European Supervisory Authorities Publish Joint Response on Proposed EU Digital Operational Resilience Act02/09/2021The European Supervisory Authorities (the European Securities and Markets Authority, the European Banking Authority and the European Insurance and Occupational Pensions Authority) have published a letter to the European Parliament, the Council of the European Union and the European Commission, setting out responses to the proposed EU Digital Operational Resilience Act, a new piece of EU regulation on digital operational resilience for the financial sector. The European Commission first published the draft DORA in September 2020. It forms part of the European Commission's digital finance strategy, which aims to embrace digital finance for the benefit of consumers and businesses while ensuring digital transformation is soundly regulated. The DORA is particularly focused on combatting risks arising from information and communication technologies in order to protect operational resilience and the performance of the financial system.
In the letter, the ESAs state their support for greater oversight of critical third-party providers proposed under the DORA and for the proposed role of the ESAs in overseeing ICT risks that CTPPs may pose to EU financial entities. The ESAs propose the following to enhance their ability to carry out their oversight role:
- Streamlined and effective governance: the "Oversight Forum" proposed under the DORA should be composed of a joint-ESAs executive body with appropriate technical expertise;
- Coherence between oversight recommendations and follow-up: the ESAs should have greater involvement in enforcement of recommendations and recommendations should be made public;
- Adequate resources: the ESAs should have increased resources to carry out their new functions under the DORA;
- More proportionate DORA: the principle of proportionality should be more comprehensively included in the DORA to take account of the fact that it is wide-ranging and does not refer to sectoral legislation when defining in-scope financial entities.
View the ESAs' letter.
View details of the Commission's proposed Digital Operational Resilience Act.
Return to main website.TOPIC: FinTech
Financial Regulatory Developments Focus