EU Approves Tougher Cybersecurity Rules for Financial Firms

By  |  November 10, 2022
 | 
European Union

Lawmakers in Europe have voted to finalize legislation that places tougher cybersecurity rules on financial firms.

The European Commission voted 612-18 to adopt the Digital Operational Resilience Act (DORA), CoinDesk reported Thursday (Nov. 10).

DORA is “a cornerstone of our work on digital finance in the European Union, making sure that we support innovation and do it in a safe way,” European Commissioner Mairead McGuinness said during a debate on the law, per CoinDesk. “Protecting the financial system from cyberattacks and cyber fraud is vital.”

First proposed in 2020, and tentatively adopted in May, DORA establishes uniform security requirements for financial sector firms’ network and information systems, as well as critical third parties that provide information and communications technology (ICT) services.

As PYMNTS reported earlier this year, this means that cloud platforms like Google, Microsoft, and Amazon will need to comply with this bill.

In addition, DORA creates a regulatory framework for digital operational resilience, requiring that companies ensure they can withstand, respond to and recover from all types of information and communications technology (ICT)-related disruptions and threats. The primary goal is to prevent and mitigate cyberthreats.

The legislation applies to banks and payment firms as well as cryptocurrency companies, which are set to be regulated under a sister law, the Markets in Crypto Assets Regulation (MiCA).

Both MiCA and DORA are expected to go into effect in 2023, with a vote on MiCA coming sometime in the months ahead.

Lawmakers had been set to vote on it in December but postponed that matter last week due to the complexity and text of the bill. Assuming MiCA is finalized, the European Banking Authority has said it expects businesses to have complied with the requirements of both new laws by the start of 2025.

In an interview with PYMNTS published Thursday (Nov. 10), Chainalysis Director of Regulation and Compliance Caitlin Barnett said that one of the biggest challenges for regulators is that crypto and blockchain are developing so quickly that it’s difficult for regulators to keep up.

For all PYMNTS EMEA and crypto coverage, subscribe to the daily EMEA and Crypto Newsletters.

Recommended

Can Plummeting Turkey Prices Fatten up Sales for Thanksgiving Brands?
Yedpay and Mastercard Introduce ‘One Touch’ Payment Solution
Spendesk Integrates With TravelPerk to Streamline Business Travel
Nearly 35% of Hotel Guests Prompted to Tip Amid Shifting Gratuity Norms
See More In: , , , , , , , , , , , ,