News

Solutions
- The right data. The right tools.
  
  Explore our solutions
- WealthTech Solutions
  - Trading & Connectivity
    Advanced, scalable trading solutions with tailored user experiences
  - Portfolio Management & Advisory
    Efficient portfolio management and client-centric tools
  - APIs & Data Feeds
    Cost-effective, customizable data feeds with an easy API access
  - Valuation & Risk services
    Quantitative services utilizing top-tier financial expertise and technology
  - Data Display & Analytics
    User-friendly solutions for professionals and private users
  - Customers Case Studies
    Read from our customers how Infront WealthTech solutions have helped reshape and transform their wealth management.
  - Direkt News Services
    Stay at the forefront of Nordic financial news with real-time updates, featuring professional studio productions and expert market insights that keep investors engaged.
Your Industry
- Wealth
  - Wealth Management
    Infront makes wealth management simpler. Across the entire advisory workflow, for both you and your clients.
  - Advisor
    Manage clients with automated workflows while you focus on relationships.
  - Portfolio Managers
    Turn client needs and market data into custom portfolios with results.
  - Digital transformation managers
    Rely on best-in-class digital tools to build a futureproof advisory tech stack.
  - Family Offices
    Transform your wealth management with Infront Assetmax. Navigate complexity, ensure compliance, and enhance transparency effectively.
- Brokerage
  - Brokerage
    From specialized brokers to global banks, grow your business with a reliable, intuitive solution that works across all stages of the trading lifecycle.
  - Traders
    Analyse markets, execute trades and keep track of all your positions.
  - Product Managers
    Research markets, design products and manage risk across your trading.
  - Head of Trading
    Track performance and trends, while managing your key market relationships.
Company

18 JULY 2024

The 3 ESA’s (EBA, ESMA and EIOPA) published the expected second batch of policy products under the DORA regulation

two young women posing with a yellow background

Yesterday, July 17th 2024, the 3 ESA’s (EBA, ESMA and EIOPA) published the expected second batch of policy products under the DORA regulation. The Digital Operational Resilience Act (DORA), or more formally known as Regulation (EU) 2022/2554, took effect on 16 January 2023, with final industry compliance required by 17 January 2025. With this second batch now being finally available we now have 6 months before the overall go-live date of the compliance kicking into full force. There is still one RTS in the making being the one for subcontracting.

The regulation underscores the importance of digital operational resilience in today’s increasingly interconnected and digitized landscape and seeks to expand the reach of European regulators incorporating both financial institutions that operate in Europe and providers of information and communication technology (ICT) to these firms. Compliance with DORA is a top priority given financial entities’ dependence on ICT, including third-party ICT service providers, as well as the heightened focus on ICT and cyber-related risks impacting these third parties.

The July 17th batch consists of four final draft regulatory technical standards (RTS), one set of Implementing Technical Standards (ITS) and 2 guidelines, all of which aim at enhancing the digital operational resilience of the EU’s financial sector.

The package focuses on the reporting framework for ICT-related incidents (reporting clarity, templates) and threat-led penetration testing while also introducing some requirements on the design of the oversight framework, which enhance the digital operational resilience of the EU financial sector, thus also ensuring continuous and uninterrupted provision of financial services to customers and safety of their data.

The ESAs are publishing the following final draft technical standards:

RTS and ITS on the content, format, templates and timelines for reporting major ICT-related incidents and significant cyber threats; 
RTS on the harmonization of conditions enabling the conduct of the oversight activities;
RTS specifying the criteria for determining the composition of the joint examination team (JET); and
RTS on threat-led penetration testing (TLP)

The set of guidelines include:

Guidelines on the estimation of aggregated costs/losses caused by major ICT-related incidents
Guidelines on oversight cooperation

Next steps

The guidelines have already been adopted by the Boards of Supervisors of the three ESAs. The final draft technical standards have been submitted to the European Commission, which will now start working on their review with the objective to adopt these policy products in the coming months. Understanding the full implications of the DORA text and aligning with its intent have been challenging for many financial institutions despite being more than a year into implementation. Following this, it may take additional months before the European Commission publishes the final Delegated Regulations, as was the case with the first batch of Technical Standards.

Since we’re following the regulation very closely we’ll also announce any important updates for you in relation to our products and services. 

Sources