Dr David Doyle will provide a broad overview of the critical legislative package associated with the Digital Operational Resilience Act (DORA) now in force, which is designed to addresses a key risk factor in the EU digital space: cyberattacks and ICT disruptions in the EU financial sector.
These risks remain a key concern for Europe’s bank and securities regulators for many years, notably the ECB, the EBA and ESMA.
DORA consolidates a patchwork of existing sectoral rules on ICT risk management, incident handling and resilience testing. Central to the thrust of DORA, is the explicit recognition on the reliance by financial services entities on third party ICT service providers. Oversight of 3rd party ICT service providers will fall to the ESA’s (EBA, ESMA and EIOPA).
Presentation Outline
– The shift from operational risk mainly with the allocation of capital to managing all components of operational resilience.
– The DORA rules for the protection, detection, containment, recovery and repair capabilities against ICT-related incidents.
– Identifying the DORA explicitly referenced ICT risks via new sets rules on ICT risk-management, incident reporting, operational resilience testing and ICT third-party risk monitoring.
Speaker
David Doyle | EU Policy Advisor