Fintech Focus Podcast | Navigating IT and Security Risks in Fintechs in Light of Impending DORA Deadline

Joseph Kamyar, Susanne Werry
Skadden, Arps, Slate, Meagher & Flom LLP
Contact
LinkedIn
Facebook
X
Send
Embed
As we approach the end of the year, so too do fintechs approach the impending deadline for implementing the raft of requirements under the EU’s Digital Operational Resilience Act (DORA). Cybersecurity and data privacy counsel Susanne Werry joins Joseph Kamyar to discuss the latest guidance on DORA implementation, the relevant timelines and the extent to which companies are on track to meet the January deadline.

--------------------

With regulators increasingly scrutinizing See more +

As we approach the end of the year, so too do fintechs approach the impending deadline for implementing the raft of requirements under the EU’s Digital Operational Resilience Act (DORA). Cybersecurity and data privacy counsel Susanne Werry joins Joseph Kamyar to discuss the latest guidance on DORA implementation, the relevant timelines and the extent to which companies are on track to meet the January deadline.

--------------------

With regulators increasingly scrutinizing IT and security risks for fintechs, host Joseph Kamyar invites Skadden colleague Susanne Werry for a discussion about the EU’s Digital Operational Resilience Act (DORA), which becomes effective next month.

The act is expected to compel financial entities and relevant technology providers to reexamine existing contracts, policies, procedures and governance arrangements. Susanne, Frankfurt-based counsel in the Cybersecurity and Data Privacy and Artificial Intelligence Groups, offers important takeaways as 2025 draws near. While some companies are well on the way to DORA compliance, she notes, others are in the early stages.

Key Points

The DORA Effect: DORA introduces technology-related requirements that will impact fintechs in their capacity as providers of financial services and third-party providers of technology services. Susanne breaks down these requirements and their implications.

“Critical Service Provider”: Under DORA, technology providers will have obligations to their financial services clients, the extent of which depends on whether the provider supports a “critical” function. Susanne explains how DORA defines a “critical service provider.”

Risk Management: An entity’s management is responsible for overseeing an ICT risk-management framework, which includes ensuring that the company complies with DORA requirements and integrates ICT risk management into its overall governance. See less -

Embed
Copy
Send Report

Other MultiMedia by Skadden, Arps, Slate, Meagher & Flom LLP

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Skadden, Arps, Slate, Meagher & Flom LLP

Written by:

Skadden, Arps, Slate, Meagher & Flom LLP
Skadden, Arps, Slate, Meagher & Flom LLP
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Skadden, Arps, Slate, Meagher & Flom LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide