EBA amendment of its Guidelines on ICT and security risk management measures under DORA, 11 February 2025

2149250224

On the 11^th of February 2025, the European Banking Authority amended its Guidelines on ICT and security risk management in light of the application of harmonised ICT risk management requirements under Regulation 2022/2554/EU (DORA). In particular, the EBA narrowed down the entity scope of the Guidelines to only those which are covered by DORA (credit institutions, payment institutions, account information service providers, exempted payment institutions and exempted e-money institutions), as well as the scope of the Guidelines to the requirements on relationship management of the payment service users in relation to the provision of payment services. Security and operational risk management requirements under Directive 2015/2366/EU (PSD2) continue to apply to other types of payment service providers not covered by DORA, such as post-office giro institutions and credit unions.

The Guidelines will be translated into the EU official languages and published on the EBA website together with a consolidated version. Competent authorities must report whether they comply with the guidelines within two months from the date of publication of the translations.

bcwg-admin2025-02-14T17:25:45+01:00

Related Posts

EIOPA publication of its Technical Advice on standard formula capital requirements for investments in crypto-assets, 27 March 2025

EIOPA publication of its Technical Advice on standard formula capital requirements for investments in crypto-assets, 27 March 2025

EIOPA publication of its Technical Advice on standard formula capital requirements for investments in crypto-assets, 27 March 2025

March 27th, 2025

EBA publication of its biennial Consumer Trends Report for 2024/25, 26 March 2025

EBA publication of its biennial Consumer Trends Report for 2024/25, 26 March 2025

EBA publication of its biennial Consumer Trends Report for 2024/25, 26 March 2025

March 26th, 2025

ESMA publication of its Guidelines on the conditions and criteria for the qualification of crypto-assets as financial instruments under MiCAR, 19 March 2025

ESMA publication of its Guidelines on the conditions and criteria for the qualification of crypto-assets as financial instruments under MiCAR, 19 March 2025

ESMA publication of its Guidelines on the conditions and criteria for the qualification of crypto-assets as financial instruments under MiCAR, 19 March 2025

March 19th, 2025

ESAs publication of their Opinion on European Commission’s rejection of the draft RTS on subcontracting under DORA, 7 March 2025

ESAs publication of their Opinion on European Commission’s rejection of the draft RTS on subcontracting under DORA, 7 March 2025

ESAs publication of their Opinion on European Commission’s rejection of the draft RTS on subcontracting under DORA, 7 March 2025

March 7th, 2025

EBA launch of its public consultation on four draft RTS related to the AML/CFT package, 6 March 2025

EBA launch of its public consultation on four draft RTS related to the AML/CFT package, 6 March 2025

EBA launch of its public consultation on four draft RTS related to the AML/CFT package, 6 March 2025

March 6th, 2025

EBA publication of its Opinion in response to the European Commission’s proposed amendments to its draft RTS on the authorisation for ART issuers under MiCAR, 27 February 2025

EBA publication of its Opinion in response to the European Commission’s proposed amendments to its draft RTS on the authorisation for ART issuers under MiCAR, 27 February 2025

EBA publication of its Opinion in response to the European Commission’s proposed amendments to its draft RTS on the authorisation for ART issuers under MiCAR, 27 February 2025

February 27th, 2025

ESAs publication of their roadmap towards the designation of CTPPs under DORA, 18 February 2025

ESAs publication of their roadmap towards the designation of CTPPs under DORA, 18 February 2025

ESAs publication of their roadmap towards the designation of CTPPs under DORA, 18 February 2025

February 18th, 2025

ESMA launch of its consultation on the criteria to assess the knowledge and competence of CASPs’ staff under MiCAR, 17 February 2025

ESMA launch of its consultation on the criteria to assess the knowledge and competence of CASPs’ staff under MiCAR, 17 February 2025

ESMA launch of its consultation on the criteria to assess the knowledge and competence of CASPs’ staff under MiCAR, 17 February 2025

February 17th, 2025

European Commission adoption of the Commission Delegated Regulation supplementing DORA with regard to RTS specifying elements related to threat-led penetration tests under Art. 26(11) of DORA, 13 February 2025

European Commission adoption of the Commission Delegated Regulation supplementing DORA with regard to RTS specifying elements related to threat-led penetration tests under Art. 26(11) of DORA, 13 February 2025

European Commission adoption of the Commission Delegated Regulation supplementing DORA with regard to RTS specifying elements related to threat-led penetration tests under Art. 26(11) of DORA, 13 February 2025

February 13th, 2025

EBA publication of its Opinion on the amendments proposed by the European Commission to the EBA draft RTS on conflicts of interest for issuers of ARTs under MiCAR, 5 February 2025

EBA publication of its Opinion on the amendments proposed by the European Commission to the EBA draft RTS on conflicts of interest for issuers of ARTs under MiCAR, 5 February 2025

EBA publication of its Opinion on the amendments proposed by the European Commission to the EBA draft RTS on conflicts of interest for issuers of ARTs under MiCAR, 5 February 2025

February 5th, 2025

ESMA publication of its supervisory briefing to provide guidance on MiCA best practices, 31 January 2025

ESMA publication of its supervisory briefing to provide guidance on MiCA best practices, 31 January 2025

ESMA publication of its supervisory briefing to provide guidance on MiCA best practices, 31 January 2025

January 31st, 2025

ESMA publication of its Opinion on the amendments to the draft RTS specifying certain requirements in relation to conflicts of interest for CASPs under MiCAR, 24 January 2025

ESMA publication of its Opinion on the amendments to the draft RTS specifying certain requirements in relation to conflicts of interest for CASPs under MiCAR, 24 January 2025

ESMA publication of its Opinion on the amendments to the draft RTS specifying certain requirements in relation to conflicts of interest for CASPs under MiCAR, 24 January 2025

January 24th, 2025

ESMA and European Commission publication of a statement and a Q&A providing guidance on non-MiCA compliant ARTs and EMTs under MiCAR, 17 January 2025

ESMA and European Commission publication of a statement and a Q&A providing guidance on non-MiCA compliant ARTs and EMTs under MiCAR, 17 January 2025

ESMA and European Commission publication of a statement and a Q&A providing guidance on non-MiCA compliant ARTs and EMTs under MiCAR, 17 January 2025

January 17th, 2025

EBA and ESMA publication of their Joint Report on recent developments in crypto-assets, 16 January 2025

EBA and ESMA publication of their Joint Report on recent developments in crypto-assets, 16 January 2025

EBA and ESMA publication of their Joint Report on recent developments in crypto-assets, 16 January 2025

January 16th, 2025

EBA launch of its public consultation on draft Guidelines on ESG scenario analysis, 16 January 2025

EBA launch of its public consultation on draft Guidelines on ESG scenario analysis, 16 January 2025

EBA launch of its public consultation on draft Guidelines on ESG scenario analysis, 16 January 2025

January 16th, 2025

EBA publication of its Consultation Paper on draft RTS on the prudential treatment of crypto-asset exposures under the CRR 3, 8 January 2025

EBA publication of its Consultation Paper on draft RTS on the prudential treatment of crypto-asset exposures under the CRR 3, 8 January 2025

EBA publication of its Consultation Paper on draft RTS on the prudential treatment of crypto-asset exposures under the CRR 3, 8 January 2025

January 8th, 2025

ESMA publication of its last package of Regulatory Technical Standards (RTS) and Guidelines before the full entry into application of MiCAR, 17 December 2024

ESMA publication of its last package of Regulatory Technical Standards (RTS) and Guidelines before the full entry into application of MiCAR, 17 December 2024

ESMA publication of its last package of Regulatory Technical Standards (RTS) and Guidelines before the full entry into application of MiCAR, 17 December 2024

December 17th, 2024

ESAs publication of their summary report on the 2024 Dry Run exercise on reporting the registers of information under DORA, 17 December 2024

ESAs publication of their summary report on the 2024 Dry Run exercise on reporting the registers of information under DORA, 17 December 2024

ESAs publication of their summary report on the 2024 Dry Run exercise on reporting the registers of information under DORA, 17 December 2024

December 17th, 2024

ESMA publication of its statement warning about crypto-assets’ risky nature, 13 December 2024

ESMA publication of its statement warning about crypto-assets’ risky nature, 13 December 2024

ESMA publication of its statement warning about crypto-assets’ risky nature, 13 December 2024

December 13th, 2024

EBA publication of its Report from its final round of reviews of competent authorities’ approaches to countering money laundering and terrorist financing (ML/TF) risks in the banking sector, 13 December 2024

EBA publication of its Report from its final round of reviews of competent authorities’ approaches to countering money laundering and terrorist financing (ML/TF) risks in the banking sector, 13 December 2024

EBA publication of its Report from its final round of reviews of competent authorities’ approaches to countering money laundering and terrorist financing (ML/TF) risks in the banking sector, 13 December 2024

December 13th, 2024