EU financial firms must prepare now for new rules on critical third-party arrangements
By 
Ruth Prickett2025-12-15T18:04:00
European banks and financial institutions must prepare now for stringent new rules on third-party suppliers. A consultation on plans to introduce a regime similar to the EU’s Digital Operational Resilience Act (DORA), but focusing on critical non-ICT third-party suppliers, closed in October, and guidelines will follow shortly.
Experts at global law firm Travers Smith wrote in a legal briefing in November that the plans build significantly on the European Banking Authority’s (EBA’s) existing rules from 2019 and “will lead to an overhaul of third-party risk management with EU financial services.”
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
Article‘Significant’ rule changes for EU alternative investment funds set for April 16
Significant changes to rules for EU alternative investment fund managers come into force on April 16, but most still have work to do to be compliant, experts warn.
-
ArticleEU vows to reform financial single market rules to unlock growth and boost investment
Financial markets thrive on consistent rules across the widest markets. This is the thinking behind the European Commission’s package of measures intended to simplify and streamline the zone’s single market for financial services.
-
ArticleEU agrees rules to make payment providers and online platforms liable for customer fraud losses
Payment service providers operating in the EU will have to cover customers’ losses from fraud if their fraud protection regimes are inadequate or poorly implemented under new EU rules.
More from Regulatory Policy
-
ArticleCompliance must focus on corruption as EU and U.K. seek to tackle rising risks
Corruption isn’t something that happens somewhere else, in other countries and committed by other people. Nowhere is corruption-proof, and new rules being introduced in the EU and the U.K. aim to focus compliance officers on the full gamut of risks in all jurisdictions and every sector.
-
ArticleEmployment law in the age of AI: Compliance considerations
Employment law in the age of AI is evolving faster than many companies can keep pace. As more states enact AI laws and as more case law piles on, chief compliance officers and in-house counsel must ensure that compliance policies and procedures evolve as AI legal and compliance risks evolve.
-
ArticleCompliance must future-proof AI projects to meet evolving regulations
AI implementations are surging, but many new systems are being abandoned after companies have invested in expensive projects. Now evolving AI regulation is adding to the list of reasons why new systems may fail. Compliance must watch emerging regulatory developments and ensure that any new AI tools are capable of ...