Compliance Library Blog Product Sign In

EU-DORA

Regulation (EU) 2022/2554 — Digital Operational Resilience Act

EU Version 1.0 606 obligations

Conformity Obligations

19

Chapter I — General Provisions

Chapter II — ICT Risk Management

Chapter III — ICT-Related Incident Management, Classification and Reporting

Chapter IV — Digital Operational Resilience Testing

Chapter V — Managing ICT Third-Party Risk

Article 33. Tasks of the Lead Overseer

1 obligation

EU-DORA-33-14 Conformity

Assess use of relevant standards

The assessment must cover the use of relevant national and international standards applicable to the provision of ICT se

Chapter VI — Information-Sharing Arrangements

Chapter VII — Competent Authorities

Article 46. Competent authorities

17 obligations

EU-DORA-46-01 Conformity

Designation of competent authorities for credit institutions

Credit institutions and institutions exempted pursuant to Directive 2013/36/EU must be subject to supervision by the com
EU-DORA-46-02 Conformity

Designation of competent authorities for payment institutions

Payment institutions, electronic money institutions, and account information service providers must be subject to superv
EU-DORA-46-03 Conformity

Designation of competent authorities for investment firms

Investment firms must be subject to supervision by the competent authority designated in accordance with Article 4 of Di
EU-DORA-46-04 Conformity

Designation of competent authorities for crypto-asset service providers

Crypto-asset service providers authorised under the Regulation on markets in crypto-assets and issuers of asset-referenc
EU-DORA-46-05 Conformity

Designation of competent authorities for central securities depositories

Central securities depositories must be subject to supervision by the competent authority designated in accordance with

EU-DORA-46-06 Conformity

Designation of competent authorities for central counterparties

Central counterparties must be subject to supervision by the competent authority designated in accordance with Article 2
EU-DORA-46-07 Conformity

Designation of competent authorities for trading venues and data reporting

Trading venues and data reporting service providers must be subject to supervision by the competent authority designated
EU-DORA-46-08 Conformity

Designation of competent authorities for trade repositories

Trade repositories must be subject to supervision by the competent authority designated in accordance with Article 22 of
EU-DORA-46-09 Conformity

Designation of competent authorities for alternative investment fund managers

Managers of alternative investment funds must be subject to supervision by the competent authority designated in accorda
EU-DORA-46-10 Conformity

Designation of competent authorities for management companies

Management companies must be subject to supervision by the competent authority designated in accordance with Article 97

EU-DORA-46-11 Conformity

Designation of competent authorities for insurance undertakings

Insurance and reinsurance undertakings must be subject to supervision by the competent authority designated in accordanc
EU-DORA-46-12 Conformity

Designation of competent authorities for insurance intermediaries

Insurance intermediaries, reinsurance intermediaries and ancillary insurance intermediaries must be subject to supervisi
EU-DORA-46-13 Conformity

Designation of competent authorities for occupational retirement provision

Institutions for occupational retirement provision must be subject to supervision by the competent authority designated

EU-DORA-46-14 Conformity

Designation of competent authorities for credit rating agencies

Credit rating agencies must be subject to supervision by the competent authority designated in accordance with Article 2
EU-DORA-46-15 Conformity

Designation of competent authorities for benchmark administrators

Administrators of critical benchmarks must be subject to supervision by the competent authority designated in accordance
EU-DORA-46-16 Conformity

Designation of competent authorities for crowdfunding service providers

Crowdfunding service providers must be subject to supervision by the competent authority designated in accordance with A
EU-DORA-46-17 Conformity

Designation of competent authorities for securitisation repositories

Securitisation repositories must be subject to supervision by the competent authority designated in accordance with Arti

Chapter VIII — Delegated Acts

Chapter IX — Transitional and Final Provisions

Article 64. Entry into force and application

1 obligation

EU-DORA-64-01 Conformity

Comply with DORA from application date

All entities subject to DORA must comply with all provisions of the regulation starting from 17 January 2025

Start your compliance assessment

Map obligations to your AI systems, identify gaps, and generate board-ready reports. Plans start at $149/mo.

Get Started