The growing digitisation of financial markets forces the EU to define a uniform regulation for network security and digital resilience. Presented by the European Commission for the first time in September 2020, the Digital Operational Resilience Act (DORA) aims to introduce a comprehensive regulatory framework at the EU level that includes regulations on digital operational resilience for all supervised financial institutions. Based on existing information and communications technology (ICT) risk management requirements already developed by other EU institutions, the proposal ties together several recent EU initiatives into one regulation. Indeed, DORA is part of the larger digital finance package, which aims to develop a European approach that fosters technological development and ensures financial stability and consumer protection.
The measures taken after the 2008 financial crisis did not consider the risks related to ICT. Therefore, the Digital Operational Resilience Act is necessary to protect and support digital finance, strengthening supervisory effectiveness. The goal is to promote a more careful and secure technological development of digital finance. In addition to reducing cyber risks and ICT-related incidents faced by financial entities, the cornerstones of DORA include the testing activities on ICT system and some measures to unify the mechanisms for reporting incidents.
The Act seeks to standardise, in favour of a European approach, the requirements and management of network security to ensure digital finance capable of protecting consumers and investors at the same time.
The Digital Operational Resilience Act is based on the 2016 NIS (Network and Information Security) directive, which protects infrastructures from cyber-attacks and offers to become the new paradigm for managing cybersecurity and ICT within Financial Services. The measure will involve the traditional financial sector, cryptocurrency providers and issuers of crypto-assets and tokens.
On 11 May 2022, the Council and the European Parliament reached the first provisional agreement on the new legislation, which is expected to come into force by the end of 2022. Following the declaration of operation of the DORA, companies will have to adapt to current regulations and guarantee, within 24 months, to be able to cope with the threats deriving from ICT.
References:
KOLINSKA, Dorota. “Protecting the EU’s Financial System from Cyber Attacks and ICT Disruptions: News: European Parliament.” | News | European Parliament, 10 May 2022, https://www.europarl.europa.eu/news/en/press-room/20220510IPR29221/protecting-the-eu-s-financial-system-from-cyber-attacks-and-ict-disruptions.
“REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on Digital Operational Resilience for the Financial Sector and Amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014 and (EU) No 909/2014.” EUR-Lex, 24 Sept. 2020, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52020PC0595&qid=1668079601009.
Pausch-Homblé, Katharina. “Digital Finance: Provisional Agreement Reached on Dora.” Consilium of the EU, 11 May 2022, https://www.consilium.europa.eu/en/press/press-releases/2022/05/11/digital-finance-provisional-agreement-reached-on-dora/.
Hallak, Issam. “Digital Operational Resilience Act (DORA): Think Tank: European Parliament.” Think Tank | European Parliament, 7 Nov. 2022, https://www.europarl.europa.eu/thinktank/en/document/EPRS_ATA(2022)738197.
Written by:
Chiara was born in 1996 in Parma, a small city in the north of Italy, within a big international family. She graduated in 2019 in Philosophy with a thesis on Aristotle’s Poetics and she is now attending a Master’s Degree in Journalism at the University of Parma. She worked as a tour guide in the world’s biggest labyrinth, designed and built by Franco Maria Ricci, a famous Italian editor. She is a freelance journalist for some Italian magazines. With a strong sense of rooting and a profound belief in friendship, surrounded by different cultures, languages and food she developed particular interest in a arts, nature and sports. During her studies, Chiara had the possibility to travel to Mexico, Canada and Kenya, spending long periods immersed in the local culture. Dedicato a DORA.