DORA Archives | PAYMENT.TECHNOLOGY.LAW.

2 minute read

Business Continuity under DORA | ALLES LEGAL #104

byJosefine Spengler,PayTechLaw-Team
9. July 2025

What happens when your cloud provider fails or a cyberattack takes down your systems? This episode is all about Business Continuity Management (BCM) – and why it’s a critical regulatory requirement for banks and fintechs under DORA. Tune in now!

PPodcast

2 minute read

In an Emergency, Every Minute Counts – What DORA Requires in Case of an IT Incident | ALLES LEGAL #103

byJosefine Spengler
2. July 2025

A severe IT incident – and the clock is ticking. Why DORA leaves no leeway when it comes to reporting IT incidents and how companies can prepare is explained by Josefine Spengler in this episode. Tune in now!

PPodcast

2 minute read

Digital resilience is a matter for top management | ALLES LEGAL #102

byJosefine Spengler
25. June 2025

In the third episode of our podcast series ‘Alles Legal – Fintech-Recht kompakt’, Josefine Spengler, lawyer at Annerton, talks to host Dana Wondra from Payment & Banking about a key innovation in financial supervisory law: What does DORA require in terms of ICT risk management – and why is digital resilience now a top priority?

PPodcast

2 minute read

DORA requirements for IT procurement | ALLES LEGAL #101

byJosefine Spengler
18. June 2025

This podcast episode is about the new EU legal framework DORA (Digital Operational Resilience Act), which affects all regulated financial companies – from fintechs and payment service providers to major banks. DORA is the first binding regulation on how financial companies must strengthen their digital resilience.

BBanking

2 minute read

BaFin publishes guidance on documentation requirements under DORA

byPayTechLaw-Team
18. December 2024

With just under a month to go before the Digital Operational Resilience Act (DORA) comes into force, the…

DDORA & IT Security

8 minute read

A new era in IT security: a comparison of NIS2 and DORA

byJosefine Spengler
29. October 2024

As digitalization advances, companies and organizations are increasingly confronted with complex challenges around IT security and digital operational resilience. Within a few months, the European Union has adopted two important pieces of legislation to strengthen IT and cybersecurity, which will now come into force in the near future: the “Directive on measures for a high common level of cybersecurity across the Union” (NIS2) and the Digital Operational Resilience Act (DORA).

DDORA & IT Security

3 minute read

ICT Incident Reporting under DORA

byDr Franz Ringel
30. July 2024

Chapter III of Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (DORA) is dedicated to…

DDORA & IT Security

Harmonisierung der DORA-Anforderungen schreitet voran - das zweite Paket der finalen Entwürfe der RTS/ITSTs und Guidelines zu DORA ist nun auch da.

14 minute read

Harmonization of the DORA requirements is progressing – The second package of the RTS/ITSs and guidelines for DORA is now also available

bySvetlana Ulrici
25. July 2024

On June 17 and 26, 2024, the ESAs published the final drafts of the DORA-specific regulations in a…

DData Protection

8 minute read

All about DORA – impact and recommendations for financial companies

byJosefine Spengler,Marina von Wallenberg-Pachaly
4. June 2024

What is DORA? With DORA, Regulation (EU) 2022/2554 on digital operational resilience in the financial sector (Digital Operational…

DData Protection

8 minute read

DORA takes shape – first package of final RTS/ITS to DORA published

byJosefine Spengler,Ana Giorgadze
6. February 2024

EU regulators have published the final versions of an initial set of four technical standards for operational resilience…