Careers

Learn more

Qualified professionals

Learn more

Trainee & intern programmes

Learn more

Offices

New York

Learn more

San Francisco

Learn more
A&L Goodbody logo

DORA

  • Article

    DORA – What are the implementation and supervisory expectations for the 17 January 2025 deadline?

    DORA
  • Article

    DORA – Stakeholders call on ESAs to clarify the scope of the definition of ‘ICT services’ under DORA

    A number of financial market representative bodies recently issued a joint statement in which they call on ESAs to clarify that regulated financial services should not be treated as ‘ICT services’ for the purpose of DORA.

    DORA
  • Article

    DORA - Technical standards on subcontracting

    On 26 July 2024, the European Supervisory Authorities published final draft regulatory technical standards on the subcontracting of information, communication and technology services that support critical or important functions within financial entities.

    DORA
  • Article

    DORA – CBI comments on implementation and key aspects of the new framework

    Gerry Cross, Director of Financial Regulation in the Central Bank of Ireland, provides an update on the timing for delivering the new regulatory framework under DORA.

    DORA
  • Article

    European Commission confirms DORA does not apply to bank third-country branches

    The EBA Single Rulebook for DORA has been updated with a new question and answer relating to the applicability of DORA to EU branches of credit institutions that are headquartered outside of the EU (referred to as ‘third-country branches’).

    DORA
  • Article

    Bank’s cyber resilience to be stress tested and intersection with DORA

    Following on from its evaluation of credit institutions’ management of IT and cyber risks in 2023, the European Central Bank announced, on 3 January 2024, that it will be conducting a cyber resilience stress test on 109 directly supervised credit institutions in 2024.

    DORA
  • Article

    DORA: Key observations regarding the designation of international ICT third party service providers as critical

    ​​​​​​​Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (DORA) which will apply from 17 January 2025 is intended to create a harmonised regulatory framework that enhances the digital operational resilience of in-scope EU financial entities in respect of ICT related disruptions and threats.

    DORA
  • Article

    Second tranche of draft RTS, ITS and Guidelines published under DORA

    On 8 December 2023, the European Supervisory Authorities (ESAs) published the second tranche of policy measures under Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (DORA) for public consultation.

    DORA
  • article

    ESAs advise on criticality criteria and oversight fees for critical ICT third party providers under DORA

    On 29 September 2023, the European Supervisory Authorities published their joint response to the European Commission’s Call for Advice on digital operational resilience for the financial sector in order to specify further criteria for critical ICT third party service providers and determine oversight fees levied on such providers.

    DORA
  • article

    First tranche of draft RTS and ITS published under DORA

    As a measure to enhance the overall digital operational resilience of the EU financial sector, Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (DORA) entered into force on 16 January 2023 and will apply to in-scope financial services entities from 17 January 2025.

    DORA