News & Analysis as of

European Union Cybersecurity Financial Services Industry

The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of... more +
The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of WWII. The EU maintains a common currency as well as several intranational institutions, including the European Parliament and the European Commission. less -
Katten Muchin Rosenman LLP

ESAs Publish Guide on Oversight of Critical ICT Third-Party Service Providers under DORA

Katten Muchin Rosenman LLP on

The European Supervisory Authorities (ESAs) recently published a comprehensive guide (Guide) on the oversight of critical information and communications technology (ICT) third-party service providers (CTPPs) under the EU...more

Jones Day

EU Standards for Threat-Led Penetration Testing: New Cyber Compliance Imperatives for Financial Institutions

Jones Day on

The EU has introduced Delegated Regulation (EU) 2025/1190, establishing the first harmonized standards for threat-led penetration testing ("TLPT") across the financial sector. The regulation aims to strengthen the cyber...more

A&O Shearman

Regulation (EU) 2025/1355 on oversight of systemically important payment systems published in OJ

A&O Shearman on

Regulation (EU) 2025/1355 of the European Central Bank (ECB) adopted on 2 July has been published in the Official Journal of the European Union. This Regulation recasts and replaces Regulation (EU) No 795/2014, updating the...more

Skadden, Arps, Slate, Meagher & Flom LLP

The Last Piece of DORA Falls Into Place: 10 Lessons From the First Six Months

Skadden, Arps, Slate, Meagher & Flom LLP on

- What is new: The EU’s Delegated Regulation on Subcontracting has come into force, completing the legal framework of the Digital Operational Resilience Act (DORA). Attention will now turn to enforcement. - Why it matters:...more

Mayer Brown

UK Weekly Sanctions Update - Week of July 14, 2025

Mayer Brown on

RUSSIA SANCTIONS - UK Lowers Oil Price Cap on Seaborn Russian Crude Oil, OFSI publishes related FAQs: On July 18, 2025, the UK Government, alongside the EU, announced that it will lower to Oil Price Cap on seaborne Russian...more

Hogan Lovells

The EU Digital Operational Resilience Act (DORA): top 7 challenges for IT vendors

Hogan Lovells on

The Digital Operational Resilience Act ("DORA") is the EU's latest legislative effort to enhance digital operational resilience across the financial sector through a harmonised set of rules for managing information and...more

A&O Shearman

EBA publishes spring 2025 risk assessment report

A&O Shearman on

The European Banking Authority (EBA) has published its spring 2025 risk assessment report alongside a press release, outlining key developments and emerging risks within the European Union/European Economic Area (EU/EEA). The...more

A&O Shearman

EU Delegated Regulation on threat-led penetration testing published in OJ

A&O Shearman on

Commission Delegated Regulation (EU) 2025/1190 of 13 February has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to...more

A&O Shearman

Operational resilience in banking: from regulatory compliance to strategic priority

A&O Shearman on

As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more

Integreon

DORA Compliance Part 1: Proactively Meeting DORA Supply Chain Resilience Obligations

Integreon on

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

Katten Muchin Rosenman LLP

Navigating DORA Compliance: Recent Developments

Katten Muchin Rosenman LLP on

The EU Digital Operational Resilience Act (DORA) took effect on 17 January 2025 after a two-year implementation period. DORA sets out new requirements for financial entities (FEs) and their information technology and...more

A&O Shearman

EU DORA technical standards published

A&O Shearman on

Two delegated acts were published in the Official Journal of the European Union (OJ) in respect of the EU Digital Operational Resilience Act (DORA). These are: - Commission Delegated Regulation (EU) 2025/301, which comprises...more

McDermott Will & Schulte

M&A in the EU market: Essential factors for investors to consider

McDermott Will & Schulte on

Investing in Europe: Is it a good time to do so? Opinions differ. The EU financial sector has experienced significant growth in recent years, driven by technological advancements and evolving consumer preferences, but there...more

A&O Shearman

European Central Bank updates TIBER-EU framework to align with DORA RTS on TLPT

A&O Shearman on

The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more

A&O Shearman

European Commission adopts Delegated Regulation on RTS on threat-led penetration testing under DORA

A&O Shearman on

The European Commission (EC) has adopted a Commission Delegated Regulation supplementing the Digital Operational Resilience Act (DORA) with regard to RTS specifying the criteria used for identifying financial entities...more

Hogan Lovells

European Supervisory Authorities published a roadmap to designate critical ICT third-party service providers under the Digital...

Hogan Lovells on

The European Supervisory Authorities (“ESAs”) published a roadmap to designate critical ICT third-party service providers (“CTPPs”) under the Digital Operational Resilience Act (“DORA”). To designate an ICT third-party...more

A&O Shearman

Global Foreign Exchange Committee publishes amended FX Global Code of Conduct

A&O Shearman on

The Global Foreign Exchange Committee (GFXC) has published the updated version of the FX Global Code of Conduct (dated December 2024), which supersedes the previous version (from July 2021). Updates have been made to...more

Katten Muchin Rosenman LLP

European Commission Clarifies Definition of “ICT Services” under DORA

Katten Muchin Rosenman LLP on

The European Insurance and Occupational Pensions Authority recently published the European Commission’s response (Q&A 2999) on the question of which services fall under the definition of “ICT services” under Article 3(21) of...more

Hogan Lovells

The European Commission rejects draft Regulatory Technical Standards on subcontracting under the Digital Operational Resilience...

Hogan Lovells on

What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more

BCLP

Cybersecurity Risks for Financial Services Firms: Proactive Strategies to Stay Ahead

BCLP on

The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more

Hogan Lovells

European Commission confirms that financial services are not ICT services for DORA purposes

Hogan Lovells on

Firms involved in implementing changes to comply with new rules under the EU Digital Operational Resilience Act (DORA) have questioned whether financial services provided by other regulated firms may fall within the...more

A&O Shearman

EU joint report on the feasibility for further centralization of reporting of major ICT-related incidents

A&O Shearman on

The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

The EU’s Digital Operational Resilience Act Comes Into Effect

Ogletree, Deakins, Nash, Smoak & Stewart,... on

The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more

Cadwalader, Wickersham & Taft LLP

DORA Now in Force in the EU

Cadwalader, Wickersham & Taft LLP on

Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (“DORA”), which establishes a uniform set of requirements relating to the security of network and information systems supporting financial...more

Katten Muchin Rosenman LLP

Privacy, Data and Cybersecurity Quick Clicks | Issue 25

Katten Muchin Rosenman LLP on

Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more

97 Results
 / 
View per page
Page: of 4
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide