News & Analysis as of

European Union Digital Operational Resilience Act (DORA)

The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of... more +
The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of WWII. The EU maintains a common currency as well as several intranational institutions, including the European Parliament and the European Commission. less -
A&O Shearman

Regulatory Monitoring - August 2025

A&O Shearman on

Our monthly regulatory newsletter monitors all relevant developments regarding German and European regulatory law in English language. BMF: Draft bill for the Banking Directive Implementation and Bureaucracy Relief Act...more

Morgan Lewis - Tech & Sourcing

EBA Proposes Extending Outsourcing Requirements to All Third-Party Arrangements

Morgan Lewis - Tech & Sourcing on

The European Banking Authority (EBA) recently published a consultation paper (Consultation) that proposes to expand third-party risk management requirements for certain EU-regulated financial entities. The Consultation would...more

A&O Shearman

EBA Publishes New Q&A in Relation to DORA

A&O Shearman on

The European Banking Authority (EBA) published single rulebook Q&A relating to the Digital Operational Resilience Act (DORA). The answers to the questions were given by the joint European Supervisory Authorities....more

A&O Shearman

EBA Consults on Revised Guidelines on Internal Governance Under CRD VI

A&O Shearman on

The European Banking Authority (EBA) launched a consultation on proposed revisions to its guidelines on internal governance under the Capital Requirements Directive (CRD). The revisions form part of the EBA's broader roadmap...more

Katten Muchin Rosenman LLP

ESAs Publish Guide on Oversight of Critical ICT Third-Party Service Providers under DORA

Katten Muchin Rosenman LLP on

The European Supervisory Authorities (ESAs) recently published a comprehensive guide (Guide) on the oversight of critical information and communications technology (ICT) third-party service providers (CTPPs) under the EU...more

McDermott Will & Schulte

Europe’s Cybersecurity Puzzle: NIS2 Progress in 30 Pieces

McDermott Will & Schulte on

As cybersecurity rises to the top of the corporate agenda, businesses face growing pressure to comply with the EU’s evolving regulatory landscape. Whether your company falls directly under EU cybersecurity laws or is...more

A&O Shearman

ECB publishes final guide on outsourcing cloud services

A&O Shearman on

The European Central Bank (ECB) has published its final guide on outsourcing cloud services, following from a July 2024 consultation. Feedback on the consultation is set out in an accompanying feedback statement. The guide...more

Morrison & Foerster LLP

European Digital Compliance: Key Digital Regulation & Compliance Developments - August 2025

Morrison & Foerster LLP on

To help organizations stay on top of the main developments in European digital compliance, Morrison Foerster’s European Digital Regulatory Compliance team reports on some of the main topical digital regulatory and compliance...more

A&O Shearman

ESAs publish joint guide on oversight of critical third-party providers under DORA

A&O Shearman on

The European Supervisory Authorities (European Banking Authority, European Insurance Occupational Pensions Authority, and European Securities and Markets Authority) have published a joint guide detailing their oversight...more

Katten Muchin Rosenman LLP

Privacy, Data and Cybersecurity Quick Clicks | Issue 31

Katten Muchin Rosenman LLP on

Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more

Jones Day

EU Standards for Threat-Led Penetration Testing: New Cyber Compliance Imperatives for Financial Institutions

Jones Day on

The EU has introduced Delegated Regulation (EU) 2025/1190, establishing the first harmonized standards for threat-led penetration testing ("TLPT") across the financial sector. The regulation aims to strengthen the cyber...more

Pillsbury Winthrop Shaw Pittman LLP

DORA Now Fully in Effect: Financial Entities and Their Service Providers Reach Critical Milestone

Pillsbury Winthrop Shaw Pittman LLP on

With DORA in effect and the European Banking Authority’s updated guidelines for non-ICT services under consultation, financial entities must consider their approach to third-party risk management. After DORA became effective...more

Skadden, Arps, Slate, Meagher & Flom LLP

The Last Piece of DORA Falls Into Place: 10 Lessons From the First Six Months

Skadden, Arps, Slate, Meagher & Flom LLP on

- What is new: The EU’s Delegated Regulation on Subcontracting has come into force, completing the legal framework of the Digital Operational Resilience Act (DORA). Attention will now turn to enforcement. - Why it matters:...more

A&O Shearman

ESMA revises cloud outsourcing guidelines to align with DORA

A&O Shearman on

The European Securities and Markets Authority (ESMA) has published its final report, updating the 2021 guidelines on outsourcing to cloud service providers in line with the Digital Operational Resilience Act (DORA). The 2021...more

A&O Shearman

EBA consults on draft guidelines for third-party risk management for non-ICT related services

A&O Shearman on

The European Banking Authority (EBA) has published a consultation paper on its draft guidelines for managing third-party risk with regards to non-ICT related services. The guidelines will revise and update its prior 2019...more

A&O Shearman

EU RTS on subcontracting ICT services supporting critical or important functions under DORA published in OJ

A&O Shearman on

Commission Delegated Regulation (EU) 2025/532 has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to regulatory...more

Hogan Lovells

The EU Digital Operational Resilience Act (DORA): top 7 challenges for IT vendors

Hogan Lovells on

The Digital Operational Resilience Act ("DORA") is the EU's latest legislative effort to enhance digital operational resilience across the financial sector through a harmonised set of rules for managing information and...more

Katten Muchin Rosenman LLP

DORA Delegated Regulation on Threat-Led Penetration Testing Published in Official Journal

Katten Muchin Rosenman LLP on

The Delegated Regulation, which contains regulatory technical standards (RTS) on threat-led penetration testing (TLPT) requirements under the EU Digital Operational Resilience Act (DORA), was recently published in the...more

A&O Shearman

EU Delegated Regulation on threat-led penetration testing published in OJ

A&O Shearman on

Commission Delegated Regulation (EU) 2025/1190 of 13 February has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to...more

Barnea Jaffa Lande & Co.

DORA for Tech Vendors - What You Should Know (But Haven’t Asked)

Barnea Jaffa Lande & Co. on

DORA (Digital Operational Resilience Act) is an EU regulation that sets rules for how financial entities manage ICT (Information and Communication Technology) risks. It covers areas like cyber resilience, incident reporting,...more

A&O Shearman

Corrigendum to Commission Delegated Regulation on RTS on risk management tools under DORA published in OJ

A&O Shearman on

A corrigendum to Commission Delegated Regulation (EU) 2024/1774, which supplements the Regulation on digital operational resilience for the financial sector (DORA), was published in the Official Journal of the European Union...more

DLA Piper

Navigating The EU’s New Digital Regulatory Landscape: What Data Centre Operators and Investors Need to Know

DLA Piper on

The European Union has ushered in a new era of digital regulation that will significantly impact the data centre industry. With the introduction of the EU Artificial Intelligence Act, the new Network and Information Systems...more

A&O Shearman

ECON draft report on impact of AI

A&O Shearman on

The European Parliament's Committee on Economic and Monetary Affairs (ECON) has released a draft report (dated 14 May) and motion for a European Parliament resolution on the impact of artificial intelligence (AI) on the...more

Morrison & Foerster LLP

European Digital Compliance: Key Digital Regulation & Compliance Developments - May 9, 2025

Morrison & Foerster LLP on

To help organizations stay on top of the main developments in European digital compliance, Morrison Foerster’s European Digital Regulatory Compliance team reports on some of the main topical digital regulatory and compliance...more

A&O Shearman

Operational resilience in banking: from regulatory compliance to strategic priority

A&O Shearman on

As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more

90 Results
 / 
View per page
Page: of 4
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide