Digital Operational Resilience Act. Sourced from EBA, summarised by Matproof.
AI Analysis
The European Banking Authority (EBA) has published a follow-up report on integrating Information and Communication Technology (ICT) risk into the Supervisory Review and Evaluation Process (SREP). This report provides updated guidance for supervisors on assessing ICT risks and digital operational resilience within financial institutions, aligning with the requirements of the Digital Operational Resilience Act (DORA).
The guidance directly affects all financial entities within the scope of DORA, including credit institutions, investment firms, payment institutions, and crypto-asset service providers. It is particularly relevant for entities subject to the SREP framework, as national supervisors will use this guidance in their evaluations.
Compliance teams should immediately review this new EBA report to understand the updated supervisory expectations for ICT risk. They must then conduct a gap analysis against their current ICT risk management, governance, and resilience frameworks to ensure alignment. Proactive engagement with internal audit and risk management functions is essential to prepare for enhanced supervisory scrutiny in upcoming SREP cycles.
This summary is AI-generated for orientation purposes. For regulatory action, always consult the original source linked above.
More DORA updates
This publication is a theoretical computer science paper exploring the mathematical limits of quantum pseudorandomness, not a regulatory change to the Digital Operational Resilience Act (DORA). It…
Map this to your controls
Matproof maps every regulator update directly to your controls and surfaces the ones that affect your organisation — across 21 frameworks.