Skip to main content
Triangular Patterns
MFSA Issues Two Circulars on ICT Risk DORAFinTechTelecoms, Media & Technology

MFSA Issues Two Circulars on ICT Risk

On the 16th of January 2025, the MFSA published a circular on the register of information-reporting-timelines for MFSA-authorised persons. Subsequently, on the 17th of January 2025, the MFSA published another circular outlining several resources uploaded to its website to assist compliance with Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector (“DORA”). The circular issued on 16th of January 2025 focuses on the Register of Information required under Article 28(3) of DORA. This register mandates financial entities to document all contractual arrangements with ICT Third-Party Service Providers (“ICT TPPs”), ensuring transparency in…
Mamo TCV Advocates
20th January 2025
St James Cavalier Web Dome
DORA is Now in Force: What’s Next? DORAFinTechTelecoms, Media & Technology

DORA is Now in Force: What’s Next?

Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector (“DORA” or the “Act”) became enforceable as of 17th January 2025. DORA Resources As highlighted in various DORA insights by our Firm over the last few months (including a very useful overview of DORA itself), DORA represents a significant milestone in aligning the financial services sector with the EU’s digital finance strategy, offering a regulatory framework for operational resilience and ICT risk management. Designed to bolster operational resilience against increasingly sophisticated cyber threats, DORA ushers in a new era…
Key representing digital resilience
Status of DORA Regulatory Technical Standards (“RTS”) DORAFinTechTelecoms, Media & Technology

Status of DORA Regulatory Technical Standards (“RTS”)

Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector ( “DORA”) establishes the EU legislative framework for enhancing digital resilience within the EU’s financial industry. Enforcement commences on 17th January 2025 and the EU Commission is tasked with issuing Regulatory Technical Standards (“RTS”) which supplement DORA. The EU Commission publishes the RTS in the Official Journal as Commission Delegated Regulations, but they are largely based on the input of the European Supervisory Authorities (“ESA”) which comprise of ESMA, EBA and EIOPA. The draft RTS submitted to the European…