European Union: Introduced Proposal for a Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

Description

Introduced Proposal for a Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

On 24 September 2020, the European Commission submitted the Proposal for a Regulation on digital operational resilience for the financial sector (DORA) to the European Parliament and the Council of the European Union. The Regulation outlines security requirements to mitigate the risks arising from the digital finance sector due to the emergence of decentralised finance. The Proposal would require providers to conduct an impact assessment to develop a digital resilience framework. Furthermore, the Proposal outlines requirements regarding governance and management of information and communications technology (ICT) related risks, the obligation to report ICT-related incidents to harmonise European responses, the Regulation of digital operational resilience testing, third-party risks assessment, and the sharing of information at European level to prevent cyber threats. The (DORA) Proposal now goes to the Council and European Parliament for adoption.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
digital payment provider (incl. cryptocurrencies), DLT development, infrastructure provider: cloud computing, storage and databases
Implementation Level
supranational
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2020-09-24
under deliberation

On 24 September 2020, the European Commission submitted the Proposal for a Regulation on digital op…

2021-11-24
under deliberation

On 24 November 2021, the Council of the European Union adopted its general approach on the Proposal…

2021-12-07
under deliberation

On 7 December 2021, the European Parliament adopted its general approach on the Regulation on digit…

2022-05-10
under deliberation

On 10 May 2022, the European Parliament and the Council of the European Union announced that a prov…

2022-11-10
under deliberation

On 10 November 2022, the European Parliament passed the Digital Operational Resilience Act (DORA Re…

2022-11-28
adopted

On 28 November 2022, the Council of the European Union adopted the Digital Operational Resilience A…

2023-01-16
in grace period

On 16 January 2023, the Regulation on digital operational resilience for the financial sector (DORA…

2025-01-17
in force

On 17 January 2025, the Regulation on digital operational resilience for the financial sector (DORA…