News & Analysis as of July 24, 2025

Financial Institutions

+ Follow

The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of WWII. The EU maintains a common currency as well as several intranational institutions, including the European Parliament and the European Commission. less -

DORA Compliance Part 2: Addressing Compliance Across Critical Operational Areas

Integreon on 4/4/2025

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

ESAs roadmap for designation of critical ICT third-party service providers under DORA

A&O Shearman on 3/4/2025

The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more

European Central Bank updates TIBER-EU framework to align with DORA RTS on TLPT

A&O Shearman on 2/25/2025

The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more

European Banking Authority publishes amending guidelines on ICT and security risk management in the context of DORA

A&O Shearman on 2/25/2025

The European Banking Authority (EBA) has published a final report with amending guidelines in respect of Guidelines EBA/GL/2019/04 on ICT and security risk management. The EBA reviewed the Guidelines in light of the Digital...more

European Commission adopts Delegated Regulation on RTS on threat-led penetration testing under DORA

A&O Shearman on 2/24/2025

The European Commission (EC) has adopted a Commission Delegated Regulation supplementing the Digital Operational Resilience Act (DORA) with regard to RTS specifying the criteria used for identifying financial entities...more

DORA Now in Force in the EU

Cadwalader, Wickersham & Taft LLP on 1/24/2025

Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (“DORA”), which establishes a uniform set of requirements relating to the security of network and information systems supporting financial...more

Cybersecurity in the Financial Sector: EU’s Digital Operational Resilience Act Takes Effect

Mayer Brown on 1/20/2025

Beginning 17 January 2025, the Digital Operational Resilience Act (DORA) will apply to almost all EU financial entities, including banks, insurers and reinsurers, brokers , payment and electronic money institutions,...more

DORA: Navigating the New Era of Digital Operational Resilience in EU Financial Services

DLA Piper on 1/17/2025

It’s DORA day! The EU financial services sector has been anticipating today since the Digital Operational Resilience Act was published in December 2022. DORA brings a significant shift to the sector in terms of how financial...more

Navigating DORA: Key compliance steps from 17 January 2025

Walkers on 1/17/2025

DORA is now applicable, imposing requirements in respect of ICT risk management and digital operational resilience. Firms should be preparing their register of information ready for sharing with the CBI in April....more

EU Digital Operational Resilience Act Priorities for 2025

Faegre Drinker Biddle & Reath LLP on 1/14/2025

Background - The Digital Operational Resilience Act (DORA), a European Union (EU) regulation that is set to transform how financial entities and their information technology (IT) service providers manage operational risks,...more

Offensive Security Under the EU Digital Operational Resilience Act (DORA)

Venable LLP on 7/19/2024

The Digital Operational Resilience Act (DORA) regulation is part of the European Union’s (EU) strategy to enhance the overall stability of the EU financial system by ensuring that financial entities are resilient to digital...more

Cybersecurity: What to Watch for in 2024

Wilson Sonsini Goodrich & Rosati on 1/4/2024

In 2024, businesses will continue to face an evolving landscape of cyber threats, along with an increasingly complex regulatory environment. With heightened scrutiny from regulators, consumers, and investors, the need to...more

Upcoming EU Rules on Digital Operational Resilience

Pillsbury Winthrop Shaw Pittman LLP on 7/21/2023

There will be additional compliance obligations and mandatory contractual provisions introduced for financial entities and outsourced IT service providers. The new DORA seeks to strengthen the resilience of financial...more

Coalition of European Banks Calls for Model Cloud Services Terms

Morgan Lewis - Tech & Sourcing on 6/15/2021

The European Cloud User Coalition (ECUC) published a paper (the Position Paper) on May 17 recommending, among other matters, the adoption of “model clauses” for the long-term compliant use of cloud technologies....more

Model Terms Demanded for Cloud Service Agreements with European Banks

Jones Day on 6/3/2021

An interest group of EU banks that was formed to assist European financial institutions with their use of public cloud technology recently suggested model terms for the compliant use of cloud technology. On May 17, 2021,...more

In Principle - 10 Things Authorised Firms Need To Know For 2019

Akin Gump Strauss Hauer & Feld LLP on 1/31/2019

In the 2018 edition of this publication, we ended the introduction with the line, “We can only hope that we will enter 2019 with greater certainty than 2018 as to how the regulatory landscape will look.” Unfortunately,...more

Parallel Universe or Coincidence: The CFPB’s New Data Consumer Protection Principles’ Relationship to GDPR

Bradley Arant Boult Cummings LLP on 11/29/2017

On October 18, 2017, the Consumer Financial Protection Bureau (CFPB) outlined nine non-binding Consumer Protection Principles (the Principles) for the access and sharing of consumer information between third-party companies....more

The Digital Download - Alston & Bird’s Privacy & Data Security Newsletter – November 2016

Alston & Bird on 12/7/2016

Updates on the EU: German DPA Publishes First Privacy Shield Guidelines, Requires German-Law Contracts for Transfers. On June 7, 2016, the European Commission adopted the EU-U.S. Privacy Shield. One question that many...more

EBA Publishes Discussion Paper on Use of Consumer Data by Financial Institutions

Orrick - Finance 20/20 on 5/12/2016

On May 4, 2016, the EBA published a discussion paper on innovative uses of consumer data by financial institutions, in line with its mandate to monitor financial innovation. The EBA report notes that although general...more

Alphabet Soup and Data Security

Bilzin Sumberg on 10/19/2015

In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more

The Fourth European Union Anti-Money Laundering Directive and Its Effects on Financial Institutions Operating in the EU

Davis Wright Tremaine LLP on 8/26/2015

The Fourth European Union Anti-Money Laundering Directive (Fourth AML Directive), approved by the European Parliament on May 20, 2015, went into effect on June 25, 2015, repealing the 2005 Third AML Directive. Given the...more

21 Results

View per page

Page: of 1

European Union › Data Security › Financial Institutions

"My best business intelligence, in one easy email…"