The 20th annual conference of the Frankfurt School Forum brought together influential leaders, academics, and technology experts to explore the transformation of financial services in an era of unprecedented digital, geopolitical, and regulatory challenges. Under the banner “Next-Generation Financial Services 25: Cybersecurity, Threat Intelligence, Gen AI, Resilience,” the event highlighted critical success factors for resilient, secure, and sustainable banking.
Opening the Dialogue: Resilience as a Core Strategy
Moderated by Professor Dr. Daniel Beimborn from the University of Bamberg, the conference began with a compelling keynote by Dr. Carsten Esbach, COO Germany & Austria, BNP Paribas. His presentation underscored resilience as a fundamental driver of long-term success for European financial institutions. BNP Paribas, operating in 64 countries with 175,000 employees, showcased a business model built on stability and diversification. With a CET1 ratio of 12.4%, 780 AI use cases, and a leading position in sustainable finance, the bank positions itself as a forward-thinking, secure partner. Esbach emphasized customer-centric innovation like the NiCKEL account, promoting financial inclusion through simplicity and risk control, and highlighted the strategic importance of digital work environments and IT resilience.
DORA: Catalyst for Operational Resilience?
In a joint presentation, Armin Reinhardt and Jens Bläser of Deloitte explored the Digital Operational Resilience Act (DORA) as both an opportunity and a challenge for financial institutions. They emphasized that DORA goes beyond compliance, requiring operationalization across governance, ICT risk management, third-party oversight, incident handling, business continuity, and penetration testing. Violations, such as failure to report incidents or conduct testing, could lead to fines up to €5 million. The speakers warned that true resilience demands transparency, functioning processes, and end-to-end integration—not just policy documentation.
Embedding Resilience Strategically
Tobias Ludwichowski, CISO of Signal Iduna Group, provided a pragmatic perspective on embedding resilience into organizational DNA. Stressing that cyber incidents are consistently ranked among the top ten business risks, he presented resilience not as a regulatory obligation but as a strategic necessity. His key message: resilience must permeate all levels of the digital supply chain—from servers and applications to databases and physical infrastructure. Centralized communication, transparent ticketing systems, and active involvement of line management were among the best practices for operationalizing DORA requirements sustainably.
Integrated GRC: A Holistic Response to Fragmentation
Dr. Hermann Hienz from Sopra Steria called for a shift away from siloed GRC (Governance, Risk, and Compliance) structures, which hinder effective ICT risk management. With cybersecurity threats costing German businesses nearly €180 billion annually, Hienz argued for a unified, tool-supported GRC framework. Integration, supported by strong governance and automation, can enable real-time monitoring, policy enforcement, and cross-functional collaboration. He emphasized the role of AI in handling large datasets and called for regular training to drive awareness and acceptance across the organization.
The Perfect Cyberstorm: AI, Geopolitics, and Unmanaged Risk
In a riveting keynote, Sergej Epp, Global CISO at Sysdig, painted a vivid picture of the escalating cyber threat landscape, amplified by rapid AI evolution and geopolitical tensions. He illustrated how threat actors exploit unmanaged devices, open-source vulnerabilities, and containerized environments to execute attacks within seconds. Drawing from real-world incidents like the Carbanak gang and the Scarleteel campaign, Epp explained how nation-state actors increasingly target critical infrastructure. AI-driven scamming, deepfakes, and autonomous hacking scenarios are reshaping cybersecurity. He urged organizations to embrace zero-trust principles, treat all systems and users as compromised by default, and continuously adopt cyber innovations.
NEW Banking: Resilience for Sustainable Growth
Subscribe to get access
Read more of this content when you subscribe today.
Conclusion: Building the Future of Banking on Resilience
Across all contributions, one message was clear: the future of banking hinges on resilience. Whether in the face of regulatory pressure, technological disruption, or global instability, banks must embed resilience deeply within their strategies, systems, and cultures. From integrated GRC to AI readiness, from sustainable customer solutions to organizational agility, the sector is entering a new phase—one where security, innovation, and growth are no longer competing priorities, but mutually reinforcing imperatives.
^^^ RATING EVIDENCE GmbH 
Leave a comment