The European Banking Authority (EBA) published single rulebook Q&A relating to the Digital Operational Resilience Act (DORA). The answers to the questions were given by the joint European Supervisory Authorities....more
The European Supervisory Authorities (ESAs) recently published a comprehensive guide (Guide) on the oversight of critical information and communications technology (ICT) third-party service providers (CTPPs) under the EU...more
The Joint Committee of the European Supervisory Authorities (ESAs) has updated its consolidated Q&A on the EU packaged retail and insurance-based investment products (PRIIPs) key information document...more
The European Supervisory Authorities (ESAs) have published guidelines on: (i) a common approach for the regulatory classification of crypto-assets under the Markets in Crypto-asset Regulation (MiCAR); and (ii) templates for...more
The European Securities and Markets Authority (ESMA) issued a Consultation Paper on 13 February 2025 presenting a proposal for a simplified disclosure template for private securitisations. ESMA’s stated aim is to reduce...more
The European Supervisory Authorities (ESAs) have published joint guidelines on the system established by the for the exchange of information relevant to the assessment of the fitness and propriety in the official EU...more
The European Supervisory Authorities (“ESAs”) published a roadmap to designate critical ICT third-party service providers (“CTPPs”) under the Digital Operational Resilience Act (“DORA”). To designate an ICT third-party...more
The European Commission has published a letter (dated 21 January 2025) addressed to the Joint Committee of the European Supervisory Authorities (ESAs) rejecting certain draft regulatory technical standards (RTS) the ESAs...more
The European Commission (Commission) recently published a letter (Letter) that it sent to the European Supervisory Authorities (ESAs) rejecting certain draft regulatory technical standards (RTS) under the EU Digital...more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
1. Bank regulation - 1.1 PRUDENTIAL REGULATION - a) General - (i) International - FSB: Plenary December 2024 - Status: Final - The FSB has set out the outcomes of its Plenary that met on 3 and 4 December. Points of...more
The EU’s Digital Operational Resilience Act (DORA) becomes binding on 17 January 2025. As the compliance deadline approaches, EU financial regulators (ESAs) have issued a flurry of statements on the act, including: - An...more
The European Supervisory Authorities have published a summary report with the key findings from the 2024 Dry Run exercise on reporting the registers of information under DORA...more
The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more
1. Bank regulation - 1.1 PRUDENTIAL REGULATION - a) General - (i) Germany - BReg: Government draft on the Second Future Financing Act (Regierungsentwurf zum zweiten Zukunftsfinanzierungsgesetz) Status: Draft - The...more
The EU’s Digital Operational Resilience Act (DORA) comes into force from 17 January 2025. Under DORA, in-scope regulated financial services (FS) businesses operating in the EU (Firms) face new cybersecurity requirements and...more
The European Commission’s adoption on 23 October 2024 of the two regulations (Regulations) supplementing the [the Regulation on digital operational resilience for the financial sector Publications Office (europa.eu)] (DORA)...more
On 18 September 2024, the General Court of the European Union (General Court) largely upheld the fine imposed by the European Commission (Commission) finding that a global tech company had engaged in predatory pricing of its...more
The European Union (EU) Artificial Intelligence Act (AI Act), Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending...more
1. Bank regulation - 1.1 Prudential Regulation - (a) General - (i) International - BCBS: Consultation on report regarding various technical amendments and FAQs - Status: Consultation - Deadline for the submission of...more
With under six months to go until the European Union Digital Operational Resilience Act (DORA) becomes applicable on 17 January 2025, DORA implementation projects are running full steam ahead. DORA lays down uniform...more
The draft RTS also set out requirements regarding the implementation, monitoring, and management of contractual arrangements regarding the subcontracting conditions for the use of ICT services supporting critical or important...more
Beginning January 17, 2025, financial entities based in the European Union must have in place processes and policies, and mandatory contract provisions with their third-party technology vendors, that comply with the EU...more