Skip to main content

Digital Operational Resilience Act (DORA)

Does DORA apply to me?

If you fall under any of the below then DORA is most likely applicable to you, subject to certain exemptions:

ICT Service Providers – any undertaking that provides ICT systems and services to financial entities on an ongoing basis, including hardware as a service, as well as hardware services that incorporate technical support through means of software or firmware update.

Financial entities – this includes a vast range of entities, including:

  • Credit institutions
  • Account information service providers
  • Investment firms
  • AIFMS
  • Cryptoasset service providers
  • Payment institutions
  • Central securities depositories
  • Credit rating agencies
  • Data reporting service providers
  • Insurance and reinsurance undertakings
  • Insurance intermediaries

Is your organisation well prepared for DORA?

The ‘Digital Operational Resilience Act’ or DORA (Regulation (EU) 2022/2554) seeks to enhance and improve ICT operational risk requirements across various financial sectors. What was once a piecemeal approach scattered amongst various laws is now being consolidated into one singular EU regulation. It will become applicable as of 17th January 2025.

Mamo TCV DORA Overview
DORA Legislation
DORA Guidance
Mamo TCV Advocates - DORA Services

If you think that DORA is applicable to you please ask for our assistance

Contact us

Mamo TCV Advocates - DORA Services

UNDERSTANDING DORA

DORA at a glance

The financial sector is increasingly dependent on technology and on tech companies to deliver financial services. This makes financial entities vulnerable to cyber-attacks or incidents.

When not managed properly, ICT risks can lead to disruptions of financial services offered across borders. This in turn, can have an impact on other companies, sectors and even on the rest of the economy, which underlines the importance of the digital operational resilience of the financial sector.

This is where the Digital Operational Resilience Act, or DORA, comes into play.

WHAT WE BELIEVE IN

How can we help?

Our Reputation

Mamo TCV Advocates is a leading Maltese law firm with years of experience in the field of technology law. With clients ranging from world-famous multinational IT companies to individual service providers we can provide your organisation practical advice regardless of the situation you are in.

DORA Compliance

Over the past years we have carried out several legal audits and training sessions for our diverse portfolio of clients and we are now assisting clients with their various new DORA-related legal obligations. From rules relating to direct marketing to data retention obligations, we have you covered.

What we Offer

  • Assistance with identifying applicability of DORA.
  • Negotiation, vetting and amending of contracts between key stakeholders to ensure DORA compliance.
  • Assistance with reporting obligations.
  • Provision of comprehensive expert legal advice to facilitate compliance.

Key Contacts

Photo of Dr Claude Micallef-Grimaud
Claude Micallef Grimaud
Antoine Camilleri - Mamo TCV Advocates
Antoine Camilleri

Stay updated with our latest insights

Explore Insights
EU flag on currency
FinTech

MFSA Clarifies MiCA Application Process

On the 10th of December 2024, the Malta Financial Services Authority (“MFSA”), published a circular titled ‘Circular to the Industry on the Authorisation Process for MiCA Applicants’. The purpose of this circular is to provide clarity on the application process in Malta under Regulation (EU) 2023/1114 of the European Parliament and Council on markets in Crypto-Assets (“MiCA Regulation”). The MiCA Regulation was integrated into Maltese law through Chapter 647 of the Laws of Malta, titled the Markets in Crypto-Assets Act (hereinafter referred to as “MiCA Act”). As outlined previously, the MiCA Act provides transitory provisions for the eventual repeal of the Virtual Financial Assets…
Scene in Valletta
Investment Services & Funds

Family Offices Get Maltese Investment Law Exemption

Family offices which choose to manage their global investments from Malta have been given a new legal exemption through a recent amendment in the applicable investment services rulebook of the Malta Financial Services Authority (“MFSA”). On the  27th of November 2024, the MFSA issued a circular titled “Establishment of Single Family Offices in Malta”. The circular provides that a Notified Professional Investor Fund (“NPIF”) which is set up to solely manage the investment of a single family office (without raising external capital) does not require a licensed fund manager anymore. This is a beneficial exemption which reduces cost and bureaucracy…
Furthering MiCAR in Malta by Chapter 647
FinTech

Fintech Insights #8 –
Furthering MiCAR in Malta by Chapter 647

Chapter 647 of the Laws of Malta, titled the Markets In Crypto-Assets Act (hereinafter referred to as “Chapter 647”), integrates all aspects of Regulation (EU) 2023/1114 of the European Parliament and Council on markets in crypto-assets (“MiCAR”). MiCAR regulates the issuers of asset-referenced tokens (“ARTs”), electronic money tokens (“EMTs”), other types of tokens, as well as the conduct of crypto asset service providers (“CASPs”). Malta’s presidential assent to Chapter 647 was given on the 5th of November 2024 through  Act No. XXXVI of 2024 (“Act 36 (2024)”); and it was promulgated on the same day. Similar to MiCAR, Act 36…
AI in Banking
Banking & Finance
AI in the Banking Sector – a Sword, a Shield or an Achilles’ Heel?
Insurance & Reinsurance
Regulatory Compliance Quarterly Update | Q3 2024
EU AI Act series
Investment Services & Funds
AI in Investment Services: MIFID Considerations

Get in touch if you require any assistance