European Union: Reached provisional agreement between European Parliament and Council on Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

Description

Reached provisional agreement between European Parliament and Council on Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

On 10 May 2022, the European Parliament and the Council of the European Union announced that a provisional agreement on the Regulation on digital operational resilience for the financial sector (DORA) Proposal was reached. The Proposal outlines cybersecurity requirements to ensure the financial sector's digital operational resilience. In particular, the Proposal outlines requirements regarding governance and management of information and communications technology (ICT) related risks and the obligation to report ICT-related incidents to harmonise European responses to cyber threats. Furthermore, the Proposal would require digital financial services providers to test their digital operational resilience, conduct third-party risks assessment and share the information with the authorities to prevent cyber threats. The text of the provisional agreement on (DORA) Proposal now goes to the Council and European Parliament for adoption.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
digital payment provider (incl. cryptocurrencies), DLT development, infrastructure provider: cloud computing, storage and databases
Implementation Level
supranational
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2020-09-24
under deliberation

On 24 September 2020, the European Commission submitted the Proposal for a Regulation on digital op…

2021-11-24
under deliberation

On 24 November 2021, the Council of the European Union adopted its general approach on the Proposal…

2021-12-07
under deliberation

On 7 December 2021, the European Parliament adopted its general approach on the Regulation on digit…

2022-05-10
under deliberation

On 10 May 2022, the European Parliament and the Council of the European Union announced that a prov…

2022-11-10
under deliberation

On 10 November 2022, the European Parliament passed the Digital Operational Resilience Act (DORA Re…

2022-11-28
adopted

On 28 November 2022, the Council of the European Union adopted the Digital Operational Resilience A…

2023-01-16
in grace period

On 16 January 2023, the Regulation on digital operational resilience for the financial sector (DORA…

2025-01-17
in force

On 17 January 2025, the Regulation on digital operational resilience for the financial sector (DORA…