Nos derniers articles

This report evaluates how competent authorities have implemented previous recommendations regarding ICT risk assessment within the Supervisory Review and Evaluation Process (SREP). The document highlights a significant shift in the regulatory landscape due to the application of DORA, which establishes a unified framework for financial sector resilience. According to the findings, supervisors have made notable progress by forming specialized ICT teams, enhancing technical expertise, and adopting automated monitoring tools. Furthermore, the report details the integration of ICT-specific guidelines into broader operational risk assessments to ensure a more cohesive supervisory approach. While most authorities have successfully adopted benchmarking and horizontal analysis, the EBA emphasizes that maintaining supervisory convergence remains an ongoing priority as technology evolves. Overall, the report confirms that the EU is moving toward a more harmonized and robust regime for managing digital risks in banking.

The draft strengthens governance arrangements, clarifies management body roles, and enhances oversight of internal control, risk management, and compliance functions. It incorporates ICT and security risk management in line with DORA, requiring institutions to integrate digital operational resilience into governance frameworks. The revisions also address anti-money laundering, conflicts of interest, and gender-neutral remuneration. Stakeholders can submit feedback until October 2025, with final guidelines to replace the 2017 version.