Yahya Mohamed Mao | Swiss GRC

The NIS2 Directive (Directive (EU) 2022/2555) represents the EU’s primary legal instrument to enhance cybersecurity and cyber resilience.

NIS2 decision in the Bundestag: Pressure on companies to act

17 November 2025

The NIS2 Directive (Directive (EU) 2022/2555) represents the EU’s primary legal instrument to enhance cybersecurity and cyber resilience. The implementation of the EU NIS2 Directive into German law fundamentally reshapes the cybersecurity requirements for thousands of organizations across the country. Those who act now will not only secure compliance, but also significantly strengthen their overall cyber resilience.

Rethinking cyber resilience through the lens of NIS2

6 November 2025

As the NIS2 Directive continues to shape Europe’s digital security landscape, the conversation around cybersecurity is shifting. What began as a regulatory framework is now driving a broader rethink of how organizations manage risk, build resilience, and maintain trust in an increasingly volatile environment.

DORA Compliance: GRC as a Competitive Advantage

22 September 2025

The digital transformation of the financial sector has accelerated innovation while simultaneously creating new operational risks and dependencies. Financial institutions now face unprecedented demands on their resilience. The increasing complexity of IT infrastructures, combined with ever more sophisticated cyber threats, requires a robust framework to ensure business continuity and security. This is precisely where the Digital Operational Resilience Act (DORA) comes in.

Europlaza building in Paris, home to the EBA

TPRM under new rules: EBA, DORA and MaRisk explained

14 July 2025

The regulatory landscape for Third-Party Risk Management (TPRM) is undergoing a fundamental transformation. With the new EBA Guideline, the DORA Regulation, and the anticipated revision of MaRisk, financial institutions are required to strategically realign their outsourcing and risk governance practices. The Deggendorf Note 2025/06 delivers a thorough analysis of this shift and leaves no doubt: Excel spreadsheets and siloed solutions are no longer sufficient.

Review of SWISS GRC DAY 2025: GRC as a strategic compass in dynamic times

19 May 2025

The SWISS GRC DAY 2025 has once again proven that Governance, risk, and compliance are key building blocks for resilience, innovative strength, and sustainable corporate management, not mere control mechanisms. In a world of constant change, we need responsible structures that create clarity, enable collaboration, and actively shape change, not just checkbox compliance.

Artificial intelligence has arrived in the financial sector - but according to FINMA, there is often a lack of clear governance.

FINMA on Artificial Intelligence: Widespread Use, Limited Governance

25 April 2025

Artificial intelligence has arrived in the financial sector – but according to FINMA, there is often a lack of clear governance. This article shows why institutions need to act now to manage risks, meet regulatory requirements, and integrate AI into their governance for the long term. Responsibility begins with a structured approach.

Global Risks Report 2025 by the World Economic Forum

Global Risks Report 2025: A GRC perspective on the World Economic Forum’s Insights

21 January 2025

The annual Global Risks Report offers a comprehensive view of the challenges shaping our future. The 2025 edition, marking two decades of global risk tracking, highlights the interconnected nature of today’s most pressing issues—from geopolitical tensions and environmental crises to technological vulnerabilities.

FINMA Risk Monitor 2024: Addressing Cyber Threats and Market Volatility

6 December 2024

Switzerland’s financial sector is under considerable pressure from an increasingly complex and interconnected risk landscape. The FINMA Risk Monitor 2024 has identified several risks facing financial institutions, from rising cyber threats and geopolitical tensions to ongoing vulnerabilities in the real estate market.

GCC GRC Day 2024: Navigating the Complexities of GRC in the Middle East

27 May 2024

The GCC GRC DAY 2024 brought together leading industry experts who engaged in rich discussions about the most pressing GRC challenges, sharing insights and strategies to effectively navigate the complex landscape of governance, risk and compliance (GRC).

The EU’s AI Dilemma: Innovation or Over-Regulation?

25 January 2024

The tension between innovation and regulation presents the EU with a difficult task. It must find a way that both exploits the enormous potential of AI and protects the safety and rights of its citizens. The future of AI in Europe depends on how well this balance is achieved.

SOLUTIONS

Governance, Risk & Compliance (GRC)

Contract Lifecycle Management (CLM)

Business Process Modelling (BPM)

Integrated GRC Solutions

Manage contracts securely and minimise risks

StorIT and Swiss GRC join forces to deliver GRC solutions across MENA

Technology Partners

Identify, model and continuously optimize processes

PLATFORM CAPABILITIES

Fundamentals

Third-Party Intelligence

Standards & Regulations

Platform Community

AI Assistant

AI Assistant

Configurability

Deployment

Security & Compliance

Partner Portal

Media Search Screening

Sanctions Screening

Media Search Screening

Speech & Voice Analytics

Risk Spillover

Dynamic Profiling

Ratings

Supported standards and regulations

ISO 31000 / COSO

DORA

ISO 27001

NIS2

NIST

GDPR

BSI IT-Grundschutz

PCI-DSS

StorIT and Swiss GRC join forces to deliver GRC solutions across MENA

Technology Partners

Cutting-edge and diverse topics on governance, risk and compliance at SWISS GRC DAY 2025. Read the review!

Author: Yahya Mohamed Mao

Standards & Regulations

Company

Standards &
Regulations