European Union: Issued European Parliament approach on Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

On 7 December 2021, the European Parliament adopted its general approach on the Regulation on digital operational resilience for the financial sector (DORA). The Proposal outlines cybersecurity requirements to ensure the financial sector's digital operational resilience. In particular, the Proposal would require providers of digital financial services to conduct an impact assessment and develop a digital resilience framework. The Proposal was amended to require providers of financial services, such as credit institutions, e-money institutions and payment institutions, to report all security incidents, including the ones that are not related to the payment services they provide. Finally, the Proposal would require digital financial services providers to test their digital operational resilience and conduct third-party risks assessment.