Within ten days, the DORA regulation will be applied in the European Union. This new text has the sole objective of standardizing the digital protection of different financial players on the continent.
DORA: new regulation for the financial sector in the European Union
The Financial Markets Authority (AMF) has published a thematic file to support the implementation of the DORA (Digital Operational Resilience Act) regulation. This European text, which will enter into force on January 17, 2025, aims to strengthen the digital operational resilience of financial players in the face of technological and cyber risks.
The regulation imposes obligations on companies regarding the management of risks linked to information technology. Key measures include assessing cyber threats, establishing continuity plans and mandatory notification of major incidents.
Coming from a series of measures on digital finance in the European Union, the DORA regulation establishes a common framework for the management of risks linked to information and communication technologies (ICT). It defines rules for cyber security and IT risk management for a large number of financial entities.
This framework concerns the majority of financial entities, which are listed in Article 2 of the regulation.
The regulation notably includes provisions requiring financial entities to:
- the implementation of an ICT risk management framework of which cyber risk is part
- notification of major ICT-related incidents to the competent authorities
- carrying out digital operational resilience tests
- risk management linked to the use of third-party ICT service providers, including in particular new requirements at the contractual level as well as the maintenance of an information register of contractual agreements concluded with these providers
- voluntary sharing of operational information relating to cyber threats and vulnerabilities between financial sector players
The AMF supports stakeholders in this transition by explaining the requirements of the regulation and providing concrete recommendations. This file details the responsibilities of companies, particularly in terms of governance, monitoring and coordination with third-party providers.
By publishing this guide, the AMF wishes to help companies anticipate these developments and prepare to respond effectively to the challenges posed by the digital transformation of the financial sector. In an increasingly digital world, it is vital to anticipate potential future problems.
The year 2025 marks an important turning point for consumers, with the obligation for all establishments to offer free instant transfers in the European Union. No more extra fees for immediate money transfers. In addition, Wero, a new European competitor to Apple Pay, appears on the market.
