Financial Institutions and Markets

The three European Supervisory Authorities (ESAs) published, on January 17th, the first package of regulatory technical standards, with a view to implementing the provisions that reinforce the digital operational resilience framework in the European Union, established by the DORA Regulation (Regulation (EU) 2022/2554).

The First Package of Regulatory Instruments (RTS) encompasses the following matters:

• ICT risk management,
• the classification of serious cyber incidents as well as cyber threats considered to be significant,
• the policy on ICT services in support of critical functions provided by third parties,
• the Implementing Technical Standards (ITS), which set out the templates for recording information.

The RTS are available here and the First Package of Regulatory Instruments (RTS) is available here.