Jacek Jastrzębski, Chair of Komisja Nadzoru Finansowego (KNF), spoke at the holiday meeting of the banking community organised by the Polish Bank Association (ZBP).

Jacek Jastrzębski discussed supervisory priorities regarding the banking sector for 2026. The starting point was the observation of the growing scale of non-financial risks. He has pointed out that contemporary bank governance is becoming less and less focused on the classic threats known from studies in finance, and increasingly often focused on legal, technological, and organisational risks. He has remarked that it could be worthwhile to initiate a discussion on the adequate positioning of those risks within governance structures, especially where banks spend increasingly more time on legal issues than on traditional credit risk.

Another significant context which he has outlined is the geopolitical situation and related hybrid threats. The Chair of KNF has pointed out that the supervision authority must respond to a reality in which those non-standard risks are gaining importance, and formulate its priorities for the next year in this vein.

Jacek Jastrzębski has mentioned the good condition of the banking sector in terms of profitability and cost effectiveness. He has emphasised, though, that the positive financial result should not be used as justification to reduce efforts to strengthen bank security. He has expressed concern over the structure of balance sheets, dominated by treasury bonds and instruments related to public debt financing, which – in his opinion – should encourage banks to further explore the possibilities of developing a credit portfolio and financing the real economy more.

When discussing key supervisory priorities for 2026, he has indicated that the supervision authority intends to verify to what extent banks are prepared to function in the environment of higher economic uncertainty, which will involve the assessment of credit risk management and interest rate risk management. Another priority is operational risk, including in particular resilience to incidents, data loss, and effectiveness of containment mechanisms. The third area follows the entry into force of CRR3, which will change the method of calculating capital requirements for credit risk and operational risk. The supervision authority intends to strongly cooperate with the sector in this regard. The fourth priority concerns bank product and service risk management, including product governance, the importance of which was foregrounded by experience related to the legal risk arising from foreign-currency loans.

The Chair has also announced the fifth priority, being a horizontal one, covering the entire financial market: to enhance resilience to cyber threats and hybrid threats. He has emphasised that even though banking infrastructure is relatively resilient to attacks, external vendors and a human factor can be a weak link, in particular given the growing scale of social engineering attacks. In this context, the key role is played by DORA regulations and by cooperation with multiple state institutions, including dedicated units of the Police. 

The Chair of KNF closed his speech by thanking the banking sector for the last year, constructive cooperation and open dialogue. He mentioned challenges that would underlie joint actions in the nearest future, such as disputes concerning WIBOR-based loans or issues related to free credit sanction. He expressed hope that with the current level of cooperation kept, banks would be able to continue their development in a stable environment. Finally, he wished all employees of the banking sector happy holidays.