Speakers
Objectives
Objectives
This roundtable will assess the state of cyber and digital operational resilience in the EU financial sector one year after the entry into application of DORA, examining the progress achieved, its early impacts on risk management practices, and how key remaining elements, including the critical third-party provider (CTPP) oversight regime, are being operationalised. It will also assess evolving cyber threats, including their potential systemic dimension, and evaluate whether further regulatory or supervisory measures are needed to address these risks, as well as the role that technologies such as AI can play in mitigating them.
Points of discussion
1. DORA implementation: what has changed in practice and what are the impacts so far?
One year after its entry into application, is DORA implementation on track and has it led to measurable improvements in cyber and digital operational resilience practices across the EU financial sector? Are ICT risk management requirements functioning as intended? How are preparations progressing for the implementation of the new CTPP oversight regime? Can the Digital Omnibus Package support a more effective and efficient implementation of DORA? Has the choice of a sector-specific regulation for financial services proved appropriate in practice, and how well does DORA fit within the broader EU cyber-security framework?
2. Emerging risks, systemic dimensions and technology implications
Are new or intensifying cyber threats, structural vulnerabilities and dependency risks emerging in the financial sector that warrant additional policy attention? Does the systemic dimension of cyber risk require further regulatory or supervisory action, including stronger international coordination? Can technological solutions, and AI in particular, play a greater role in mitigating these risks and strengthening the digital operational resilience of the financial system?