Commentary
Majority of CBDCs designed to be domestic only
But a fifth of central banks are working on multi-currency CBDCs
Central banks keep trialling link between wCBDC and RTGS
Most respondents motivated to issue wCBDC to enable financial innovation
Majority of central banks still lack CBDC issuance powers
Legal mandates are scarce in both larger and smaller central banks
Two in five CBDCs designed to be programmable
Over half of respondents’ retail CBDC projects are at research phase
Some central banks expect CBDC to boost seigniorage
Result depends on design features of digital currency, with many central banks unsure of the outcome
Payment innovation is top fintech research priority
Recruitment and retention of talents is biggest tech challenge, but constraints vary somewhat by teams
Central banks facing fintech hiring challenges tend to have bigger teams
Private sector opportunity is most widely reported issue for fintech staffing
Vast majority of central banks taking action on climate risk
Nearly one in five banks reflect climate risk in reserves management and collateral eligibility
Risk management reviews are most common assessment method
Centralised teams are less likely to conduct external or management evaluations
Risk managers report increase in geopolitical and AI risks
But cyber incidents and security remain greatest risks for many central banks
UK’s Orange Book risk approach rarely used by central banks
Only three centralised risk management departments utilise principle
Privacy and security seen as top AI risk
Most risk managers more relaxed about potential financial losses caused by AI
Benchmarks data reveals AI use gap in risk management
Central banks from the Americas are most concerned about deepfakes, data shows
Staff error is largest cause of op risk at central banks
Legacy systems tend to trigger most threats in jurisdictions with greater than average number of incidents
Op risk incidents average over 100 a year among central banks
Financial impact is risk managers’ strongest metric for gauging incidents’ severity
Phishing and ransomware are central banks’ main cyber threats
Teams widely use training, monitoring and privilege management to mitigate cyber threats
Just under half of risk departments are sufficiently staffed
Units with satisfied staffing levels earn below global average annual salary
Mitigation and reporting are leading components of risk strategy
Decentralised teams more likely to embed philosophy in divisional decision-making
Most centralised risk teams prioritise cyber security
Decentralised teams primarily cover credit and counterparty, op and market risks
Risk policies widely reviewed by committee in larger teams
Central banks with larger teams favour risk committees over CROs
Middle income central banks have highest number of risk staff
But ratios of risk management employees to total headcount vary widely