European Union: Introduced Proposal for a Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

On 24 September 2020, the European Commission submitted the Proposal for a Regulation on digital operational resilience for the financial sector (DORA) to the European Parliament and the Council of the European Union. The Regulation outlines security requirements to mitigate the risks arising from the digital finance sector due to the emergence of decentralised finance. The Proposal would require providers to conduct an impact assessment to develop a digital resilience framework. Furthermore, the Proposal outlines requirements regarding governance and management of information and communications technology (ICT) related risks, the obligation to report ICT-related incidents to harmonise European responses, the Regulation of digital operational resilience testing, third-party risks assessment, and the sharing of information at European level to prevent cyber threats. The (DORA) Proposal now goes to the Council and European Parliament for adoption.