On Mar. 25, 2025, FR ACPR updated its FAQ on DORA framework including procedures for submitting the information register, intrusion tests, the scope of application.
On Jan. 17, FR ACPR issued 2 documents re entry into force of DORA.
FR ACPR published FAQ and notification form linked to the entry into force of DORA.
As applies from Jan. 17, 2025, it took opportunity, after market meetings organized in Oct. 2024, to recall expectations for banking, insurance sectors in short, medium term.
Follows FR ACPR Dec. 2024 issued notice on a risk management framework, #238305.
Overview
DORA application results in obligation for supervised entities to report to competent authority major incidents related to information, communication technologies (ICT).
At the same time, they must quickly be able to submit their information register to FR ACPR by Apr. 15, 2025 at the latest so FR ACPR can send the data to the ESAs to identify critical third-party ICT service providers (CTPPs).
In the medium term, FR ACPR will ensure entities maintain governance and internal control framework in line with DORA requirements to ensure effective and prudent ICT risk management as fundamental element of their digital operational resilience.
Framework includes overall governance structure with clear roles and responsibilities.
As well as control systems necessary to identify and mitigate any ICT risk and a digital operational resilience testing program.
Effectiveness
Entities must be able to quickly submit data by Apr. 15, 2025.
Jan. 2025 Data Collection
On Jan. 17, 2025, FR ACPR updated on information collection from banks and insurers.
As part of DORA Regulation application, FR ACPR has updated its information system to allow electronic transmission of declarations in OneGate portal for banks and insurers.
Functional Business Cards (CvF) have been updated, will be communicated very soon.
Further information is available in the specific sub-pages re which links are provided.
On Jan. 29, 2025, FR ACPR issued information and links on separate DORA collection models for banks and insurers, dated Jan. 22, 2025, available via the eSurfi pages.
Mar. 2025 DORA Framework EBA 4.0
On Mar. 21, 2025, FR ACPR published DORA Framework EBA 4.0 (Insurance) and (Bank) both in OneGate portal for EBA Framework 4.0 before Mar. 10, 2025 update.
The new versions for insurers and banks, of Mar. 10, 2025, will be deployed very soon.
Mar. 25, 2025 Updated DORA FAQ
On Mar. 25, 2025, FR ACPR updated its FAQ on DORA framework including procedures for submitting the information register, intrusion tests, the scope of application.
