As of 17 January 2025, Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022, on the operational digital resilience of the financial sector (DORA) will apply.
Generally, DORA will affect every financial market participant, i.e. banks, investment entities, management companies, digital asset providers, insurance companies and others. The new legislation provides for the modernisation of existing rules and the introduction of new requirements to better assess the effectiveness of prevention and resilience measures and identify vulnerabilities on cyber security. DORA also stimulates the exchange of information on cyber threats, enabling more effective oversight of external ICT service providers and better risk management.
If you have any questions, please contact Iga Wójcik (iwojcik@cmwlegal.pl).