Cybersecurity regulation in European Union

Information-security, cyber-risk and incident-reporting requirements for financial institutions. 16 publications, summarized in English and updated same-day.

Email alerts for Cybersecurity · European Union

New circulars, rules and guidance — a digest in your inbox, same day.

2026-03-10

Opinion of the European Central Bank on the proposed Digital Omnibus regulation

European Central Bank

European Union

ECB

2026-01-01

Consolidated version of EBA amending Guidelines on ICT and security risk management

European Banking Authority

European Union

EBA

2025-12-18

Final report on guidelines on internal controls for benchmark administrators, credit rating agencies and market transparency infrastructures

European Securities and Markets Authority

European Union

ESMA

2025-01-01

Final report on amending Guidelines on ICT risk and security management

European Banking Authority

European Union

EBA

2024-12-17

Final Report on Guidelines specifying Union standards on systems and security access protocols for crypto-asset offerors

European Securities and Markets Authority

European Union

ESMA

2024-07-26

Final report on draft regulatory technical standards for ICT subcontracting under DORA

European Securities and Markets Authority

European Union

ESMA

2024-07-17

Final Report on draft RTS specifying elements related to threat led penetration tests

European Securities and Markets Authority

European Union

ESMA

2024-07-17

Final Report on draft RTS on the harmonisation of conditions enabling the conduct of the oversight activities

European Securities and Markets Authority

European Union

ESMA

2024-07-17

Final Report on Joint Guidelines on oversight cooperation and information exchange between ESAs and competent authorities under DORA

European Securities and Markets Authority

European Union

ESMA

2024-07-17

Joint Guidelines on the estimation of aggregated annual costs and losses caused by major ICT-related incidents

European Securities and Markets Authority

European Union

ESMA

2024-07-17

Final Report on Draft RTS and ITS on Incident Reporting under DORA

European Securities and Markets Authority

European Union

ESMA

2024-07-17

Final Report on Draft RTS on Harmonisation of Conditions for Oversight of Critical ICT Third-Party Service Providers

European Securities and Markets Authority

European Union

ESMA

2024-01-17

Final report on draft RTS on ICT Risk Management Framework and on simplified ICT Risk Management Framework

European Securities and Markets Authority

European Union

ESMA

2024-01-17

Final report on draft RTS to specify the policy on ICT services supporting critical or important functions

European Securities and Markets Authority

European Union

ESMA

2024-01-17

Final Report on Draft Implementing Technical Standards on Register of Information for ICT Third-Party Services

European Securities and Markets Authority

European Union

ESMA

2024-01-17

Final Report on Draft RTS on Classification of Major Incidents and Significant Cyber Threats under DORA

European Securities and Markets Authority

European Union

ESMA