DORA: ‘Technical Standards,’ new pieces of the puzzle

The Digital Operational Resilience Act (“DORA”) aims to harmonize rules related to digital resilience for the financial sector. DORA applies to 21 different types of financial entities. As of January 17, 2025, DORA is effective. Earlier we reported on DORA and the impact DORA will have on contracting with IT suppliers. The latter is part

DORA: the implication for the IT-supplier, PART II

In PART I of our blog series, we outlined the framework of the Digital Operational Resilience Act (‘DORA’). In this second part of our blog series about DORA, we focus on the implications or impact DORA has for normal IT-suppliers. Normal opposes those IT-suppliers providing ‘critical’, ‘important’ or ‘systemic’ IT-services for which a stricter regime

DORA: the implication for ICT and cloud suppliers, PART I

In a previous blog we have informed you about the EIOPA guidelines, which contain guidelines for insurance companies for the outsourcing to providers of existing and new cloud services. However, these are only mere guidelines addressing very particular services for a limited type of entities in the financial sector, namely insurance companies. Already in 2019