On 17 July 2024, the three European Supervisory Authorities (ESAs) (the European Banking Authority – EBA, European Insurance and Occupational Pensions Authority – EIOPA and European Securities and Markets Authority – ESMA) announced that they will establish the EU-SCICF in the context of DORA. The related factsheet indicates that the EU-SCICF will aim at facilitating an effective financial sector response to a cyber incident posing a risk to financial stability by strengthening the coordination among financial authorities and other relevant bodies in the EU and with key international actors. Over the coming months, the ESAs will kickstart the framework’s implementation by setting up the EU-SCICF Secretariat, the EU-SCICF Forum, and the EU-SCICF Crisis Coordination. The ESAs will identify legal and other operational obstacles encountered during the initial set-up and report them to the European Commission. The press release explains that the further development of the framework will be subject to the availability of resources and other measures taken by the Commission.
Related Posts
ESAs publication of the Joint Final Report on the draft Regulatory Technical Standards (RTS) to specify the elements that a financial entity needs to determine and assess when subcontracting information and communication technology (ICT) services supporting critical or important functions as mandated under Regulation 2022/2554/EU (DORA), 26 July 2024
EBA publication of the Final Report on the Final Draft ITS amending Commission Implementing Regulation 2021/451/EU on supervisory reporting mentioned in Art. 430(7) of Regulation 575/2013/EU (CRR) concerning output floor, credit risk, market risk, operational risk, crypto assets and leverage ratio, 9 July 2024
Publication of the European Commission Delegated Regulation 2024/1774/EU supplementing Regulation 2022/2554/EU (DORA) with regard to RTS specifying ICT risk management tools, methods, processes and policies and the simplified ICT risk management framework in the Official Journal of the European Union, 25 June 2024
Publication of the European Commission Delegated Regulation 2024/1773/EU supplementing Regulation 2022/2554/EU (DORA) with regard to RTS specifying the detailed content of the policy regarding contractual arrangements on the use of ICT services supporting critical or important functions provided by ICT third-party service providers in the Official Journal of the European Union, 25 June 2024
Publication of the European Commission Delegated Regulation 2024/1772/EU supplementing Regulation 2022/2554/EU (DORA) with regard to RTS specifying the criteria for the classification of ICT-related incidents and cyber threats, setting out materiality thresholds and specifying the details of reports of major incidents in the Official Journal of the European Union, 25 June 2024