Europe targets digital operational resilience, with wide-ranging proposals

The Covid-19 pandemic has furtherincreased firms’ reliance on Information Technology and demonstrated the needfor resiliency in the face of disruption. Plans recently published by theEuropean Commission set out to harmonise the fragmented EU regulatory frameworkfor ‘digital operational resilience’ in financial services and would bringcertain third-party service providers under direct regulatory supervision. CharlotteHill and Clare Reynolds examine the proposals.

Charlotte Hillis a partner and head of the financial services regulatorygroup at Taylor Wessing in London, whereClare Reynoldsis asenior associate. Contact themonc.hill@taylorwessing.comandc.reynolds@taylorwessing.com.

Background to the proposal and DigitalFinance package

As part of its wider ‘Digital Finance’ package, on 24September 2020 the European Commission published its proposal for a Regulationon Digital Operational Resilience for the Financial Sector (the ‘Proposal’). [1]The Proposal introduces a European Union regulation setting out a detailed andcomprehensive framework on digital operational resilience and the management ofInformation Communication and Technology (ICT) risks along with cyber threatsacross EU financial services firms.