly and allow partner banks to benefit from individual discoveries immediately”, the experts said in a written statement.

“In addition, as costs for protective and anticipatory measures towards cyber threats increase, a unified approach towards cyber threats and its communication becomes necessary to allow the individual savings bank to keep its cost at bay while also benefitting from a state-of-the-art level of know-how and protection”, the statement continued. “However, this doesn’t come without caveats, as savings banks would need to surrender some of their direct control over part of their business to a centralised entity consolidating the ICT efforts, making it both a challenge and chance for the savings banks.” The shortage of cybersecurity professionals to handle all these aspects remains a considerable challenge as well.

Initiatives on European level

“You no longer need armies and missiles to cause mass damage. You can paralyse industrial plants, city administrations and hospitals – all you need is your laptop. You can disrupt entire elections with a smartphone and an internet connection”. These are the words of Ursula von der Leyen, President of the European Commission, used in her State of the Union Address in September 2021 to underline the growing importance of cybersecurity and call for stronger measures to address cyber threats.

Similar to banks, the European Union is also taking steps in the field of cybersecurity. Following up on its path to the digital decade to deliver on the Union’s digital transformation by 2030, the Cybersecurity Act entered into force in 2021, defining the tasks of the European Union Agency for Cybersecurity (ENISA), the European watchdog for cybersecurity.

In May 2022, the Council and the Parliament reached provisional agreement on the revision of the Directive on Security of Network and Information Systems, better known as the NIS2 Directive, to further improve the resilience and incident response capacities of both the public and private sector. Political agreement was also reached on the Digital Operational Resilience Act (DORA), the lex specialis of the NIS2 Directive for the financial sector. Banks, stock exchanges, clearinghouses, as well as FinTechs, will have to respect strict standards to prevent and limit the impact of ICT-related incidents.

Additionally, the Commission published the proposal for the Cyber Resilience Act in September 2022, which aims at establishing common cybersecurity standards for digital products and associated services that are placed on the European market.

The road ahead: Education and innovation

All these regulatory initiatives can certainly set requirements to be put on actors like banks, however, at the end of the day, the weakest links are usually humans – be they bank employees or bank customers. Continuous education is required to keep them aware of possible cyber threats.

On that note, CaixaBank offers their customers and employees extensive cybersecurity awareness programs and content in matters relating to cybersecurity through their Security space, a section on their website specifically dedicated to a secure online experience for customers. The website contains tips and advice on how to use products and services securely and reliably. Next to initiatives like the CaixaBankProtect News newsletter, CaixaBank has also set up a podcast featuring fraud victims, in which they touch upon a variety of topics such as fraudulent messages, how to manage passwords, secure online shopping, and antivirus software for your mobile phone.

Technological initiatives are important as well, as Philipp Schaefer and Peter Mikeska explain: “Focal point at Erste for online banking and communication with the customer is the platform George. Here, all data flows are monitored and permanently analysed towards anomalies. Should threats be discovered, an immediate response is initiated by blocking harmful actions and the affected customer will be contacted and informed. In case of a significant uprise of a threat, each customer entering our platform will be briefed and needs to confirm the message to proceed. The smartphone application of George can also discover if harmful code from other applications tries to gain access. Lastly, multifactor authorisation protects our customers from further threats.”

Despite the cyber threat constantly being present, there is also room for optimism. The fast development of cyber threats and both European and national regulation to address those threats will push banks to innovation. In addition, strong cybersecurity measures could lead to increased consumer trust. As Ursula von der Leyen stated in her State of Union Address: “We should not just be satisfied to address the cyber threat, but also strive to become a leader in cybersecurity”.

Criminals will always be on the watch out for the weakest link. WSBI-ESBG members stand ready to counter this challenge and enhance the security of both their customers and the society at large.

Janine Barten is WSBI-ESBG adviser with expertise on digital finance and innovation.

Meet the Innovation and Payments Team

A shortened version of this article awas published in WSBI-ESBG’s Financial News and Views December 2022 Edition on PAGE 5

Click to access the Article