ESAs launch consultation on second batch of policy mandates under DORA
11 December 2023 Europe
Image: Looker_Studio
The European Supervisory Authorities (ESAs) have launched a public consultation on the second batch of policy mandates under the Digital Operational Resilience Act (DORA).
The ESA consists of the European Banking Authority, the European Insurance and Occupational Pensions Authority and the European Securities Markets Authority.
The consultation will run until 4 March 2024.
These policy mandates aim to ensure a consistent legal framework for companies dealing with cyber-attacks or threats to their ICT-related processes.
Introduced on 16 January 2023, DORA aims to tackle operational resiliency and enhance ICT management processes for financial institutions.
The regulation will apply to more than 20,000 EU regulated entities from 17 January 2025.
Through DORA, the ESAs are required to jointly develop 13 policy instruments, presented in two batches.
The second batch includes regulatory technical standards (RTS) around incident reporting, threat-led penetration testing and the subcontracting of important functions.
It also focuses on aggregated costs and losses from major incidents, and oversight cooperation between ESAs and competent authorities.
The ESAs expect to submit the draft technical standards to the European Commission and issue guidelines by 17 July 2024.
The ESA consists of the European Banking Authority, the European Insurance and Occupational Pensions Authority and the European Securities Markets Authority.
The consultation will run until 4 March 2024.
These policy mandates aim to ensure a consistent legal framework for companies dealing with cyber-attacks or threats to their ICT-related processes.
Introduced on 16 January 2023, DORA aims to tackle operational resiliency and enhance ICT management processes for financial institutions.
The regulation will apply to more than 20,000 EU regulated entities from 17 January 2025.
Through DORA, the ESAs are required to jointly develop 13 policy instruments, presented in two batches.
The second batch includes regulatory technical standards (RTS) around incident reporting, threat-led penetration testing and the subcontracting of important functions.
It also focuses on aggregated costs and losses from major incidents, and oversight cooperation between ESAs and competent authorities.
The ESAs expect to submit the draft technical standards to the European Commission and issue guidelines by 17 July 2024.
Next regulation article →
FINRA orders four firms to pay US$2.6 million for fully paid securities lending violations
FINRA orders four firms to pay US$2.6 million for fully paid securities lending violations
NO FEE, NO RISK
100% ON RETURNS If you invest in only one securities finance news source this year, make sure it is your free subscription to Securities Finance Times
100% ON RETURNS If you invest in only one securities finance news source this year, make sure it is your free subscription to Securities Finance Times