The ‘Digital Operational Resilience Act’ or “DORA” (Regulation (EU) 2022/2554) shall be enhancing and improving Information and Communications Technology (‘ICT’) operational risk requirements across various financial sectors. Subsequently, it imposes obligations on a vast array of different financial entities, as well as certain ICT service providers that assist such financial entities. These financial entities include the following:
- Credit institutions
- Account information service providers
- Investment firms
- Alternative Investment Fund Managers
- Crypto-asset service providers
- Payment institutions
- Central securities depositories
- Credit rating agencies
- Data reporting service providers
- Insurance and reinsurance undertakings
- Insurance intermediaries
- Crowdfunding service providers
Mamo TCV Advocates can provide assistance by primarily identifying whether DORA applies to your operations and/or organisation. We may also assist you in negotiating, vetting and, amending any contracts you may be entering into with relevant parties, to ensure that such contracts are in compliance with DORA, as well as offer solutions in case of existing contracts. Furthermore, we can guide you with respect to the new reporting obligations you may need to fulfil, whilst providing comprehensive expert legal advice throughout the entire process.
DORA will become applicable across the EU, including in Malta, as of 17th January 2025, so the clock is already ticking. For more information, visit our website here, which we will be regularly updating with guidance relevant to entities in Malta.