The European Supervisory Authorities (“ESAs”) published a roadmap to designate critical ICT third-party service providers (“CTPPs”) under the Digital Operational Resilience Act (“DORA”). To designate an ICT third-party...more
The European Commission (Commission) recently published a letter (Letter) that it sent to the European Supervisory Authorities (ESAs) rejecting certain draft regulatory technical standards (RTS) under the EU Digital...more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
1. Bank regulation - 1.1 PRUDENTIAL REGULATION - a) General - (i) International - FSB: Plenary December 2024 - Status: Final - The FSB has set out the outcomes of its Plenary that met on 3 and 4 December. Points of...more
The EU’s Digital Operational Resilience Act (DORA) becomes binding on 17 January 2025. As the compliance deadline approaches, EU financial regulators (ESAs) have issued a flurry of statements on the act, including: - An...more
The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more
The EU’s Digital Operational Resilience Act (DORA) comes into force from 17 January 2025. Under DORA, in-scope regulated financial services (FS) businesses operating in the EU (Firms) face new cybersecurity requirements and...more
The Digital Operational Resilience Act (DORA) regulation is part of the European Union’s (EU) strategy to enhance the overall stability of the EU financial system by ensuring that financial entities are resilient to digital...more
The European Systemic Risk Board has published a report on cyber-security risk, which it has identified as a source of systemic risk to the global financial system. The report notes that the increased digitalization and...more
The Basel Committee on Banking Supervision has published a report on “open banking” and the use of application programming interfaces. The term “open banking” refers to the sharing and leveraging of customer-permissioned data...more
The Joint Committee of the European Supervisory Authorities has published its 2020 work program, outlining revisions to the Joint Committee’s scope of work and the matters it will focus on in 2020. The Joint Committee...more
The FSB is reviewing cloud provider concentration risk in the latest example of regulator concern over reliance on leading cloud providers by financial services institutions. The Financial Stability Board (FSB), an...more