Most centralised risk teams prioritise cyber security
Decentralised teams primarily cover credit and counterparty, op and market risks
Risk management departments with a centralised team structure tend to prioritise cyber security over other threats, the Risk Management Benchmarks 2026 find.
Forty-eight risk teams provided data on the risk types they cover. Twenty-six of these operate a centralised team structure. The remainder run a decentralised arrangement.
All but one of the 26 centralised risk teams indicated coverage of cyber security (96.2%). The risk comes ahead of other prominent threats – “cyber incidents not involving
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@centralbanking.com or view our subscription options here: subscriptions.centralbanking.com/subscribe
You are currently unable to print this content. Please contact info@centralbanking.com to find out more.
You are currently unable to copy this content. Please contact info@centralbanking.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@centralbanking.com test test test
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@centralbanking.com test test test
More on Risk Management
Just under than half of risk departments are sufficiently staffed
Units with satisfied staffing levels earn below global average annual salary
Mitigation and reporting are leading components of risk strategy
Decentralised teams more likely to embed philosophy in divisional decision-making
Risk policies widely reviewed by committee in larger teams
Central banks with larger teams favour risk committees over CROs
Middle income central banks have highest number of risk staff
But ratios of risk management employees to total headcount vary widely
How central banks manage their own cyber defences
Resilience against system breaches, ransomware and phishing attacks is in focus, alongside managing third-party risks and the threat of state actors to payment systems
Risk Management Benchmarks 2025 – model banks analysis
Drilling into the data reveals patterns in risk prioritisation and department structure
Risk Management Benchmarks 2025 – executive summary
The benchmarks reveal an ongoing focus on cyber risk, but climate and AI risks are rising fast
Risk Management Benchmarks 2025 report – mind the techno-political gap
Responses show central banks’ shifting priorities as volatility increases