Skip to main content

DORA Legislation

EU Legislation
Maltese Legislation
Return to main DORA page

DORA EU Legislation

Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (Digital and Operational Resilience Act’)
Regulatory Technical Standards
Regulatory Technical Standards (RTS) on ICT risk management framework and on simplified ICT risk management framework
RTS on criteria for the classification of ICT-related incidents
RTS to specify the policy on ICT services supporting critical or important functions provided by ICT third-party service providers (TPPs)
Implementing Technical Standards (ITS) to establish the templates for the register of information
RTS and ITS on the content, format, templates and timelines for reporting major ICT-related incidents and significant cyber threats
RTS on the harmonization of conditions enabling the conduct of the oversight activities
RTS specifying the criteria for determining the composition of the joint examination team (JET)
RTS on threat-led penetration testing (TLPT)
Joint Regulatory Technical Standards on subcontracting ICT services supporting critical or important functions

DORA Maltese Legislation

Malta Financial Services Authority Act (Digital Operational Resilience Act (DORA)) Regulations, 2024
Data Reporting Services (Amendment) Regulations, 2024

Stay updated with our latest insights

Explore Insights
Chain
Telecoms, Media & Technology

Malta’s Transposition of the NIS 2 Directive: S.L. 460.41

Following Malta’s Draft Order transposing the EU NIS 2 Directive, which closed for public consultation on 7 October 2024, as an EU Member State, Malta was obliged to transpose EU Directive 2022/2555 (‘NIS 2’) by 17 October 2024. The transposition was finally implemented on 8 April 2025 through Legal Notice 71 of 2025 which creates the Measures for a High Common Level of Cybersecurity across the European Union (Malta) Order, 2025 as Subsidiary Legislation 460.41 (S.L. 460.41). It should however be noted that at time of writing, S.L. 460.41 is not yet in force, though it is expected to come…
European Blockchain Sandbox
Telecoms, Media & Technology

European Blockchain Sandbox 3rd Cohort & Best Practices Webinar

The selection process for the third and final cohort of the European Blockchain Sandbox has been completed and the final twenty selected use cases have now been announced. Moreover, the European Blockchain Sandbox will soon be publishing the second cohort’s Best Practices Report which shall contain an overview of the regulatory best practices identified. The Report will be launched during a public webinar to be held on the 29th April 2025 at 14:00 CET, wherein the public is invited to ask any questions they may have regarding the Report. In conjunction, the award for the Most Innovative Regulator for the…
Rejected!
DORA

European Commission Rejects Draft Regulatory Technical Standards on ICT Subcontracting

The European Commission has communicated its rejection of the draft Regulatory Technical Standards (RTS) on subcontracting ICT services supporting critical or important functions supplementing the Digital Operational Resilience Act (DORA).  In its communication, the Commission held that the European Supervisory Authorities (ESAs) exceeded their mandate under Article 30(5) of DORA (which came into effect on 17 January 2025) by introducing requirements not specifically linked to the conditions for subcontracting in Article 5 of the RTS. The Commission has made it clear that Article 5 and the related recital 5 of the draft RTS must be omitted from the draft RTS…
EU AI Act
Telecoms, Media & Technology
EU AI Act: Banned AI Practices from 2 February 2025
Triangular Patterns
DORA
MFSA Issues Two Circulars on ICT Risk
St James Cavalier Web Dome
DORA
DORA is Now in Force: What’s Next?

Join our mailing list

Get in touch by sending us a message or by contacting us directly.