Get in touch by sending us a message or by contacting us directly.
MFSA Guidance
Update on the Guidance on Technology Arrangements, ICT and Security Risk Management, and Outsourcing Arrangements
Regulation (EU) 2022/2554 on Digital Operational Resilience for the Financial Sector – Legal Entity Identifier (‘LEI’) for Register of Information Reporting
Necessary Legal Measures Published for the Purposes of the National Implementation of Regulation (EU) 2022/2554 on Digital Operational Resilience for the Financial Sector
Commission Delegated Regulations under Regulation (EU) 2022/2554 on Digital Operational Resilience for the Financial Sector Published in the EU Official Journal (Update 1)
Second Set of Technical Standards under Regulation (EU) 2022/2554 on Digital Operational Resilience for the Financial Sector Submitted to the European Commission
Information Sharing Arrangements under Regulation (EU) 2022/2554 on Digital Operational Resilience for the Financial Sector
ESAs Joint Committee Public Consultation on the Harmonisation of Conditions Enabling the Conduct of the Oversight Activities under Article 41(1) Point (c) of Regulation (EU) 2022/2554 on Digital Operational Resilience for the Financial Sector
Regulation (EU) 2022/2554 on Digital Operational Resilience for the Financial Sector: ‘Dry-Run’ 2024 ad hoc Exercise on the Data Collection of Registers of Information
MFSA Minimum Expectations in Relation to Financial Entities’ Preparedness to Regulation (EU) 2022/2554 on Digital Operational Resilience
Feedback Statement to Queries Raised by Consulted Stakeholders on Regulation (EU) 2022/2554 on Digital Operational Resilience (the ‘DORA Regulation’)
First Set of Technical Standards under Regulation (EU) 2022/2554 on Digital Operational Resilience for the Financial Sector Submitted to the European Commission
Consultation Document on the National Implementation of Regulation (EU) 2022/2554 and Transposition of Directive (EU) 2022/2556 on Digital Operational Resilience for the Financial Sector
European Commission Public Consultation on Two Delegated Acts under Regulation (EU) 2022/2554 on Digital Operational Resilience for the Financial Sector
Regulation (EU) 2022/2554 and Amending Directive (EU) 2022/2556 on Digital Operational Resilience for the Financial Sector published on the EU Official Journal
Stay updated with our latest insights
DORA is Now in Force: What’s Next?
Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector (“DORA” or the “Act”) became enforceable as of 17th January 2025. DORA Resources As highlighted in various DORA insights by our Firm over the last few months (including a very useful overview of DORA itself), DORA represents a significant milestone in aligning the financial services sector with the EU’s digital finance strategy, offering a regulatory framework for operational resilience and ICT risk management. Designed to bolster operational resilience against increasingly sophisticated cyber threats, DORA ushers in a new era…
European Blockchain Sandbox & MDIA Joint Webinar
As previously announced, applications for the third and final cohort of the European Blockchain Sandbox are now open. To find out more on how you can take advantage of this unique scheme, register here to attend this joint webinar being organised by the European Blockchain Sandbox and the Malta Digital Innovation Authority (MDIA) on January 20th at 14:30. The webinar is expected to last around an hour.
The AI Act’s Impact on Businesses Operating Within the EU
This article is part of our EU AI Act series which explores the effect of the AI Act across various industries and sectors. Introduction The first article (see link below) in this EU AI Act series provided, inter alia, a breakdown of the scope, applicability, timeline and risk levels of the AI Act, Regulation (EU) 2024/1689 (hereinafter referred to as the “Act”). The Act introduces significant obligations for all businesses developing or deploying AI that affect persons in the EU, with major fines for non-compliance. Crucially, the Act is extraterritorial in nature, since it also applies to businesses established in…