
Business Risk Management
Published on 01.07.2026 CEST
Of course, we cannot predict the future. However, we are aware of the importance of proactive decision-making and risk management in order to achieve the desired results. With this mindset, we shape the guiding principles in the Transaction Banking unit.
A good risk framework provides the necessary conditions for making conscious decisions and simultaneously supports the Transaction Banking unit in dealing with opportunities and risks. The highest quality for the benefit of our clients is always at the forefront. In the dynamic environment of Transaction Banking, risk management is of essential importance. It has always been crucial to view risks with a degree of common sense. However, the more extensive the requirements become, the more important a solid framework and a uniformly high standard in risk consideration are. Risk management strategies are not dogmas carved in stone once and for all. Rather, they evolve along with the business. They support successful business development in line with regulatory requirements, and they take into account technical and business developments with the aim of enabling successful service delivery.
The increasing complexity of financial markets, cyber threats, regulatory requirements, and the associated risks require constant adaptation and further development of risk management strategies. Need an example? In the past few years, the main focus was on the failure of a building due to flooding or fire. Over the years, however, system security and stability, emergency workplaces, personnel, power shortages, geopolitical uncertainties, third-party suppliers, and cyberattacks have come more into focus. All these aspects are now considered part of Business Continuity Management (BCM), which is required by FINMA.
At Vontobel, the guidelines are formulated centrally and then implemented in the individual areas. This is also the case in the Transaction Banking unit. This requires stable pillars to ensure all areas of responsibility are covered. All the above-mentioned topics flow into a comprehensive BCM system, with the aim of maintaining the availability of the Transaction Banking unit’s services and its operational resilience. We ensure these and many other requirements are met in the Transaction Banking unit with effective Business Risk Management (BRM).
In today’s digital era, banks face a multitude of challenges, particularly in the field of Transaction Banking. It is necessary to take into account the previously mentioned complexities and increasing dependencies on suppliers and technical providers. Two of the most significant developments in this context are the Digital Operational Resilience Act (DORA) and FINMA Circular 2023/1, both of which aim to strengthen the operational resilience of financial institutions.
This includes not only the existence of a robust framework, including policies that describe the testing of ICT systems, processes, risks, and controls, but also how third-party risks are managed. A central element of DORA is the obligation to carry out regular risk assessments and tests on digital systems. Banks must not only analyze the impacts of potential cyberattacks, for example, but also develop strategies to protect themselves against such threats. This includes the need to implement an effective incident management system to be able to respond quickly to security incidents and to report them appropriately to the relevant regulators. In addition, banks must ensure that their suppliers and service providers also have adequate security measures.
At Vontobel, we build on our already well-established methods and logics to further improve and continuously expand digital operational resilience. This includes a comprehensive ICS, which is thoroughly tested every year. In addition, centrally initiated control activities are carried out by our specialists and confirmed by our internal experts as well as by independent external auditors. A new aspect is the definition of critical/important functions. At Vontobel, a large number of these are located in our Transaction Banking unit, such as execution, custody, asset servicing, cash management, and reconciliation. Here, we are expanding our existing setup and implementing resilience scenario tests. What happens in the event of a cyberattack, a power outage, or prolonged restricted access to our buildings and workplaces?
The implementation of DORA will enable banks to gain a more comprehensive understanding of their operational risks and take proactive measures to mitigate risks. This will help to strengthen client trust, as well as meet regulatory requirements and minimize potential financial losses.
One of the central requirements of the circular is the need to establish a clear governance structure that defines responsibilities within an organization. This is particularly important as the complexity of Transaction Banking often leads to risks not being adequately captured. The circular also calls for regular reviews of risk management processes to ensure they are effective and up-to-date. In addition, banks are encouraged to promote a culture of risk awareness in which all employees, regardless of their position, take responsibility for risk management. We achieve this through training programs and regular communication about risks and their impact on business operations. In the Transaction Banking unit, our employees are sensitized and responsible - everyone, regardless of their task and position, is a risk manager.
Conclusion
The challenges in the area of BRM in Transaction Banking are diverse and require a proactive approach. DORA and FINMA Circular 2023/1 represent two important steps forward in strengthening the operational resilience of banks and ensuring that they are able to adapt to constantly changing risks. By implementing robust risk management practices - and strengthening those that are already in place - banks can not only increase their operational stability but also further enhance the trust of their clients and stakeholders. In a world where digital innovations and cyber threats go hand in hand, it is essential that banks take the right measures to future-proof their business.
Contact us
Published on 01.07.2026 CEST
ABOUT THE AUTHORS
Show more articlesTino Hellmund
Business Risk Manager, Transaction Banking
Tino Hellmund is responsible for Business Risk Management (BRM) in the Transaction Banking unit at Vontobel. This includes, among other things, process and risk documentation as well as their controls, the resilience of the settlement processes, and the implementation of regulatory requirements. In addition, BRM forms the interface with internal departments, such as Operational Risk and IT Compliance.


