ORX News Q2 2025 Information Session

The ORX News Quarterly Information Sessions help keep our subscribers up to date with the latest insights and developments. These 30-minute webinars provide an overview of top trends, notable operational risk loss events and other content, all focused on operational and non-financial risk in the financial sector. 

Read on for some of the top takeaways from the Q2 2025 Information Session. If your firm subscribes to ORX News, you can follow the links to read about the operational risks events covered in more detail. Not a subscriber? Find out more about ORX News.

Highlights from the session

Overview of loss events

In Q2 2025, ORX News reported on 118 events amounting to losses of $2.69bn. Both total frequency and severity in Q2 decreased compared to Q1, and the median loss was around $4m lower than in Q1 (read this blog for highlights of the Q1 session).

Q2 2025 saw more frequent loss events than Q2 2024, but severity dropped to less than half that of Q1. This was partially due to the absence of the outlier events seen in 2024, such as TD Bank's $3bn money laundering scandal and the $900m provision by UBS to repay fund investors linked to Greensill Capital.

The insurance industry experienced an increase in both loss frequency and severity compared to Q1, with around $100m more losses in Q2 compared to Q1.

Conduct continued to be the risk type with the highest frequency and severity, while Information Security (including cyber) was the second most significant risk in terms of severity. In terms of frequency, Information Security (including cyber) saw nearly double the number of events compared to Q1.

Regional breakdown

North America was the most impacted region in Q2, followed by Asia/Pacific and then Western Europe.

Top 5 losses

The session also dived into the top losses from the quarter in more detail:

• Read April's top 5 operational risk losses
• Read May's top 5 operational risk losses
• Read June's top 5 operational risk losses

Spotlight topics

April: Operational resilience

First, the team dug into the theme of operational resilience, exploring two stories in more detail:

• Spain and Portugal suffer nationwide blackouts affecting ATMs and card transactions

• M&S customer data stolen in ransomware attack disrupting contactless payments and ordering

May: Service disruption

In the service disruption section, they looked at a service disruption experienced by Bloomberg that caused a global outage of its terminals. This stopped traders from accessing live pricing information for about 90 minutes, and as a result several European governments, and the EU, chose to delay debt sales:

• Bloomberg Terminal outage impacts trading and delays bond auctions

June: Ransomware attack

In the final spotlight, the team examined an event where the data of 130,000 employees of Swiss bank UBS was leaked following a cyberattack on its third-party business services provider, Chain IQ. According to Chain IQ, the stolen data was published on the darknet, and included contact details of UBS employees, including the number of an internal line to the CEO:

• UBS suffers cyberattack on third party leaking employee data including direct line to CEO

Editorial reports and Deep Dives

In the next part of the session, the team highlights some of the key reports they've published over the quarter.

Editorial reports

Regulatory actions: 2023-2024

This report takes a detailed look at all regulatory fines in the ORX News database from 2023 to 2024. In particular, 2024 was marked by the most severe and frequent regulatory actions since 2021, with 281 actions costing institutions a total of $20.61bn. While 2023 saw more fines, its total severity was lower.

Data Deep Dive - Geopolitics

This report is an overview of publicly reported operational risk loss events from the last seven years driven and/or significantly impacted by geopolitical factors. It contains information from loss events published by ORX News between 1 January 2019 and 15 April 2025 and examines trends in loss severity (including the top five losses), event categorisation, and geographical spread. This report also explores the common causes, impacts, and remedial measures for 11 key topics under the theme of geopolitics.

Deep Dives

• Fidelis pays USD 7.7 million for using excluded Medicaid provider
• Discover provisions USD 1.51 billion for card product misclassification refunds and fines
• Citi suffers near miss as fat finger error credits USD 81 trillion to client account

Service update

New look to News stories – new digest structure

To wrap up the session, the team shared some exciting service updates. Since June, the ORX News team has been writing current stories according to the bow tie model. We have added a new impact taxonomy and a more granular cause taxonomy, and these will help with future searching and data analysis.

The new structure has a clear layout with four key headings: Risk Event, Potential Causes, Impacts, and Remedial Measures. It also includes a four-line summary section at the top so you can grasp the key points of the event quickly.

If you're not an ORX News subscriber and would like to know more, get in touch with us or find out more about the service.