EU CELLAR6 May 2026
CELEX:32024R1348R(03)This is a corrigendum to the Digital Operational Resilience Act (DORA) Delegated Regulation 2024/1348, published on 6 May 2026. It corrects technical errors in the original text, specifically in…
DORAEBA23 Feb 2026
The EBA publishes follow-up Report on ICT risk assessment under the Supervisory Review and Evaluation Process
Digital Operational Resilience Act. Sourced from EBA, summarised by Matproof.
AI Analysis
What changed and what to do.
The European Banking Authority (EBA) has published a follow-up report on integrating Information and Communication Technology (ICT) risk into the Supervisory Review and Evaluation Process (SREP). This report provides updated guidance for supervisors on assessing ICT risks and digital operational resilience within financial institutions, aligning with the requirements of the Digital Operational Resilience Act (DORA).
The guidance directly affects all financial entities within the scope of DORA, including credit institutions, investment firms, payment institutions, and crypto-asset service providers. It is particularly relevant for entities subject to the SREP framework, as national supervisors will use this guidance in their evaluations.
Compliance teams should immediately review this new EBA report to understand the updated supervisory expectations for ICT risk. They must then conduct a gap analysis against their current ICT risk management, governance, and resilience frameworks to ensure alignment. Proactive engagement with internal audit and risk management functions is essential to prepare for enhanced supervisory scrutiny in upcoming SREP cycles.
This summary is AI-generated for orientation purposes. For regulatory action, always consult the original source linked above.
More DORA updates
Latest in Digital Operational Resilience Act.
EU CELLAR5 May 2026
CELEX:32024R2952R(02)This is a corrigendum to the Digital Operational Resilience Act (DORA), specifically correcting a technical error in the original Regulation 2024/2952. The correction addresses a misalignment in the…
EU CELLAR5 May 2026
CELEX:32024R3005R(01)On 5 May 2026, the European Commission published a corrigendum to the Digital Operational Resilience Act (DORA), formally referenced as CELEX:32024R3005R(01). This correction addresses technical…
EU CELLAR4 May 2026
CELEX:32024R1689R(04)This is a corrigendum to the Digital Operational Resilience Act (DORA), specifically correcting errors in the original text of Regulation (EU) 2024/1689. The corrections address technical…
Map this to your controls
Connect regulatory changes to your compliance work.
Matproof maps every regulator update directly to your controls and surfaces the ones that affect your organisation — across 21 frameworks.