In a speech, European Central Bank Banking Supervision Supervisory Board member Anneli Tuominen said financial conglomerates face the same broad risk landscape as banks but can be hit more intensely because banking and insurance activities create additional channels for contagion. She highlighted cross-sector transmission of capital, operational and reputational shocks, with particular concern around cyber and ICT incidents, artificial intelligence and exposures to non-bank financial institutions. Tuominen said conglomerates can be more exposed than standalone banks because shared infrastructure and interconnected workflows enlarge their attack surface, while insurance participations treated under the Capital Requirements Regulation's Danish Compromise can make insurance market movements feed more directly into banking capital metrics, reinforcing the case for supplementary supervision at group level. She also noted that conglomerates face heavier scrutiny in some areas under EU rules, including high-risk AI uses in life and health insurance under the Artificial Intelligence Act and more demanding recovery testing under the Digital Operational Resilience Act. Her supervisory recommendations were to strengthen board-level ICT expertise, internal risk management, cyber resilience, third-party oversight and crisis communication, citing ECB follow-up after the 2024 cyber resilience stress test and the finding that a sizeable share of major incidents reported in 2025 had ICT change as their root cause. Looking ahead, she said the ECB's reverse stress test on geopolitical risks will be presented later this year. She also pointed to the ECB's response to the European Commission's banking competitiveness consultation, which advocated completing banking union, simplifying capital buffers and reporting, and tightening oversight of large non-bank groups before the Commission's report due in July 2026.

Original source Back to tracker