Digital Policy Alert logo

European Union: Implemented Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

Policy overview

Description

Implemented Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

On 17 January 2025, the Regulation on digital operational resilience for the financial sector (DORA), including cybersecurity measures is implemented. The Regulation lays down uniform obligations regarding security, risk management, monitoring and i…

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
digital payment provider (incl. cryptocurrencies), DLT development, infrastructure provider: cloud computing, storage and databases
Implementation Level
supranational
Government Branch
legislature
Government Body
parliament

Complete timeline of this policy change

Hide details
2020-09-24
under deliberation

On 24 September 2020, the European Commission submitted the Proposal for a Regulation on digital op…

2021-11-24
under deliberation

On 24 November 2021, the Council of the European Union adopted its general approach on the Proposal…

2021-12-07
under deliberation

On 7 December 2021, the European Parliament adopted its general approach on the Regulation on digit…

2022-05-10
under deliberation

On 10 May 2022, the European Parliament and the Council of the European Union announced that a prov…

2022-11-10
under deliberation

On 10 November 2022, the European Parliament passed the Digital Operational Resilience Act (DORA Re…

2022-11-28
adopted

On 28 November 2022, the Council of the European Union adopted the Digital Operational Resilience A…

2023-01-16
in grace period

On 16 January 2023, the Regulation on digital operational resilience for the financial sector (DORA…

2025-01-17
in force

On 17 January 2025, the Regulation on digital operational resilience for the financial sector (DORA…