Ioan Nascu asks whether easy acceptance of Gen AI puts financial institutions in harm’s way
The Death of ESG Box-Ticking: Why investors are looking for integrity in sustainable investment, in spite of U.S. policy push-back on ESG
First Adopters:
Alvaro Guevara makes the argument for financial institutions to voluntarily over deliver on model risk management
Securing the Chain: Why your third party vendors are the first line of defence in TPRM
connect.cefpro.com/magazines
EDITOR’S FOREWORD
WELCOME TO THE NEW FRONT LINE OF FINANCIAL SERVICES RISK
CeFPro’s Managing Director Andreas Simou on how we all need to be prepared for new rules and new ways to engage in a time of seismic change for risk managers across the world
IS BLACK BOX AI THE BIGGEST THREAT TO MODEL RISK INTEGRITY?
Alvaro Guevara makes the case for simplicity in a world where so-called ‘black box’ technology could be the biggest risk to consumer confidence
Alvaro Guevara is Head of Quantitative Modeling at Banco Nacional in Costa Rica, and a professor at the University of Costa Rica
10
WHY AI WITHOUT OVERSIGHT IS A TICKING TIME BOMB
Gen AI specialist Ioan Nascu on why deploying generative AI in financial institutions without accountability invites serious risk.
Ioan Nascu, Generative AI specialist with Citibank
16
BUILDING BARRIERS: THE ROLE OF RISK MANAGEMENT IN ADDRESSING EXTERNAL FRAUD IN BANKING
Uxia Santos Digon on the role of second line of defense strategy in combating fraud
Uxia Santos Digon, Specialist Risk Analyst and fraud prevention expert at a leading Spanish financial institution
26
GREENWASHED AND GONE: INVESTORS ABANDON LABELS IN HUNT FOR REAL ESG LEADERSHIP
Ellie Dowsett looks at the increasing demand for transparency in the sustainable debt market
Ellie Dowsett, Content Marketing Lead & Growth Marketing Manager at the Center for Financial Professionals
30
NORTHVOLT’S COLLAPSE SPARKS INDUSTRY RETHINK ON EUROPEAN BATTERY AMBITIONS
Mark Norman looks at the spectacular decline of Northvolt
Mark Norman, Head of Content, CeFPro
38
SAY HELLO TO THE NEW FRONT LINE OF FINANCIAL –YOUR VENDORS
Cedric d’Albis explains why your vendors are your first line of defence in managing supply chains
Cedric d’Albis, Chief Auditor, Innovation and Technology at Rabobank in the Netherlands
ADVERTORIAL
Getting more for your money: Unlock the secrets of streamlined balance risk management David Hough, Senior Advisor, Balance Sheet Management, FIS 44
This month’s new features in Connect Magazine
20
DISASTER-READY BUSINESS: WHERE CLIMATE RESILIENCE STARTS
Adam Ennamli explains why General Bank of Canada is treating climate risk as a clear and present danger
Adam Ennamli, Chief Risk, Compliance & Security Officer, General Bank of Canada
ONSTAGE: KEY VOICES TO WATCH
Each month we introduce you to some of the keynote speakers who’ll be sharing their expertise and insight with you during our 2025 event programme 12
41
TRENDWATCH
Our regular feature looks at the likely medium term impact of market volatility in the wake of rising inflation, interest rate uncertainty, and the aftershock of Donald Trump’s new tariff policy
52
34
NEWS IN REVIEW
Our 3-minute read catches you up on some of the news stories and events that have been on the risk news agenda around the world over the last month
CAREERS SPOTLIGHT:
This month, we look at how a talent for golf led Carl Densem to America and an unexpected journey. As told to regular Connect Magazine contributor, Chandrakant Maheshwari 48
INFOGRAPHIC: THE TRUTH BEHIND FINANCIAL REPORTING IN BANKING
In our regular monthly feature, we look at the headlines from a special report carried out by CeFPro on behalf of Workiva
Welcome to the new frontline of financial services risk
Andreas Simou, Managing Director CeFPro
YOUR VOICE belongs on a
Got something to say about risk, resilience, or the future of finance?
Connect Magazine is where industry ideas spark real conversation.
Mark Norman Head of Content CeFPro mark.norman@cefpro.com
Sales & Advertising
Chris Simou Head of Sales CeFPro chris.simou@cefpro.com
Design
Natasha Marino Head of Design CeFPro natasha@cefpro.com
A very warm welcome to the May edition of Connect Magazine – an edition that arrives at a time when the risk climate is likely to see significant and fundamental change.
American politics will certainly continue to influence our landscape, but the coming months are not just about the impact of White House policy - a coalescence of factors has contrived to put the world of non-financial risk (NFR) management in banking and insurance under intense scrutiny.
From cyber threats and operational resilience to conduct risk and third-party exposures, institutions across Europe and the United States are being tested on their ability to safeguard trust and maintain continuity.
In short, it is no longer enough to simply comply.
What’s striking right now is how quickly what were once considered emerging risks have moved from the periphery to the core of our industry’s narrative.
Cybersecurity is now a boardroom issue. Climate risk, once a sustainability footnote, is redefining regulatory expectations. And generative AI,
hailed for its productivity potential, has prompted fresh concerns around governance, bias, and model integrity.
And all this is happening against the backdrop of tightening regulatory regimes, from the EU’s DORA and CSRD to the U.S. SEC’s growing scrutiny on operational disclosures.
Just as it is no longer enough to comply, it is also no longer enough to measure risk in isolation; financial organizations must anticipate, adapt, and lead.
This edition brings you timely insights into how all of these factors are playing out across the world. Arguably, the crossjurisdictional environment has never been more complex.
If you’d like to guest edit a future edition of Connect Magazine, are interested in contributing a thought leadership article for an upcoming issue, or think advertising with us may help drive your organization’s competitive advantage, please get in touch. All our contact details are opposite.
I hope you enjoy this edition of the magazine. The next issue will be out on June 25.
Is Black Box AI the Biggest Threat to Model Risk Integrity?
Alvaro Guevara is Head of Quantitative Modeling at Banco Nacional, the largest bank by assets in Costa Rica. He has been with the bank for 11 years, having previously held other senior roles within the risk management function. He is also a professor at the University of Costa Rica.
In a technological era that is evolving at lightning pace, increasing complexity around regulation and compliance, cybersecurity, ethical data management and machine learning safeguards have presented critical challenges to those working in the model risk space.
Those challenges are myriad, and each is unique in its own way, but ahead of his recent appearance as a speaker at Risk Evolve, CeFPro’s flagship European event, Alvaro Guevara, Head of Quantitative Modeling at Banco Nacional de Costa Rica took the opportunity to highlight the risks
presented by so-called ‘black box’ AI tech.
As financial institutions strive ever more for the innovation that AI and machine learning can afford the sector, Guevara urged those at the sharp end of model risk to prioritize simplicity ahead of toogood-to-be-true smart functionality.
“Here at Banco Nacional, our philosophy has always been to strive for the simplest model that does the job,” Guevara explained. “Our board constantly challenges us to justify complexity, and that scrutiny has kept us disciplined and innovative.”
Banco Nacional, Costa Rica’s largest bank by assets, has emerged as a regional leader in model risk implementation.
According to Guevara, the true challenge is not simply building models that perform, but ensuring those models remain interpretable and aligned with changing economic realities.
“Sometimes, a simple regression model performs just as well as the most sophisticated machine learning approach,” he said. “We constantly ask: am I really checking all the other possibilities before I sacrifice transparency for precision?”
This mindset, Guevara insists, is vital in a world where financial environments can shift in an instant.
Rather than relying solely on backtesting or periodic model validations, Banco Nacional has focused on fostering a strong model risk culture.
“It’s not just the modeling team that has to understand the risks,” he said. “The final user must have a sense of ownership over the model. That way, when something changes – like inflation or interest rates – they can raise a flag. That’s the game changer.”
This culture of shared accountability, Guevara believes, is often more important than the technical framework itself.
While statistical stress testing and external validation are certainly essential, what truly builds resilience is empowering those closest to the action to question assumptions and recommend recalibration when the environment shifts. Guevara also highlighted the risks posed by AI and third-party models, especially those deployed in customer-facing applications like chatbots.
“If we didn’t build the model and we don’t understand the data it was trained on, how can we possibly guarantee it performs as expected?” he asked.
Financial institutions, he says, must avoid a passive approach to third-party AI validation and instead push for transparency and customization.
In Costa Rica, regulatory attention to model risk remains nascent. Guevara notes that current standards mostly revolve around annual backtesting. But Banco Nacional has developed its own model inventory framework, with 60 internal models tracked and prioritized based on criticality.
“We’re not waiting for the regulator to catch up. We’re taking the initiative because we’ve seen how model failure elsewhere can have systemic consequences,” he said.
He says balancing innovation and caution, particularly in the adoption of AI, will improve resilience and build trust. “It’s about controlled experimentation. Yes, we need to test new tools like ChatGPT or DeepSeek – but we need to do it safely, in agile teams, with proper oversight,” he said.
“Innovation without risk culture is reckless. But risk culture without innovation is stagnation. The key is finding the right balance – and that’s what we’re trying to build every day at Banco Nacional.”
The
future of AI & model risk starts with Connect.
Dive into our exclusive collection of articles, interviews, podcasts, and presentations, all designed to keep you informed on the latest AI trends, challenges, and forecasts.
Whether it’s model governance, AI explainability, or regulatory updates, Connect is your go-to resource for cutting-edge insights.
Stay ahead, stay informed.
Fuel Your Knowledge with the Latest Trends >
Why AI Without Oversight Is a Ticking Time Bomb
Ioan Nascu is a Generative AI specialist with Citibank. The view he expresses here are his own, and do not necessarily reflect those of Citibank
There are few conversations around risk management within the financial sector these days that don’t at least touch on the subject of AI.
The race to leverage the potential of automation, or machine learning, in a field that has traditionally been as limited as the manual data handling processes that drive it has long dominated the debate around the role of technology in the future of risk.
Generative AI certainly has a key part to play. That much, at least, seems beyond doubt in technology strategies for most banks and other financial institutions.
Yet, the faster banks accelerate their adoption of generative AI, the greater the risk that they begin to see revolutionary technology as just another business as usual digital upgrade.
This attitude, says Ioan Nascu, a GenAI security assurance specialist with Citibank, has the potential to expose institutions to significant vulnerabilities that could prove catastrophically costly – either financially or reputationally.
From adversarial attacks and data drift to regulatory fragmentation, the gap between proof-of-concept and secure deployment is far wider than most financial leaders realize or care to imagine.
Speaking ahead of CeFPro’s recent flagship Risk Evolve event, Nascu laid out a stark vision for the industry: “The biggest initial challenge is not technical implementation – it’s understanding,” he said. Does your company truly grasp what AI is, how it functions, and the risks it introduces?”
For banks, he argued, knowledge needs to be distributed across all departments, not simply siloed in one innovation team.
“It’s not enough to have a single AI expert. Every team that touches or relies on this technology needs baseline literacy and dedicated expertise.”
That includes grasping the complex security threats that generative AI models face. In practice, at its most base level, this means traditional cybersecurity controls must be solid before any AI system is brought online.
“If you’re not already doing the basics well, AI won’t save you — it will magnify your weaknesses,” Nascu said.
Transitioning from sandbox to live deployment also demands a mindset shift. During proof-of-concept phases, models are isolated from production environments and sensitive data. But once live, he says, the game changes.
“You’re dealing with real users, real data, possibly personal identifiable information – and that makes input and output validation essential,” Nascu warned. “These models are designed to please. If you’re not careful, they’ll give up information they shouldn’t.”
He emphasized the need for governance frameworks that address not only AI-specific threats but also adapt existing regulations like GDPR or DORA to AI contexts. “Compliance isn’t optional. And because every jurisdiction is building its own AI rules, global institutions will face a patchwork of obligations,” he warns.
A key vulnerability is the model’s tendency to ‘hallucinate’ – generating plausible but false outputs. “The model won’t say ‘I don’t know.’ It’ll give you an answer anyway,” Nascu explained. “That’s why human oversight is critical for high-risk decisions.”
Nascu advocates embedding ‘maker’s intent’ into models – ensuring they understand whether a user request aligns with their original design.
The solution, he argues, lies in realtime oversight and continuous control testing. “The annual control test is dead,” he said bluntly. “Generative AI
evolves too quickly. We need real-time performance metrics and the ability to tweak thresholds on the fly.”
Even more concerning is bias, which, unlike data drift, often goes undetected until it causes harm. Nascu emphasized the need for continuous fairness monitoring and transparency.
“If you can’t explain why the AI reached a conclusion, how can you know it wasn’t biased — or flat-out wrong?”
Nascu is critical of organizations that pursue AI for its trendiness rather than its utility. “Ask first: is this really bringing you value? Or are you just trying to look innovative?” he asks, before going on to warn that innovation without value is a shortcut to reputational and operational damage.
“Generative AI will change everything,” he concludes. “But if we don’t operationalize it responsibly, the cost of getting it wrong will be higher than we can afford.”
Risk Americas
Isn’t just a conference - It’s the destination for risk leaders shaping the future of financial services.
As North America’s premier risk and innovation convention, it brings together the brightest minds and boldest voices across the industry, tackling everything from regulatory shifts and financial crime to AI, cyber, and operational resilience.
In this special edition speaker spotlight, we feature standout speakers from this year’s event - leaders who are not just reacting to change, but driving it. If you missed it, consider this your front-row seat to the conversations that defined the industry’s most important gathering.
Carl Groth
Chief Risk Officer
Legal & General Retirement
Carl Groth is Chief Risk Officer for Legal & General Retirement America. In that role, he oversees and maintains risk governance, analytics, compliance and control frameworks across the US Retirement business. Additionally, he provides appropriate independent advice, oversight, challenge and supports the broader Legal & General global risk management team.
Carl is also a member of Moody’s Life Insurance Executive Advisory Board and the Americas Risk Management Council.
Tendayi Kapfidze is Chief Corporate Economist at Wells Fargo providing strategic economic advice to bank’s leadership team. He leads a team responsible for preparing the corporations economic forecasts used in financial planning and risk management.
Tendayi has a successful track record in macroeconomic and financial analysis. He was Chief Economist at US Bank & LendingTree Deputy Chief Economist at Pfizer and on the economics teams at Bank of America and Ally Financial. He has been quoted in numerous publications including The New York Times The Wall Street Journal & The Washington Post and has appeared on Yahoo Finance CNBC & Bloomberg television.
Tendayi Kapfidze Chief Economist Wells Fargo
Asha Gowda Senior Vice President, Director – Chief Operating Officer – Market and Treasury Risk Management KeyBank
Jennifer MarshallRoberston Chief Risk Officer/ Executive Manager
Grenada Co-Operative Bank LTD
Jennifer Marshall- Robertson is a seasoned career Banker of 30 years, with an extensive and successful track record over her professional tenure; marked by signature hallmarks of being an innovative, bold, persistent and steady team-centric leader; who is driven by breaking barriers, grit, collaboration and ‘building to last’.
Jennifer holds an MBA from Bangor University and is a Certified Enterprise Risk Manager (CIRM).
She is an alumnus of the Graduate School of Banking- Wisconsin; a Chartered Banker of the Chartered Banker Institute of Scotland; an Associate of the Institute of Canadian Bankers; and a Certified Residential Underwriter and REIC member.
Jennifer’s North Star- Invictus! (William Ernest Henley).
Asha Gowda is Director, Chief Operating Officer, in Market and Treasury Risk Management at KeyBank. Asha works closely with the Chief Market and Treasury Risk Officer spearheading several initiatives across the department, including governance framework development and process improvement activities. Previously, she worked in internal audit at KeyBank where she was responsible for managing the audit and review of corporate treasury and model risk activities. Asha has more than twenty-five years of experience in audit, risk management, finance, and modeling.
Asha earned her BA in Accounting from Ohio Wesleyan University and an MBA from Case Western Reserve University. Additionally, Asha is Chair of the Board at Andrews Osborne Academy, a Private Co-ed School for Grades PK-12 in Willoughby, Ohio.
BUILDING BARRIERS:
The Role of Risk Management in Addressing External Fraud in Banking
In an environment where fraud techniques are constantly evolving and threats are becoming increasingly sophisticated, managing the risk of external fraud has become a strategic priority for banking institutions.
To address these risks effectively, it is essential to establish a robust structure based on the three lines of defense model, where roles are clearly defined and work collaboratively and in coordination toward the shared goal of preventing external fraud.
Designing an effective external fraud risk management function (Second Line of Defense, or 2LoD) entails overcoming various organizational and operational challenges.
The first of these lies in its crossfunctional nature: this function cannot operate in isolation. It must be closely integrated with different areas of the bank, including operations, technology, information security, compliance, and business units.
Uxia Santos Digon is a a risk analyst at a leading Spanish financial institution, specializing in the prevention of external fraud, with a particular focus on payment systems and transaction security
Such integration is critical to achieving a comprehensive and coordinated view of risks and enabling efficient responses to potential fraud incidents.
One of the main challenges in achieving this integration is managing data dispersed across departments, ensuring access to shared systems, and coordinating across different hierarchical and operational levels.
As a result, implementing an external fraud risk management function becomes a complex process that demands a structured approach and effective communication among all involved stakeholders.
In this context, another key challenge lies in the creation of clearly defined roles within the three lines of defense model. Assigning responsibilities can become ambiguous due to the inherently complex and transversal nature of fraud.
A lack of coordination between involved areas may lead to overlapping functions or, conversely, gaps in coverage — both of which hinder the effectiveness of implemented controls.
However, even with a well-designed organizational structure, cultural resistance may arise. The creation of this function might face pushback from commercial areas or result from a preference for traditional ways of working.
Overcoming this barrier requires strong awareness-building efforts: it must be understood that control functions are not a hindrance to business, but rather a vital tool for safeguarding it. Involving teams early in the design of control measures and clearly communicating their value is key to gaining acceptance.
Once cultural and organizational barriers have been addressed, it becomes imperative to establish a robust methodology for risk measurement.
As one of the core principles of risk management states: “you cannot manage what you cannot measure.” This measurement process must be accompanied by the precise identification of relevant risk scenarios.
Reflecting on how, where, and why fraud might occur – whether through identity theft, system manipulation, or social engineering – not only facilitates the creation of specific controls but also enables a rapid and informed response when a fraud event materializes.
After risks have been defined and controls have been designed, the risk management function must ensure that procedures, technologies, and controls are aligned with both the identified risks and the institution’s risk appetite.
The mere existence of controls is not sufficient; their implementation must be effective, and a continuous monitoring system must be in place to adjust strategies as needed.
This process requires periodic evaluations of the performance, effectiveness, and coverage of the controls in place.
It also involves identifying potential failures or inefficiencies and proposing improvements based on
performance indicators, control testing, and ongoing critical analysis. In this way, controls evolve in tandem with threats and adapt to the bank’s changing needs.
All of this work must be clearly and concisely documented and communicated to the bank’s governing bodies. Executive reports should provide a comprehensive view that summarizes key risks, the effectiveness of existing controls, and critical recommendations to enhance the fraud prevention strategy.
Effective communication enables senior management to make informed decisions, allocate resources appropriately, and ensure that risk management is aligned with the institution’s overall strategy and risk appetite.
By adopting a robust 2LoD strategy, banks not only strengthen their protective frameworks against potential external fraud incidents, but more importantly, they protect their most valuable asset: the trust of their customers.
DISASTER-READY BUSINESS:
Where Climate Resilience Starts
Regular columnist, Adam Ennamli, is the Chief Risk, Compliance & Security Officer at General Bank of Canada and was formerly Global Vice President, Operations & Technology at Thomson Reuters
It has long been evident that climate change has hugely divisive power when it comes to opinion on how the world might best avoid the looming consequences of a centurieslong disregard for nature and the environment.
With the Doomsday Clock currently set to 90 seconds to midnight – the metaphorical ‘time’ of a world-ending catastrophe – the arguments around climate risk are no longer about whether the world is in environmental crisis, but rather about what steps need to be taken to avert it.
As we know, the financial services industry finds itself a fundamental part of that debate, because climate risk has transitioned from theoretical concern for future generations to a clear and present danger right now.
It is this central tenet that lies at the heart of General Bank of Canada’s approach to reshaping traditional risk models so they reflect and meet an urgent challenge that, Chief Risk Officer Adam Ennamli argues, is in the here and now.
And a core part of that strategy has seen the bank integrate climate considerations into the very core of lending and capital allocation.
For Ennamli, climate change is a material risk to assets, customers, and the bank’s own balance sheet.
“We are shifting climate from a theoretical exercise to a tangible factor in asset-level decisions,” he said, pointing to Canada’s evolving regulatory landscape, and particularly to OSFI’s B-15 guideline, which mandates financial institutions to measure and manage climate risk like any other risk class.
That means thinking differently about loans, especially those exposed to physical or transition risks. In British Columbia, for example, properties in flood-prone areas now trigger deeper risk assessments.
In Alberta, borrowers in the energy sector are being evaluated for their resilience to future policy shifts. This strategy, Ennamli explains, involves harnessing geospatial data, satellite imagery, and scenario-based modeling to analyze exposure with asset-level precision.
“Satellite imagery is being used to pinpoint assets at risk of wildfires, and then adjust the exposure accordingly.”
General Bank of Canada is also embedding climate risk into its stress testing.
By modeling scenarios such as a once-in-a-century flood in the Fraser Valley or wildfires sweeping through the Okanagan, the bank quantifies not just the direct damage to collateral, but also ripple effects across affected portfolios.
“We have no physical branches, but our value chain still spans the country,” Ennamli says, adding that the bank’s digital operating model does not exempt it from systemic shocks.
When it comes to credit decisions, Ennamli’s approach is unapologetically data-driven. Underwriting practices now include what he terms a ‘climate overlay’.
Mortgages for homes in high-risk fire zones, for instance, may come with higher rates or stricter insurance conditions. For corporate clients, the bank is piloting a climate risk scorecard
that evaluates borrowers on exposure to physical and transition risks, as well as their mitigation efforts.
Balancing near-term profitability with long-term climate resilience is one of the thorniest dilemmas in financial services. Ennamli tackles this challenge with financial modeling. “Upgrading a Toronto data center might cost $3 million now but could avoid $12 million in losses over 15 years,” he explains.
“A 2% dent in quarterly profits from flood insurance could cut tail-risk losses by 20% in a severe event.”
For these trade-offs, the bank uses tools like Monte Carlo simulations and discounted cash flow models to quantify the return on resilience.
General Bank of Canada is not attempting to solve this alone. The bank is active in industry working groups, particularly those led by the Canadian Bankers Association, and collaborates with analytics providers and universities to stay ahead of evolving climate science.
In Ennamli’s view, the future of banking lies not just in managing financial capital, but also in stewarding climate intelligence. Institutions that embed climate resilience into their operations, stress tests, and underwriting frameworks today will be the ones best positioned to withstand tomorrow’s shocks.
“Strategic climate resilience isn’t merely a cost – it’s a value driver,” he said.
Climate Resilience
Starts Here
From navigating fragmented regulation to embedding climate risk deep into your business model - leaders in climate and sustainability risk are facing a new era of accountability.
October 7-8
This is not about theory. It’s about answering the questions keeping you up at night:
How do we quantify physical and transition risks in real terms?
What does “integration” actually look like across risk functions?
How do we build climate scenarios that stand up to regulatory scrutiny?
Forecasting the Future:
Sessions That Cut Through the Noise
Nedjma Bellakhdar Head of Risk ESG
BNP Paribas Stephane Dees Head of Climate Economics Unit
Banque De Frances
Arthur Krebbers
Head of Corporate Climate & ESG Capital Markets
NatWest Markets
Marc Irubtagoyena Head of Group Stress Testing and Financial Synthesis
BNP Paribas
Jarek Olszowka Head of Sustainable Finance IBD
Nomura
Balancing compliance with divergent regulatory frameworks between Europe & US
GREENWASHED & GONE: Investors Abandon Labels in Hunt for Real ESG Leadership
Ellie Dowsett is the Content Marketing Lead & Growth Marketing Manager at the Center for Financial Professionals
Once driven by green labels and thematic bond issuance, the sustainable finance market has entered a new, more discerning phase.
Investors are now scrutinizing issuers themselves – typified through the evaluation of ESG strategies, assessments of credibility, and quality of data integration – rather than merely responding to a label on a bond.
This shift is not theoretical; it’s happening in real time, propelled by regulatory expectations, asset manager strategies, and, above all, end-client pressure.
As the European Head of Sustainable Finance at a global investment bank put it, “We’re witnessing a clear evolution in how capital is allocated. The emphasis is shifting away from products and toward the sustainability profile of the issuer.”
This sentiment is backed by findings from a recent fixed income investor survey, which included responses from more than 50 investors managing around $22 trillion in assets. Conducted shortly after the U.S. elections, the survey revealed diverging regional dynamics and a growing demand for robust ESG integration.
Euro-denominated markets continue to lead ESG conviction. A majority of euro investors described their strategies as ESG-aligned, compared to less than half of USD investors.
Regulatory clarity in Europe – via tools like the Sustainable Finance Disclosure Regulation (SFDR – has played a key role in shaping this trend, guiding investors toward issuer-focused due diligence rather than simple reliance on bond labels.
“The market is starting to favor substance over symbolism,” the investment lead told CeFPro’s recent Sustainable Finance Europe conference. “Investors want to understand how sustainability is embedded in a firm’s strategy – not just how a single bond’s proceeds are used.”
The survey also indicated a pronounced decline in enthusiasm for sustainability-linked bonds (SLBs). Once hailed as a flexible tool for transition financing, SLBs are now being criticized for weak KPIs and soft consequences for underperformance. Meanwhile, green bonds maintain stronger demand, buoyed by their clearer structures and eligibility for ESG-focused funds.
Even widely promoted frameworks such as the EU Green Bond Standard are failing to move the needle with investors. While helpful, these tools appear less influential than broader ESG ratings or emissions data. Most notably, ratings and integration capabilities – such as those offered by Bloomberg – have become essential components in investor toolkits.
Data quality emerged as one of the strongest investor priorities. With ESG disclosure standards proliferating
and varying across regions, the ability to synthesize reliable, comparable data is becoming a competitive advantage.
“It’s no longer enough to publish a sustainability report,” said the sustainable investment expert. “If your data isn’t consistent across platforms and investor systems, you risk being excluded.”
The survey also found that while investors are open to paying a premium — especially for high-quality euro green bonds – the so-called “greenium” is modest and largely issuer-dependent.
Meanwhile, investor conviction no longer centers on labels but on the strategic direction and execution of the organization.
Ultimately, the sustainable finance market is shedding its early skin. The honeymoon phase of green labels is over. Investors are now looking for leadership, not just compliance.
Issuers that can articulate and defend their ESG approach with transparency and robust data are the ones most likely to attract capital in this increasingly sophisticated market.
As the speaker put it, “The message is clear: investors have raised the bar, and it’s up to issuers to meet it – or be left behind.”
Northvolt’s Collapse Sparks Industry Rethink on European Battery Ambitions
Promising Vision Derailed Northvolt, once hailed as Europe’s answer to China’s dominance in the battery market for stationary storage and electric vehicles, has filed for Chapter 11 bankruptcy, sending shockwaves throughout the industry.
In a dramatic twist of fate, the company – bolstered by more than $15 billion in debt and equity from highprofile investors such as Goldman Sachs, BlackRock, Volkswagen, and BMW – found itself with $5.8 billion in debt, only $30 million in cash, and a
mere one week of runway left at the time of filing in November 2024.
An industry observer noted that ‘Northvolt’s downfall is a stark reminder that even the most promising green ventures can collapse when ambition outpaces execution.’
Unraveling the Downfall
A combination of hubris, management failures, technological setbacks, and cultural clashes contributed to Northvolt’s precipitous decline.
According to one industry source, ‘ … seemingly due to a combination of hubris, management failures, technological setbacks, cultural issues, and language barriers between Asian and European staff, the company was set on an unsustainable course’.
Some accounts paint a picture worthy of a spy novel, with mysterious staff deaths and allegations of a Potemkin village staged for visiting clients to mask production shortcomings.
Reports indicate that Northvolt achieved only 0.5% of its projected battery production capacity, highlighting the pitfalls of overambitious targets.
Rethinking Scale and Strategy
The collapse has prompted many experts to reconsider how ambitious battery projects should be structured. “Battery-making is complex to begin with,” said an industry observer. “Chinese firms spent years perfecting production methods and driving down costs. Planning to do so in six gigafactories with three different types
Mark Norman is Head of Content at CeFPro
of batteries, different generations on different continents, and engineers speaking different languages seems like a recipe for failure.”
Instead of a sprawling strategy, some suggest a more incremental approach, starting with one factory focused on a single battery type, scaling up as operational efficiencies and technological solutions are proven.
This phased approach could mitigate risks such as remote location challenges and staffing difficulties, particularly in areas like northern Sweden where access to cheap hydropower is balanced by recruitment hurdles.
Investor Oversight and Market Realities
Investor enthusiasm for sustainability has also come under scrutiny in the wake of Northvolt’s collapse (and, more recently, the Trump administration’s openly hostile anti-climate posturing).
An industry observer remarked that ‘a more active role by investors in novel initiatives like this may also be desirable, by asking critical questions and by making sure the company doesn’t bite off more than it can chew’.”
The collapse has raised concerns that some investors may have been too eager to invest in green projects, sometimes prioritizing sustainability mandates over sound business practices.
In contrast, the Chinese model, which involved setting up nearly 100 battery manufacturers under state direction, has narrowed down to only 10 key players, with BYD and CATL now dominating the market.
A Cautionary Tale for Europe’s Green Future
Northvolt’s struggles come at a time when Europe is under increasing pressure to establish its own battery manufacturing base amid geopolitical fragmentation and a shifting global energy landscape.
As reported by Reuters, Northvolt recently requested $1.29 billion from shareholders over the next two years in an effort to stabilize its business.
However, sources familiar with the matter indicate that the firm’s cash reserves are so depleted that it may only last until the end of February, forcing it to sell non-core assets to stay afloat.
This dire financial state underscores the need for European policymakers and industry leaders to draw lessons from Northvolt’s collapse.
Industry observers stress that the Northvolt episode should serve as a catalyst for change in how green investments are approached.
“I hope, in order to restore faith in business ventures like these and to help reach society’s goal of decarbonizing the economy, that relevant lessons are learned for this and similar initiatives,” said one expert.
The consensus is that careful planning, realistic goal setting, and robust risk management are essential to prevent future failures.
Drawing on insights from Prof. Bent Flyvbjerg’s book “How Big Things Get Done,” experts emphasize the power of reference class forecasting and a building block approach – lessons that Northvolt might have learned too late.
Looking Ahead
The collapse of Northvolt has ignited a broader debate about the feasibility of Europe’s green ambitions in the face of intense global competition.
While the vision of a European battery champion remains compelling, the industry now recognizes that scaling up such ventures requires a delicate balance of ambition, technological innovation, and operational discipline.
As Europe continues to navigate its energy transition, the Northvolt case stands as a sobering reminder that even well-funded, high-profile projects must be grounded in practical, achievable strategies.
The fallout from Northvolt’s collapse is already influencing how investors, entrepreneurs, and policymakers approach similar ventures.
With the stakes as high as ever in the race to decarbonize the global economy, the only question that remains is whether the industry is ready to learn from its mistakes and build a more resilient, strategically sound future.
NEWS WHAT'S BEEN HAPPENING...
Round up of news stories in May
Risk & Finance in Focus: Latest Headlines
Warren and Chopra
Warn Musk’s DOGE Cuts Threaten
Financial Stability
Senator Elizabeth Warren and former CFPB Director Rohit Chopra have raised alarms over the Department of Government Efficiency’s (DOGE) aggressive federal spending cuts, arguing that these reductions jeopardize the integrity of financial regulators and consumer protections.
View here >
Bank of England expected to rethink meeting frequency amid economic volatility fears
As the Bank of England prepares for a likely interest rate cut on May 8, critics argue that its six-week meeting cycle hampers timely responses to economic volatility. With global uncertainties escalating, there’s a growing call for the Monetary Policy Committee to convene more frequently, ensuring agile and proactive monetary policy decisions.
View here >
JPMorgan CISO Blames SaaS Vendors for Global Cyber Vulnerabilities
JPMorgan Chase’s Chief Information Security Officer, Patrick Opet, has issued a stark warning to software vendors, asserting that their prioritization of rapid deployment over robust security measures is compromising global economic stability.
View here >
Global Supply Chains Are Failing – And Businesses Are Still Unprepared
JPMorgan Chase’s Chief Information Security Officer, Patrick Opet, has issued a stark warning to software vendors, asserting that their prioritization of rapid deployment over robust security measures is compromising global economic stability.
View here >
Feedzai Declares War on Financial Crime with AIPowered Data Grab
Feedzai has acquired data orchestration firm Demyst, aiming to create a unified platform that fuses AI with real-time data access to fight fraud and financial crime. This bold move shifts Feedzai from being just a data consumer to a major data provider, raising the stakes—and expectations—for automation and security in global banking.
View here >
Say Hello to the New Front Line of Financial Risk Management – Your Vendors
Cedric d’Albis is Chief Auditor for Innovation and Technology at Rabobank in the Netherlands. He has previously held senior roles at HSBC, PwC and Cable & Wireless. He has also worked as an independent consultant. He holds a degree in Economics from the University of Chicago
Few would argue with the logic of Cedric d’Albis’s view when it comes to managing cyber and operational risk, yet all the evidence – notably in events like the CrowdStrike outage last summer and March’s decimation of flight services from Heathrow – suggests many organizations are still some way behind that curve.
As Rabobank’s Chief Auditor, Innovation and Technology is quick to point out, many financial institutions still lack true visibility over the external software and services that may be embedded throughout their operations.
That, in itself, is a problem. But it’s a problem that risks becoming exponentially worse as digital supply chains become
more complex, more extensive and, therefore, potentially more rather than less opaque.
In short, the cost of not knowing who you’re doing business with and how their services are structured and performed has escalated.
Under the European Digital Operational Resilience Act (DORA) that came into force in January, the right to audit is now a regulatory requirement, and institutions that once treated thirdparty risk as a checkbox exercise will increasingly find themselves in the spotlight.
“The real issue is how you exercise that right to audit,” d’Albis warns. Institutions, he says, need to refocus their thinking and approach by finding ways to build audit capability into the first line of defence, not just rely on second or third-line reviews.
The nature of third, fourth and nth party relationships is such that vendors will necessarily gain greater access to sensitive systems, and against this backdrop it’s clear that passive oversight is no longer acceptable.
Crowdstrike’s 2024 outage was a wake-up call, and focused business leaders on the immediate priorities. “The first question people [need to] ask is, where have we got this agent running?” d’Albis says.
He argues that asset inventories must include visibility into third-party agents and tools, particularly those that interact with an organization’s critical infrastructure or customerfacing services: “If you don’t know where things are present in the chain, you have no chance of addressing the problem.”
It sounds obvious, but having a good inventory of all your third parties and what they do for you is the foundation.
Monitoring traffic patterns and enforcing contract-aligned network behaviour are now baseline expectations. But as AI becomes more prevalent in security operations centres (SoCs), the tools used to detect threats are evolving.
“AI can help to seep through all that data and identify anomalies,” d’Albis explains, whilst also warning that the very nature of automated machine-driven solutions presents in itself presents very real risks that simply cannot be overlooked.
With the European AI Act now in effect, assessing the impact and compliance of these tools is becoming a burning requirement, and the challenge of using AI while at the same time auditing its presence in third-party systems is the next frontier in cybersecurity governance, according to d’Albis.
“We do need to think about the AI tools that are present or provided by our third parties,” d’Albis cautions, adding that the tools are just one part of a puzzle that also has a human dimension.
“Have your cybersecurity standards been shared with your vendors? Do they understand them?” he asks, stressing that vendor accountability must start with clarity that includes making sense of third-party control reports, spotting red flags in qualified opinions, and acting on remediation.
As the boundary between internal and external systems blurs, it’s worth also acknowledging that so too does the reach of regulators.
“We will have financial regulators stepping into areas they haven’t stepped into in the past,” d’Albis predicts. Technology providers that were once outside supervisory scopes are being pulled into compliance frameworks.
But through all of the complexity and the myriad unique challenges, the message for banks remains clear: the risk is shared, but the responsibility is yours.
TRENDWATCH
In each edition of Connect Magazine, we look at five key trends within a specific area of non-financial risk that we expect to emerge over the coming six months. Following last month’s turmoil of Donald Trump’s tariff war, in this edition of the magazine we turn the spotlight on what may be coming down the pipe for those managing market risks.
01
ESCALATING
GEOPOLITICAL TENSIONS AND TRADE WARS
Perhaps inevitably, we start with the impact of protectionist policies, most notably those imposed in April by the U.S. administration. New tariffs have intensified global trade tensions, leading to heightened market volatility, diminished investor confidence, and increased provisions for potential loan defaults among major banks. Institutions such as Deutsche Bank and HSBC have reported robust trading revenues; however, they caution that ongoing geopolitical uncertainties and deteriorating loan quality may adversely affect future earnings.
Sources: Business Insider, Reuters
02
RISING INTEREST RATES AND INFLATIONARY PRESSURES
Central banks worldwide are grappling with persistent inflation, prompting a trend of increasing interest rates that challenge financial institutions by compressing net interest margins and elevating the cost of capital. Higher rates will also likely suppress consumer borrowing and spending, potentially leading to slower economic growth and increased credit risk. In response, financial institutions must demonstrate increasing agility to balance risk against profitability and asset.
Source: FT
03
IMPLEMENTATION OF BASEL III FINAL REFORMS
While it feels like we’ve been talking about Basel III reforms for a long time now, the deadline for implementation is, at the time of publication, is just 41 days away. After July 1, banks will face stricter capital requirements and leverage ratios. These changes aim to enhance the resilience of financial institutions but may also constrain lending capacities and impact profitability. Banks are expected to adjust their capital planning and risk management strategies to comply with the new standards, potentially leading to shifts in asset allocations and business models.
Source: Deloitte
04
INCREASED SCRUTINY OF NON-BANK FINANCIAL INSTITUTIONS
The growing prominence of non-bank financial entities, such as hedge funds and private equity firms, has attracted regulatory attention due to concerns over systemic risk. These institutions often operate with higher leverage and less transparency, potentially amplifying market volatility. Regulators are advocating for enhanced oversight and the implementation of measures to mitigate risks associated with the interconnectedness of non-bank and traditional banking sectors.
Source: The Guardian
05
TECHNOLOGICAL DISRUPTIONS AND CYBERSECURITY THREATS
The rapid adoption of digital technologies in financial services has introduced new operational risks, particularly in cybersecurity. Financial institutions face increasing threats from sophisticated cyber-attacks targeting sensitive data and critical infrastructure. Additionally, the integration of artificial intelligence and automation, while offering efficiency gains, necessitates robust risk management frameworks to address potential algorithmic biases and system vulnerabilities. Ensuring technological resilience is paramount to maintaining trust and stability in the financial system.
Source: New York Times
GETTING MORE FOR YOUR MONEY
Unlock the secrets of streamlined balance risk management
David Hough, Senior Advisor, Balance Sheet Management, FIS
From accepting deposits to financing commercial trade, investment and lending for retail and corporate customers, your bank is dedicated to safeguarding and managing its customers’ and shareholders’ money with the utmost care.
Bank operations are intertwined with local, national and global economies directly and indirectly. Whether that money is at rest, in motion or at work in an organization, it’s more important than ever to steer the balance sheet through any potential risk.
The consequences of tariff turbulence is dominating the news of late. Uncertainty brings change, disruption and potential dislocation. As economies adjust
to the impacts of tariffs on the macro level, businesses must consider the impacts on segments and portfolio quality over the next few years. Within the next year, we expect to take a closer look at how global changes could impact business’ appetite for risk.
Now is the time to begin assessing the impact of these global changes through scenario analysis. Boardroom conversations also need to take place, as companies begin annual planning rounds for 2026 onwards.
Wherever there is risk for some, there is always opportunity for others. As balance sheet planning commences for 2026-2030, will it involve growth or retrenchment in some market segments?
Considering both the direct and indirect impacts on tariffs on your commercial business is a good starting point. Whether that translates into a wider change in risk appetite over the plan horizon has yet to be seen.
As tariffs come, history shows they can just as easily go. A prudent starting point is assessing how tariffs might translate into a potential impairment charge, especially with risks already on the books. It’s also crucial to evaluate your cross-border exposures. To stay proactive, consider implementing subtle impairment provisioning now, as the impacts are only beginning to emerge gradually.
Given the potentially wider seismic changes within the global economy, it’s crucial to develop response strategies that protect future earnings, liquidity and efficiency in capital, while being agile in your planning and stress testing.
Although business’ executive committees and boards are having conversations about the future, translating these
discussions into actionable numbers remains a challenge. Many banks still rely on a fragmented patchwork of antiquated legacy systems. These outdated systems make it difficult to respond quickly to the fastmoving, complex and big-picture questions we now face.
To be informed is to be prepared. This calls for a more holistic and integrated, efficient and performance-focused approach to total balance sheet management and decision making.
Using an integrated platform approach with FIS® enables financial institutions to manage all aspects of the balance sheet more effectively. This approach supports an enterprise transformation pathway for finance, treasury and risk, allowing better balance sheet optimization. It helps you understand and evaluate business demand alongside your risk appetite across earnings, credit, capital and liquidity. Additionally, it ensures your teams can be more productive and responsive in navigating ongoing uncertainty.
Contact us > https://www.fisglobal.com/engagement/risk-and-compliance
The next disruption isn’t a question of if - but when.
If you had to predict the next shock to your balance sheet… could you?
Is your Risk Appetite Statement a living strategy - or a static document?
Are you still relying on the same risk models from three years ago?
Join our LinkedIn group > www.linkedin.com/company/fis-balance-sheet-management/?viewAsMember=true
Join CeFPro in a new global study uncovering how financial institutions are redefining systemic risk management and capital planning.
Take the survey. Shape the insights. Influence the future.
As told to Chandrakant is Maheshwari, First Vice President, Lead Model
Validator at Flagstaff Bank, New York, and a regular monthly contributor to Connect Magazine
FROM UNCERTAINTY TO IMPACT: A STORY OF COMPLEXITY, COMMUNICATION, AND CAREER RESILIENCE
Carl Densem’s professional story doesn’t begin with a finance internship or an Ivy League degree. It starts on a golf course.
Not every impressive career starts with clarity. Some begin in ambiguity – and flourish through detours. And it is this that makes Carl’s journey so compelling.
With more than a decade of global experience across market risk, counterparty credit, AML, and enterprise risk, in roles spanning North America and Europe, he currently finds himself him shaping group-wide risk policies and reporting practices as Risk Manager for Financial Markets at Rabobank in the Netherlands.
Beyond his corporate roles, Carl is deeply embedded in the global risk community through PRMIA, the Professional Risk Managers International Association. He currently serves as co-Editor of Intelligent Risk and is a Global Council Member, having previously led PRMIA’s Vancouver chapter.
A Golf Scholarship, and an Open Mind
“I came to the U.S. on a golf scholarship,” he recalls. “At the time, I had no idea what I wanted to study.”
What followed was a period of broad exploration: math, history, literature, philosophy. “I was searching,” he says – and that search turned out to be foundational.
Rather than a weakness, his early uncertainty gave him a wide lens through which he shaped his instinct to approach risk not just as a modeler, but as a translator – someone who could connect dots across disciplines and speak to different audiences.
He advocates for exploratory learning and following interest over image. “I never had a rigid plan,” he says. “And I’m better for it.”
Communication: A Career Differentiator
One turning point came when Carl moved from the U.S. to Canada. He transitioned from asset management to the credit union sector, where enterprise risk was still emerging. There, communication wasn’t optional – it was central.
“They didn’t need someone to just calculate VaR. They needed someone who could explain risk – to regulators, senior executives, and front-line staff.”
Carl’s background in literature and philosophy came to life. “Reading fiction trains you to see from another person’s perspective. And that’s what makes a good risk communicator.”
Complicated vs. Complex: A Hidden Lesson Clarity in Cooperative Structures
Many risk professionals are drawn to problems that look hard – Monte Carlo simulations, regression models, and statistical coding. “These are complicated problems,” Carl explains. “They require skill and precision – but they are linear and solvable.”
“But communication? That’s complex. It’s unpredictable. Human. And far more difficult to master.”
This distinction – between complicated and complex –has shaped Carl’s entire career philosophy. It’s why he finds communication deeply satisfying, and why he believes technical professionals should learn to value it as much as modeling.
During his time in Canada, Carl worked extensively in the credit union system. The collaborative nature of these institutions posed a new challenge: democratic ownership often led to decision paralysis.
“Everyone wanted to contribute, but no one wanted to lead. People assume inclusion equals satisfaction – but what people really crave is clarity.”
His takeaway? Strong leadership isn’t about control — it’s about direction. Teams, whether in enterprise risk or volunteer chapters, perform best when roles are defined, expectations are clear, and communication is structured.
A
Global
Perspective and Adaptable Toolkit
Carl’s professional footprint spans the U.S., Canada, and the Netherlands. Each move has added to what he calls his ‘global toolbox’.
“I’ve worked with teams from Singapore to Brazil. Over time, you start to recognize the communication and management styles that work – and which tools to apply in which context.”
In the Netherlands, he found a culture of directness and structural clarity that aligned with his communication values. “It’s not always transferable, but it sharpens your ability to adapt.”
PRMIA and the Parallel Path
of Impact
Carl’s involvement with PRMIA has run parallel to his corporate career –and shaped it in powerful ways. From leading the Vancouver chapter to now co-editing Intelligent Risk, he sees volunteer work not as an obligation, but a source of creative energy.
His advice to young professionals?
“Don’t just collect certifications. Get involved. Say yes to leadership roles. Offer structure. Ask better questions. And stay genuinely curious about others.”
Carl’s story is a reminder that some of the most meaningful careers are not designed in spreadsheets. They are discovered through curiosity, conversation, and the courage to communicate.
The Truth Behind Financial Reporting in Banking
As financial reporting grows more complex, banks face mounting challenges with inefficiencies, regulatory pressure, and data accuracy.
CeFPro’s 2025 global report, The State of Financial Reporting in Banking, commissioned by Workiva, reveals a persistent reliance on manual processes, widespread concerns over compliance, and a disconnect between internal confidence and regulatory expectations.
The findings highlight a critical need for automation, integrated systems, and stronger governance to ensure transparency, agility, and resilience in today’s volatile banking environment.
Download the full report >
Only 18% of banking professionals rated their financial reporting processes as “very efficient,” while 52% said they were only “somewhat efficient”.
66% of respondents identified manual tasks as the most significant cost burden in financial reporting.
47% of banks said manual data collection is their biggest challenge in meeting reporting deadlines.
49% of banking professionals identified inconsistent data across documentation as a top reporting error.
43% reported struggling with inefficient workflows or disconnected systems.
23% of financial teams spend between 41–60% of their time on financial reporting tasks.
34% cited errors in data entry, calculations, or formulas as common financial reporting issues.
54% of institutions believe regulators would find areas for improvement in their record-to-report processes.
87% of respondents expressed confidence in their data accuracy, yet only 31% were “very confident”.
58% of institutions are concerned or extremely concerned about the impact of regulatory changes on financial reporting
