Following the publication by the European Commission of the proposal for a Regulation on horizontal cybersecurity requirements for products with digital elements, i.e. the Cyber Resilience Act (CRA), the European Banking Federation (EBF) presents some key considerations of the European banking sector on the published text.
The EBF acknowledges that rules on digital products would contribute to achieving higher cybersecurity levels throughout the entire supply chain. Users of such products, both consumers and business -including banks- would benefit from minimum requirements that would apply to vendors of those products.
However, the EBF is of the view that the financial sector should be excluded from the scope of the CRA proposal, as the recently adopted DORA Regulation provides an extensive cybersecurity and digital operational resilience framework for banks which is equivalent -if not more detailed and comprehensive- to the one introduced by the CRA. It is therefore crucial that DORA should function as lex specialis to the CRA and this should be explicitly mentioned in the proposal’s text, in order to avoid confusion, duplications and overlaps in the rules and requirements on the EU level.
EBF
© EBF
Key
Hover over the blue highlighted
text to view the acronym meaning
Hover
over these icons for more information
Comments:
No Comments for this Article