On September 24, 2020, the European Commission published the Digital Operational Resilience Act (DORA), i.e. a draft Regulation on the operational resistance to digital threats of financial sector entities. This regulation is intended to preserve and promote robust ICT risk management standards in financial institutions in the EU, while supporting innovation. Who will the new provisions apply to, and to what extent?
As we read in the proposal, the regulation will cover:
Notably, the overriding principle is the full responsibility of the management body for the management of the financial entity’s ICT risk.
Similar to the practice already in place among the Member States, the DORA regulation also indicates the minimum requirements that ICT providers should meet in order to mitigate the digital threat in the financial sector. A key proposal is the introduction of pan-European standardization for this type of providers.
If the article was valuable to you, please share it with others, e.g. via Facebook or LinkedIn!
Main picture: Unsplash.com