News

ESA release new batch of policy products under DORA

Thursday 18 July 2024 15:02 CET | News

The three European Supervisory Authorities (RBA, EIOPA, and ESMA – the ESA) have published a new batch of policy products under the Digital Operational Resilience Act (DORA).

The second batch consists of four final draft regulatory technical standards (RTS), a set of Implementing Technical Standards (ITS), as well as two guidelines. Together, the new batch of policy products aims to boost the digital operational resilience of the EU’s financial sector. 

The ESAs published the following final draft technical standards:

  • RTS and ITS on the content, format, templates, and timelines for reporting big ICT-related incidents and significant cyber threats; 

  • RTS on the harmonisation of conditions enabling the conduct of the oversight activities;

  • RTS specifying the criteria for determining the composition of the joint examination team; 

  • RTS on threat-led penetration testing (TLPT).

At the same time, the guidelines included discuss the estimation of aggregated costs/losses cause by big ICT-related incidents, and oversight cooperation. 

What are the next steps for the ESAs?

The final draft of the new technical standards and guidelines have been already adopted and submitted to the European Commission. Following this, the EC will start working on the review, and is expected to adopt the new policy products in the upcoming months of 2024.

The three European Supervisory Authorities (RBA, EIOPA, and ESMA – the ESA) have published a new batch of policy products under the Digital Operational Resilience Act (DORA)

 

More about DORA

The Digital Operational Resilience Act represents a EU regulation originally entered into force in mid-January 2023 and will apply as of mid-January 2025. It aims to strengthen the IT security of financial entities, including banks, investment companies, and insurances, allowing Europe’s financial sector to remain stable, resilient, and safe in case of severe operational disruption. 

DORA is needed especially to provide the legal ground for companies to continue delivering financial services, even in the case of cyber attacks and other incidents. 

Source: Link


Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: regulation, regulatory sandbox, banks, online security, cybercrime, cybersecurity, European Commission, RTS
Categories: Banking & Fintech
Companies: EIOPA, ESMA, EU
Countries: Europe
This article is part of category

Banking & Fintech

EIOPA

|

ESMA

|

EU

|
Discover all the Company news on EIOPA and other articles related to EIOPA in The Paypers News, Reports, and insights on the payments and fintech industry: