DORA

📅

Effective Date

Jan 2023

✅

Full Compliance

Jan 2025

🏛️

Regulator

EBA / ESMA / EIOPA

📊

Scope Areas

Overview

DORA establishes uniform requirements for ICT security in the EU financial sector. It impacts Open Banking by setting standards for API security, incident reporting, and third-party risk management.

Note: Full compliance required by January 2025. Impacts all TPPs and banks.

Applicable Countries

This regulation applies to all 27 EU Member States:

Scope & Coverage

This regulation covers the following areas and services:

ICT Risk ManagementIncident ReportingThird-Party Risk

Key Requirements

ICT risk management framework

Incident reporting

Digital resilience testing

Third-party risk oversight

Timeline

Effective Since

January 16, 2023

Full Compliance Deadline

January 17, 2025

Official Resources

Official Website All Regulations

Related Regulations

Other Europe regulations you might be interested in:

PSD2

European Union

Active

The revised Payment Services Directive requires banks to provide account access to licensed third-pa...

PSD3

European Union

Upcoming

The proposed third Payment Services Directive aims to address shortcomings of PSD2, improve API perf...

FIDA

European Union

Upcoming

FIDA extends open banking principles beyond payment accounts to a wider range of financial products ...

Need to integrate with Open Banking APIs?

Explore our directory of API aggregators and TPPs to accelerate your compliance.

API Aggregators TPP Directory

Digital Operational Resilience Act

Overview

Applicable Countries

Scope & Coverage

Key Requirements

Timeline

Official Resources

Related Regulations

PSD2

PSD3

FIDA

Need to integrate with Open Banking APIs?

Interested in more insights?