Analytics·Themes
Live

Intelligence generated by AI from public regulatory sources. Not investment or regulatory advice. Verify before relying on any output.

Themes

Thematic risk clusters tracked across the regulatory horizon

1

emerging

2

crystallising

2

established

Theme Status

Emerging
First observed in regulatory discourse — not yet in enforcement actions or formal guidance.
Crystallising
Appearing in consultations, speeches, or supervisory focus areas with increasing frequency.
Established
Embedded in regulation or supervisory expectation — firms are expected to have controls in place.
Declining
Regulatory focus is fading — often superseded by a successor theme or enforcement cycle closure.

Trend Direction

Increasing
Regulatory intensity around this theme is growing — more publications, speeches, or enforcement actions observed.
Stable
Regulatory attention is consistent — no significant acceleration or deceleration detected in the scan window.
Decreasing
Regulatory focus is subsiding — publication frequency or supervisory emphasis has declined.
Jurisdictions

5 themes

crystallisingemerging?·Technology & Digital
increasing

AI Model Risk & Explainability

Growing regulatory scrutiny of algorithmic decision-making in credit, pricing, and AML screening. Supervisors are demanding explainability, fairness testing, and model governance frameworks that address AI-specific risks including data drift, adversarial inputs, and shadow model proliferation.

model riskartificial intelligenceexplainabilityalgorithmic biasmachine learning
ECBPRAFCAEBA
establisheddeclining?·ESG & Climate
stable

Climate-Related Financial Risk

Physical and transition climate risks are now embedded in supervisory stress-testing frameworks globally. TCFD disclosure mandates are expanding; the Basel Committee's climate risk principles are driving Pillar 2 capital discussions for institutions with material climate exposures.

climate riskESGTCFDphysical risktransition risk
PRAECBAPRABCBS
crystallising·Cyber Risk
increasing

Cyber Threat Intelligence & Incident Reporting

Regulatory mandates for standardised cyber incident classification and reporting timelines are converging across jurisdictions. DORA ICT incident classification RTS and FCA/PRA incident reporting expectations are tightening the supervisory notification window to 4 hours for major incidents.

cybersecurityincident reportingDORAICT riskthreat intelligence
FCAPRAEBABCBS
emerging·Regulatory Risk
increasing

Digital Asset Regulatory Convergence

Global regulatory frameworks for crypto-asset issuance, custody, and market infrastructure are crystallising. MiCA entered full application December 2024; FSB and IOSCO frameworks are influencing non-EU implementation. Stablecoin reserve requirements and DeFi oversight remain contested.

crypto assetsdigital assetsMiCAstablecoinsDeFi
ECBFCAMASFSB
establisheddeclining?·Operational Risk
stable

Operational Resilience & Critical Third Parties

Post-pandemic regulatory convergence on impact tolerance, critical business service mapping, and third-party dependency risk. DORA (EU) and PRA/FCA Operational Resilience Policy established binding frameworks; supervisors are now in an active supervisory review phase with self-assessment deadlines passed.

operational resilienceDORAthird-party riskbusiness continuityICT risk
PRAFCAEBABCBS