This article is translated automatically.

Article
Nov 26, 2024 2min

DORA Regulation: New mandatory requirements for cyber security from 17.01.2025

by Petra Klein
Share
Copied!
Save
Like
Regulatory
Abstract virtual coding illustration and world map on a modern furnished classroom background, international software development concept. Multiexposure

The deadline for implementing the DORA Regulation (Digital Operational Resilience Act) expires on 17.01.2025. Among other things, all permitted capital management companies and investment institutions are obliged to implement them. The main objective is to strengthen the digital resilience and cybersecurity of financial market participants and to ensure that companies are able to respond quickly and effectively to cyberattacks and IT disruptions.

However, this means that obliged entities will have to adapt to numerous new and complex requirements that go beyond the previous KAIT and BAIT standards. These include:

  • Governance of ICT third-party service providers: Agreement on stricter contractual requirements and conduct a regular risk assessment of key and critical ICT third-party service providers. Documentation and reporting to supervision upon request to ensure that ICT third-party service providers also comply with cybersecurity standards.
  • Reporting ICT-related incidents: Establishment of technical measures to detect and defend against cyber attacks. This includes technical monitoring, regular review and updating of security systems, the classification of incidents and the reporting of serious incidents to the relevant authorities.
  • ICT risk management framework: Implementation of ICT risk management, which includes the systematic identification, assessment, monitoring and management of risks arising from the use of information and communication technology (ICT) in order to strengthen operational resilience and effectively counter cyber threats.

The DORA Regulation is an important step towards a safer and more resilient digital future for the financial sector. However, it requires great efforts to comply with the many new regulations and ensure digital security, as in many cases internal structures, processes and IT systems have to be fundamentally revised to meet the new requirements.

Those who do not take these requirements seriously risk not only fines, but also massive reputational and financial consequences in the event of a cyberattack.

Regulatory
Teilen
Copied!

Related posts
Article

Sustainable logistics halls: The path to environmentally and socially responsible construction

37% of global CO2 emissions are related to energy and operational processes in the construction sector. Solutions for a change of perspective using the example of logistics real estate.

CasesReal EstateRegulatory
office buildings at Canary Wharf
Article

ELTIF-VO update paves the way for new mutual fund product

Following the moderate success of the ELTIF so far, the regulation has been comprehensively revised. This article presents exactly what ELTIFs are, whether ELTIFs are open-ended or closed-end funds and what significant new opportunities there are for retail AIFs.

Private EquityReal EstateRegulatory
Free word on a mouse trap isolated on white background.
Article Comment

Beware of tax traps

The fact that the customs authorities – the "weapon-carrying troop of the tax administration", so to speak – stood at the door of some companies unannounced in the run-up to Christmas must have caused some red-hot faces.

CasesEnergyInfrastructurePrivate DebtPrivate EquityReal EstateRegulatory
Comment

Infrastructure investments: More leeway through new AnlV quota

Until now, infrastructure investments – depending on the structure – had to be offset against other mix ratios, such as the venture capital or real estate quota. The recently introduced 5% infrastructure quota in the German Investment Ordinance (AnlV) creates new investment opportunities for institutional investors.

EnergyInfrastructureRegulatory
Article

Update of the Interpretation and Application Notes on the Money Laundering Act as of 01.02.2025

In November 2024, BaFin published an updated version of its Interpretation and Application Notes on the Money Laundering Act. With the update, BaFin has made several cosmetic adjustments, but also some content adjustments.

Regulatory
© Osborne Clarke
Article

Solar Package I – Use of PV Power Generated Near Buildings

What possibilities for tenant electricity, community building supply and "balcony power plants" do the regulations of the Solar Package I offer?

EnergyReal EstateRegulatory
ESG or ESE with G?
Article

Sustainability Management: “ESE with G” instead of ESG

Thinking of sustainability management as ESE with G instead of the narrower, but more widely used, ESG makes a big difference.

CasesRegulatory
Ausblick 2025
Article Comment

Tax changes 2024 / 2025 for the real estate industry

What tax changes will the real estate industry face? This article gives you an overview of the planned changes and options for action at the end of the year.

Real EstateRegulatory
Tax
Article

Tax sells!? – Efficiently manage tax risks in investments and reduce liability

Good planning is already "half the battle" when it comes to tax risks: Taxes are tricky because, in addition to financial risks due to unplanned liquidity outflows, they very quickly entail reputational risks and criminal risks.

DealsEnergyInfrastructureMarketsPrivate DebtPrivate EquityReal EstateRegulatory
Photovoltaik: Soltage Project at 200 Iron Horse Park
Article

US Election: Potential Regulatory Risks and Opportunities for Energy Infrastructure

The presidential election has repercussions for every sector of the world's largest economy and could create significant change depending on whether Donald Trump or Kamala Harris are elected to the White House. Potential impact to the energy infrastructure sector has come into focus during the presidential campaign after historic levels of investment under the Biden administration.

EnergyInfrastructureRegulatory
Article

Digitization in condominiums: The new law on virtual meetings

Change in the law: In the future, owners' meetings may also be held purely online if this is decided in the condominium owners' association with three quarters of the votes cast.

Real EstateRegulatory
Biomassekraftwerk
Article

Security of Supply & Energy Independence – Status Quo “Renewable Gas Act” in Austria

In Austria, the EGG - Renewable Gas Act - was seen as a beacon of hope for the expansion of green gas generation from ...

EnergyInfrastructureMarketsRegulatory
/

#Newsletter: Stay up to date!

Sign up for our newsletter and receive regular updates on the latest topics.

Register now