PPodcast

Business Continuity under DORA | ALLES LEGAL #104

0
Shares
0
0
0
0
0
0

🎧 What happens when your cloud provider fails or a cyberattack takes down your systems? This episode is all about Business Continuity Management (BCM) – and why it’s a critical regulatory requirement for banks and fintechs under DORA. Tune in now!

Business Continuity under DORA: A Must, Not a Nice-to-Have

In episode 104 of Alles Legal – Fintech-Recht kompakt, moderator Dana Wondra from Payment & Banking and Josefine Spengler, lawyer at Annerton, discuss the regulatory and operational requirements for Business Continuity Management (BCM) under the Digital Operational Resilience Act (DORA).

Josefine shares practical insights into common weaknesses and offers guidance on how financial institutions can establish and maintain effective emergency management strategies.

Key points include:

  • Leadership responsibility and governance
  • Recovery planning and realistic testing
  • Contractual inclusion of third-party providers, including exit plans
  • Integration of BCM into ICT risk management

DORA is clear: Business continuity is no longer just an IT issue, but a strategic imperative – even beyond corporate boundaries.

Annerton DORA Monitor Adjust processes, review systems, document evidence: DORA’s requirements are diverse, and implementation calls for clarity and structure.

The Annerton DORA Monitor supports you on your journey to digital resilience: We summarise developments and practical tips for you in a concise format.

📥 Download the first edition free of charge now. – And sign up for our mailing list to be automatically notified by email whenever a new edition is released – ensuring you are reliably guided through the DORA jungle.

About this podcast

Alles Legal – Fintech Recht Kompakt delivers sharp, weekly insights into legal and compliance matters in the world of banking. (in German only)
This podcast is a collaboration between Payment & Banking and PayTechLaw.
Each Wednesday, we unpack the legal developments shaping the financial world – clearly, concisely, and without the legal jargon.
Since 2021, PayTechLaw authors and Annerton attorneys have brought depth and clarity to complex topics.
Whether it’s PSD3, DORA, or FiDA – we provide the legal context you need.
In 20 minutes. No detours.

0
0

Josefine Spengler is a lawyer and IT law specialist at Annerton's Berlin office. She has many years of in-house experience as Head of Legal and Data Protection Officer at a payment service provider. As an expert in the IT and FinTech segment, Josefine Spengler advises national and international clients on all issues at the interface between regulatory law and IT law as well as on compliance and AML issues. Josefine Spengler is a regular speaker at events on IT law and regulatory requirements for the IT of financial companies.



By continuing, you accept our privacy policy.
You May Also Like
PPayment
Ist bei E-Geld ein Vertrag zwischen dem E-Geld-Herausgeber und der Akzeptanzstelle erforderlich? Is a contract between the e-money issuer and the merchant required for e-money?
Read More
  • 9 minute read

Is a contract between the e-money issuer and the merchant required for e-money?

This article examines the European Commission’s controversial interpretation of Article 11(7) EMD2 regarding the definition of electronic money. It focuses on whether a contractual relationship between the e-money issuer and the accepting merchant is required for electronic money acceptance. The article concludes that Article 11(7) EMD2 does not establish a general contractual requirement for the acceptance of e-money.
Read More
BBanking
Governance under the 9th MaRisk Amendment 1
Read More
  • 4 minute read

Governance under the 9th MaRisk Amendment

Mit der 9. MaRisk-Novelle rĂŒckt das Thema Governance erneut in den Fokus der Aufsicht. Im Vordergrund steht jedoch keine grundlegende Neuregulierung, sondern eine gezielte Weiterentwicklung des bestehenden Rahmens. Die BaFin reduziert punktuell Detailtiefe und verlagert den Schwerpunkt auf Prinzipienorientierung, tatsĂ€chliche Wirksamkeit und institutsspezifische Ausgestaltung.
Read More