European Union: Issued European Parliament approach on Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

Description

Issued European Parliament approach on Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

On 7 December 2021, the European Parliament adopted its general approach on the Regulation on digital operational resilience for the financial sector (DORA). The Proposal outlines cybersecurity requirements to ensure the financial sector's digital operational resilience. In particular, the Proposal would require providers of digital financial services to conduct an impact assessment and develop a digital resilience framework. The Proposal was amended to require providers of financial services, such as credit institutions, e-money institutions and payment institutions, to report all security incidents, including the ones that are not related to the payment services they provide. Finally, the Proposal would require digital financial services providers to test their digital operational resilience and conduct third-party risks assessment.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
digital payment provider (incl. cryptocurrencies), DLT development, infrastructure provider: cloud computing, storage and databases
Implementation Level
supranational
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2020-09-24
under deliberation

On 24 September 2020, the European Commission submitted the Proposal for a Regulation on digital op…

2021-11-24
under deliberation

On 24 November 2021, the Council of the European Union adopted its general approach on the Proposal…

2021-12-07
under deliberation

On 7 December 2021, the European Parliament adopted its general approach on the Regulation on digit…

2022-05-10
under deliberation

On 10 May 2022, the European Parliament and the Council of the European Union announced that a prov…

2022-11-10
under deliberation

On 10 November 2022, the European Parliament passed the Digital Operational Resilience Act (DORA Re…

2022-11-28
adopted

On 28 November 2022, the Council of the European Union adopted the Digital Operational Resilience A…

2023-01-16
in grace period

On 16 January 2023, the Regulation on digital operational resilience for the financial sector (DORA…

2025-01-17
in force

On 17 January 2025, the Regulation on digital operational resilience for the financial sector (DORA…