Search
10 results
Responses to public consultations on DORA (2nd batch)
EBA innovation monitoring 2025
EBA 2025 innovation monitoring report – analyses adoption of AI, cloud computing, digital wallets, and crypto-assets in EU banking, assesses risks, and outlines supervisory expectations under DORA to ensure secure and competitive financial innovation.
AI Act: implications for the EU banking and payments sector
EBA analysis on the EU AI Act’s implications for banking and payments, assessing alignment with sectoral laws like CRD, CRR, and DORA, focusing on high-risk AI uses such as creditworthiness assessment and supervisory cooperation requirements by 2025-2027.
Presentation – workshop on exercise tools 10 June 2024
EBA, EIOPA, and ESMA workshop on 10 June 2024 presenting DORA dry run tools for financial entities, covering data collection templates, file preparation, and reporting guidance for registers of information.
2025 Joint ESA stocktaking of BigTechs’ direct financial services activities in the EU
European Supervisory Authorities (ESAs) 2025 report analyzing BigTechs' direct financial services in the EU, including payment services, e-money issuance, and insurance intermediation by 11 of 13 major tech groups, assessing licensing, PSD2 exclusions, and cross-border supervisory coordination under DORA and DMA frameworks.
The ESAs announce timeline to collect information for the designation of critical ICT third-party service providers under the Digital Operational Resilience Act
The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) published today a Decision on the information that competent authorities must report to them for the designation of critical ICT third-party service providers under the Digital Operational Resilience Act (DORA). In particular, the Decision requires competent authorities to report by 30 April 2025 the registers of information on contractual arrangements of the financial entities with ICT third-party service providers.
ESAs establish framework to strengthen coordination in case of systemic cyber incidents
The three European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) will establish the EU systemic cyber incident coordination framework (EU-SCICF), in the context of the Digital Operational Resilience Act (DORA), that will facilitate an effective financial sector response to a cyber incident that poses a risk to financial stability, by strengthening the coordination among financial authorities and other relevant bodies in the European Union, as well as with key actors at international level.
ESAs launch discussion on criteria for critical ICT third-party service providers and oversight fees
The European Supervisory Authorities (EBA, EIOPA and ESMA - ESAs) today published a joint Discussion Paper seeking stakeholders’ input on aspects of the Digital Operational Resilience Act (DORA). This Discussion Paper follows the European Commission’s request for technical advice on the criteria for critical ICT third-party providers (CTPPs) and the oversight fees to be levied on them. Interested stakeholders are invited to provide their input by 23 June 2023.
ESAs and ENISA sign a Memorandum of Understanding to strengthen cooperation and information exchange
The European Supervisory Authorities (EBA, EIOPA, and ESMA - the ESAs) today announced that they have concluded a multilateral Memorandum of Understanding (MoU) to strengthen cooperation and information exchange with the European Union Agency for Cybersecurity (ENISA).