Swiss GRC Day 2025: Governance, Risk and Compliance as a Strategic Imperative

LUCERNE, Switzerland--(BUSINESS WIRE)--Swiss GRC Day 2025 brought together specialists and managers from the DACH region at Zurich Airport. The conference offered insights into current developments in governance, risk and compliance (GRC) – from cyber risks and regulatory requirements to artificial intelligence and leadership culture.

Swiss GRC Day 2025 brought together leading minds in governance, risk, and compliance from across the DACH region. The conference highlighted how GRC is evolving from a control function into a strategic driver.

Share

“GRC is not a control instrument, but a strategic management system,” emphasized Besfort Kuqi, co-founder and CEO of Swiss GRC, at the opening of the Swiss GRC Day 2025. Companies must actively prepare for uncertainties, use technological innovations responsibly and strengthen their cultural resilience.

The opening keynote speech by Nikolai Tsenov, Head Strategy & Business Development at Swiss GRC, provided a historical look back at the Lisbon earthquake of 1755. He illustrated how decisive action, strategic leadership and courageous reforms formed the basis for resilience and governance centuries ago - principles that are more relevant today than ever.

The program offered a strong combination of theory, strategy and practice. Christian Weiss, Head of Enterprise Risk at Skyguide, described how a temporary airspace shutdown over Switzerland could be managed with clear decision-making processes and practiced crisis structures.

Marc Etienne Cortesi, Group CISO of the Baloise Group, demonstrated the extent to which digital dependencies have increased. Using a cyberattack as an example, he explained how vulnerable supply chains are - and how the NIST C-SCRM Framework can help to prioritize risks and build resilience.

Technological change and its ethical and regulatory impact were also in focus. Marinela Bilic-Nosic, Partner at EY Germany, advocated for company-wide AI governance, especially for autonomous systems. David Rosenthal, Partner at VISCHER AG, showed how the EU AI Act can be applied in an innovation-friendly way through clear responsibilities, staged approvals, and trained decision-makers.

Marc Gröflin, Head of Internal Audit at the Swiss National Bank, presented a combined assurance model that creates more transparency and real added value by closely coordinating audit, risk, ICS and compliance.

Sandra Middel, Chief Ethics and Compliance Officer of the Axpo Group, provided the final impulse. She focused on the role of corporate culture and emphasized the importance of lived values, responsibility in everyday life and leadership by example.

The contributions made one thing clear: GRC is a networked, strategic management approach – and a key success factor for organizations in a complex, dynamic world.