Nos derniers articles

The German and European banking sector is undergoing rapid transformation due to digitalization, ESG integration, regulatory changes, demographic shifts, and increased competition from FinTechs. Key challenges include managing complexity, leveraging AI and data, optimizing business models, and ensuring resilience and security. Banks must adapt quickly to survive, with successful integration of AI and ESG being crucial. Consolidation and evolution towards technology-driven or platform-based approaches are likely. Banks face a "transformation trilemma" of managing digital, regulatory, and ESG changes while maintaining profitability.
THE PAPER IS IN GERMAN

« Dans le contexte de la mise en œuvre de DORA, l’ACPR vient, à travers la mise à jour de sa FAQ, préciser certaines informations relatives aux nouvelles obligations qui s’appliquent aux entités financières concernant notamment : les modalités de remise du registre d’information, la réalisation de tests d’intrusion ou le champ d’application de cette nouvelle règlementation. »

« Le règlement européen sur la résilience opérationnelle numérique du secteur financier (DORA) établit un cadre commun pour la gestion des risques liés aux technologies de l'information et de la communication (TIC). Il définit des règles en matière de cyber-sécurité et de gestion des risques informatiques qui s’appliquent à un grand nombre d’entités financières. »

The EBA amended its ICT and security risk management guidelines due to DORA. The guidelines now apply only to entities covered by DORA (credit institutions, payment institutions, etc.) and focus solely on payment service user relationship management. PSD2 security and operational risk requirements still apply to other payment service providers not under DORA.

The ESAs report explores centralizing ICT incident reporting for the financial sector under DORA. Three models are considered: baseline, enhanced sharing, and full centralization. The report, developed with input from various stakeholders, aims to inform future decisions on incident reporting centralization.

The paper reviews the DORA Regulation, highlighting challenges in supervisory convergence, solution centralization, and oversight fragmentation. It argues that despite DORA's positive steps for digital resilience, Europe's fragmented supervision system hampers its effectiveness. The authors suggest that a more centralized, cross-sectoral supervisory approach is needed for better regulation and supervision.