On 11 May 2022, the European Council announced in a press release, that it had reached a provisional agreement with the European Parliament on DORA, a piece of legislation designed to strengthen the operational resilience of the financial sector in Europe against ICT-related disruptions and incidents. A vast range of entities such as banks, payment providers, investment firms, crypto-asset service providers, and ICT service providers will need to be prepared for these incoming rules. Whilst we await the publication of the final text of DORA, we look into what can be expected.
DORA was initially proposed by the European Commission on 24 September 2020, as part of a larger digital finance package which aims to develop a harmonised European approach to foster technological development, and to ensure financial stability and consumer protection. In addition to the DORA proposal, the package contains a digital finance strategy, a proposal on markets in crypto-assets (MiCA) and a proposal on distributed ledger technology (DLT).
The revised text of DORA is yet to be released publicly as of the date of this article. The provisional agreement reached is now subject to approval by the Council and the European Parliament before going through the formal adoption procedure. Once DORA is adopted and passed into law by EU member states, the designated European Supervisory Authorities will develop technical standards for financial services institutions to comply with, whilst national competent authorities will oversee compliance and enforce the regulation as required. It is expected that the new rules will apply 24 months after they enter into force.
Authored by John Salmon.
Are you sure want to delete comment ?
Scan this QR Code to share this content