The Basel Committee on Banking Supervision used its May 19-20 meeting in Basel to tee up three specific supervisory workstreams: publication of a report on ICT risk management, further progress on a targeted review of prudential standards for banks’ crypto-asset exposures, and consideration of targeted revisions to liquidity-risk principles.
For bank risk and compliance teams, that matters less as an instant rule change than as a map of where the committee is still spending attention. The digital-resilience file looks the most concrete. The committee approved a report that consolidates ICT risk-management practices across jurisdictions, and the source says ICT is a key part of operational risk management and of the wider goal of operational resilience as banking becomes more digital. In practical terms, supervisors are not only worried about dramatic cyberattacks. They are also looking at how banks handle ordinary, non-malicious technology incidents.
The crypto and liquidity items look narrower, but not trivial. The minutes describe both as targeted exercises, a review of prudential standards for crypto-asset exposures and possible revisions to liquidity-risk principles, rather than a wholesale rewrite of bank rules. The published summary does not include draft text, numerical changes or a timetable, so the signal for now is continuing scrutiny rather than immediate implementation.
The broader backdrop was hardly relaxed. Committee members said the global banking system remains resilient, supported by strong capital and liquidity, even as rising tensions, including conflict in the Middle East, have increased economic uncertainty. They warned that inflation pressure, supply-chain disruption and spillovers into sectors such as energy and agriculture could still test that resilience. Members also discussed non-bank financial intermediation, including private credit, saying banks’ direct exposure appears limited overall but that indirect exposures and interconnections deserve close attention. AI landed in the cyber file too: frontier models could help identify vulnerabilities and strengthen defenses, but if misused could change the speed and scale of cyber incidents.
One caveat, because supervisors rarely rush from meeting note to rulebook: this is a committee summary, not a binding rule package, and the FSA page says its English page is machine translated. Still, the direction is fairly plain. Global supervisors want banks to harden operational resilience, keep a closer watch on crypto exposures, revisit parts of the liquidity framework and pay more attention to links with the fast-growing non-bank world.