About one week after FEBIS informative session on the topic – the Council adopts Digital Operational Resilience Act (DORA), which will make sure the financial sector in Europe is able to stay resilient through a severe operational disruption.
DORA sets uniform requirements for the security of network and information systems of companies and organisations operating in the financial sector as well as critical third parties which provide ICT (Information Communication Technologies)-related services to them, such as cloud platforms or data analytics services.
DORA creates a regulatory framework on digital operational resilience whereby all firms need to make sure they can withstand, respond to and recover from all types of ICT-related disruptions and threats. These requirements are homogenous across all EU member states. The core aim is to prevent and mitigate cyber threats.
Now that the DORA proposal is formally adopted, aspects that require national transposition will be passed into law by each EU member state.
At the same time, the relevant European Supervisory Authorities (ESAs), such as the European Banking Authority (EBA), the European Securities and Markets Authority (ESMA) and the European Insurance and Occupational Pensions Authority (EIOPA), will develop technical standards for all financial services institutions to abide by, from banking to insurance to asset management.
The respective national competent authorities will take the role of compliance oversight and enforce the regulation as necessary.
More information on the Council adoption can be found here: Council adopts Digital Operational Resilience Act
Source: Press Release