PPodcast

In an Emergency, Every Minute Counts – What DORA Requires in Case of an IT Incident | ALLES LEGAL #103

0
Shares
0
0
0
0
0
0

🎧 A severe IT incident – and the clock is ticking. Why DORA leaves no leeway when it comes to reporting IT incidents and how companies can prepare is explained by Josefine Spengler in this episode. Tune in now!

 Listen now:

Podcast: https://paymentandbanking.podigee.io/724-im-ernstfall-zahlt-jede-minute-was-dora-bei-it-vorfallen-verlangt/

Josefine Spengler is a lawyer at Annerton specialising in IT law. In her practice, she advises companies particularly on IT compliance, incident response, and digital regulatory requirements.

🔍 What to expect in this episode:

  • When an IT incident is classified as “severe”

  • Which deadlines companies must meet under DORA – from classification to final reporting

  • Why attacks on service providers may also be subject to reporting obligations

  • The importance of legally sound contracts and internal processes

  • How companies can prepare effectively with scenarios, checklists, and training exercises

One particularly important point: A successful cyberattack is automatically subject to mandatory reporting – and responsibility remains with the company, even if external partners are affected.

Stay informed and subscribe to the PayTechLaw newsletter. We’ll notify you as soon as a new episode is available.

Stay tuned – next week’s episode will cover business continuity under DORA.

Annerton DORA Monitor Adjust processes, review systems, document evidence: DORA’s requirements are diverse, and implementation calls for clarity and structure.

The Annerton DORA Monitor supports you on your journey to digital resilience: We summarise developments and practical tips for you in a concise format.

📥 Download the first edition free of charge now. – And sign up for our mailing list to be automatically notified by email whenever a new edition is released – ensuring you are reliably guided through the DORA jungle.

About this podcast

Alles Legal – Fintech Recht Kompakt delivers sharp, weekly insights into legal and compliance matters in the world of banking. (in German only)
This podcast is a collaboration between Payment & Banking and PayTechLaw.
Each Wednesday, we unpack the legal developments shaping the financial world – clearly, concisely, and without the legal jargon.
Since 2021, PayTechLaw authors and Annerton attorneys have brought depth and clarity to complex topics.
Whether it’s PSD3, DORA, or FiDA – we provide the legal context you need.
In 20 minutes. No detours.

0
0

Josefine Spengler is a lawyer and IT law specialist at Annerton's Berlin office. She has many years of in-house experience as Head of Legal and Data Protection Officer at a payment service provider. As an expert in the IT and FinTech segment, Josefine Spengler advises national and international clients on all issues at the interface between regulatory law and IT law as well as on compliance and AML issues. Josefine Spengler is a regular speaker at events on IT law and regulatory requirements for the IT of financial companies.



By continuing, you accept our privacy policy.
You May Also Like
BBanking
BRUBEG erklärt: Was das neue Bankenpaket für Institute verändert | ALLES LEGAL #139 BRUBEG Explained: What the New Banking Package Changes for Financial Institutions | ALLES LEGAL #139
Read More
  • 2 minute read

BRUBEG Explained: What the New Banking Package Changes for Financial Institutions | ALLES LEGAL #139

BRUBEG is intended to reduce bureaucracy, yet for many banks it initially means new obligations, additional processes and increased compliance requirements. In this episode of Alles Legal – Fintech-Recht kompakt, Renate Prinz explains what is behind the legislation and how the implementation of CRD VI and Basel III will affect financial institutions across Europe.
Read More
RRegulatory
Turbo-Zertifikate mit Beißkorb Turbo Certificates on a Leash
Read More
  • 2 minute read

Turbo Certificates on a Leash

On 16 June 2026, BaFin’s general administrative order restricting the marketing, distribution and sale of turbo certificates enters into force. It establishes strict requirements for all distribution activities relating to turbo certificates directed at retail investors.
Read More
PPSD2
MiCAR trifft PSD2: Warum E-Geld-Token plötzlich doppelt reguliert werden | ALLES LEGAL #138
Read More
  • 2 minute read

MiCAR meets PSD2: Why e-money tokens are suddenly subject to dual regulation | ALLES LEGAL #138

Since the end of the EBA transitional period in March 2026, many crypto-asset service providers have had to assess whether, in addition to MiCAR, they also require a PSD2 or national payment services licence. In this episode, Kemal Ahmedi explains why crypto regulation and payment services law overlap and what this means for business models and licensing strategies.
Read More