DORA: deal secures a flexible, proportional and future-proof cybersecurity regulation for EU´s financial sector

The Renew Europe Group in the European Parliament welcomes today’s interinstitutional agreement on the Digital Operational Resilience Act (DORA), which seeks to bolster and protect the EU’s financial sector from cyber-attacks and other potential risks it faces due to the ever increasing interaction between it and the Information and Communication Technology (ICT) sector.

Our political Group worked hard during the negotiation process to achieve the implementation of robust ICT risk management, testing and reporting requirements while at the same time future proofing the legislation, adhering to the principle of proportionality and protecting competition.

Likewise, one of Renew Europe’s priorities was to introduce enough flexibility to the oversight framework in order to ensure that the EU remains an attractive jurisdiction for companies to invest it, and that innovation is fostered and promoted. We ensured a differentiated approach to the regulation of small, micro and interconnected entities versus large multinational financial and IT companies.

The final agreement is an important milestone in our campaign to drive the digital competitiveness of the EU’s financial sector while also protecting financial stability and enhancing consumer protection.

MEP Billy Kelleher (Fianna Fáil, Ireland), Renew Europe Group’s rapporteur on DORA, said:

“Today’s provisional political agreement on the Digital Operational Resilience ACT (DORA) is a key step in building up the EU’s cyber resilience at the point where financial services and ICT interact. We arrived at a strong, progressive, yet future proofed compromise - a compromise that will protect these crucial sectors in our economy from cyber threats, yet at the same time, will allow EU companies to compete on a global stage.”