The future of finance is digital. The increased reliance on technology in finance heightens the vulnerability of ICT systems and worsens the impact of a potential cyberattack. To this end, the European Commission (the Commission) proposed a regulation on digital operational resilience for the financial sector (DORA), on 24 September 2020.
ICT requirements in the financial sector are not entirely new, but DORA offers a higher level of harmonisation of ICT requirements (in particular by consolidating in one text the requirements applicable to all actors of the financial sector in the wider sense) and, to a certain extent, a higher level of regulatory intrusion than the currently existing requirements.
In this article we set out: (i) why supervisory authorities stress the importance of cyber security in the financial sector, (ii) current ICT requirements, (iii) the DORA requirements, and (iv) how your organisation can prepare for DORA.
Increased regulatory attention to cyber risks in the financial sector
The necessity of digital operational resilience in the financial sector is highlighted by the fact that the financial sector has been in the top three sectors with the most…
