Litcius/Paper detail

Cybersecurity policy, ESG and operational risk: A Virtuous relationship to improve banks’ performance

Elena Bruno, Francesco Pistolesi, Emanuele Teti

2025International Review of Economics & Finance14 citationsDOIOpen Access PDF

Abstract

This study examines the relationship between cybersecurity policies (CSP), Environmental, Social, and Governance (ESG) performance, operational risk, and bank profitability . While operational risk and ESG have been extensively studied, limited research addresses their intersection with CSP in banking. Using a dataset of 1673 bank-year observations across multiple economic regions (2009–2023), we employ an interrupted time series (ITS) regression approach to assess the impact of CSP adoption on bank performance . Our findings reveal that banks implementing CSP experience improved financial resilience, with CSP having a statistically significant positive effect on return on assets (ROA), return on equity (ROE), and return in tangible equity (ROTE). ESG scores positively correlate with bank profitability, while operational risk plays a nuanced role. This study extends institutional theory by demonstrating how CSP implementation enhances banking stability, regulatory compliance, and financial sustainability. By aligning ESG frameworks with CSP, banks can achieve a sustainable, secure, and profitable operating model that enhances financial resilience and stakeholder trust.

Topics & Concepts

Operational riskBusinessFinancial systemRisk analysis (engineering)Computer securityRisk managementFinanceComputer scienceInformation and Cyber SecurityCybercrime and Law Enforcement StudiesCrime, Illicit Activities, and Governance