top of page

CSSF on DORA

Erwin SOTIRI

25 mars 2024

The Luxembourg Commission de Surveillance du Secteur Financier (CSSF) has released recent information about the Digital Operational Resilience Act (DORA).


On March 25, 2024, the Commission de Surveillance du Secteur Financier (CSSF) has released recent information about the Digital Operational Resilience Act (DORA).

DORA is a comprehensive legal framework that will be implemented in January 2025 to assess how well financial institutions can handle significant operational shifts or information and communications technology (ICT) emergencies. As an EU regulation, DORA applies directly to financial entities that are subject to it.

from the Commission de Surveillance du Secteur Financier (CSSF) provides an overview and updates on the Digital Operational Resilience Act (DORA), a regulation introduced to enhance the digital operational resilience within the EU financial sector. Recognizing the increasing risks associated with information and communication technology (ICT) and the growing digitalization and interconnectedness, DORA establishes a common legal framework aimed at strengthening the sector's resilience to ICT risks. This framework includes comprehensive rules on ICT risk management, ICT-related incident management, digital operational resilience testing, and ICT third-party risks. DORA's scope is broad, covering no less than 20 types of financial entities, and it will be applicable from 17 January 2025. The news aims to provide financial entities with an introduction to DORA, continuous updates on the latest developments, and answers to frequently asked questions (FAQs).

bottom of page