DORA regulation outlining process for identifying critical ICT third-parties published
It implements the specific assessment approach to be used by supervisory authorities and outlines fees payable by vendors designated as critical.
The assessment is to be targeted at the individual or group level as appropriate with subcontractors also evaluated.
The assessment criteria include:
DORA regulation outlining process for identifying critical ICT third-parties published
It implements the specific assessment approach to be used by supervisory authorities and outlines fees payable by vendors designated as critical.
Thomas Hyrkiel2 min read
Your DORA questions answered – CIFs
This third of a series of six articles covering a practical session organised by Ashurst focuses on critical or important functions.
Thomas Hyrkiel4 min read
Managing vendors supporting critical or important functions - from zero to full compliance with DORA
A summary of key practical steps based on the draft technical standard.
Thomas Hyrkiel, Katarzyna Parchimowicz5 min read
Technology
DORA regulation outlining process for identifying critical ICT third-parties published
Technology
Your DORA questions answered – CIFs
Technology
Managing vendors supporting critical or important functions - from zero to full compliance with DORA
The Action Plan does not create new legal obligations but sets out steps for operationalizing the AI Act, NIS2, DORA, and the Cyber Resilience Act.
Vasilka Lalevska 4 min read
What financial business leaders can learn from the Roman general.
Max Veve | Maxvia Associés 3 min read
The ECB has given eurozone banks until October 31, 2026, to submit plans on how they will strengthen governance and resilience against growing AI-enabled cyberthreats.
Vasilka Lalevska 3 min read
This article examines the key challenges firms have encountered in their DORA compliance journeys and explores some of the practical solutions.
Nathaniel Lalone | Katten Ciara Watson | Katten 16 min read
Joint ESA report also highlights the role of third parties as incident originators and warns about impending risk from AI.
Thomas Hyrkiel 2 min read
Charles Herbert and James Clark discuss the potential for regulatory alignment across two areas of importance – digital law, and financial services regulation.
As regulators move from trialling AI to active oversight, firms face pressure to build governance structures to withstand scrutiny across multiple jurisdictions.
Vlada Gurvich 37 min listen
Norway’s financial infrastructure remains resilient, but rising cyber threats, third-party dependencies, and operational risks are rapidly changing the landscape.
Vasilka Lalevska 4 min read