DORA has applied since January 2025 to all European financial entities: banks, insurers, asset managers, trading venues, crypto-asset service providers. It also covers their critical ICT third-party providers. Obligations span ICT risk management, resilience testing and major incident reporting to the ACPR (the French prudential authority).
EN
FR