'/%3e%3cuse xlink:href='%23a' transform='scale(-1 1)'/%3e%3c/g%3e%3cg id='c'%3e%3cuse xlink:href='%23b' transform='rotate(72)'/%3e%3cuse xlink:href='%23b' transform='rotate(144)'/%3e%3c/g%3e%3cuse xlink:href='%23c' transform='scale(-1 1)'/%3e%3c/g%3e%3c/defs%3e%3cpath fill='%23039' d='M0 0h810v540H0z'/%3e%3cg fill='%23fc0' transform='matrix(30 0 0 30 405 270)'%3e%3cuse xlink:href='%23d' y='-6'/%3e%3cuse xlink:href='%23d' y='6'/%3e%3cg id='e'%3e%3cuse xlink:href='%23d' x='-6'/%3e%3cuse xlink:href='%23d' transform='rotate(-144 -2.344 -2.11)'/%3e%3cuse xlink:href='%23d' transform='rotate(144 -2.11 -2.344)'/%3e%3cuse xlink:href='%23d' transform='rotate(72 -4.663 -2.076)'/%3e%3cuse xlink:href='%23d' transform='rotate(72 -5.076 .534)'/%3e%3c/g%3e%3cuse xlink:href='%23e' transform='scale(-1 1)'/%3e%3c/g%3e%3c/svg%3e){kind=small}
๐
Jurisdiction
European Union
๐
Effective Date
2023
Jan 16, 2023
โ
Full Compliance
2025
Jan 17, 2025
๐๏ธ
Regulator
EBA
Overview
DORA establishes uniform requirements for ICT security in the EU financial sector. It impacts Open Banking by setting standards for API security, incident reporting, and third-party risk management.
Scope & Coverage
ICT Risk ManagementIncident ReportingThird-Party Risk
Key Requirements
1
ICT risk management framework2
Incident reporting3
Digital resilience testing4
Third-party risk oversightKey Notes
Full compliance required by January 2025. Impacts all TPPs and banks.
Official Resources
Related Regulations
Other open banking frameworks in Europe:
'%3e%3cpath fill='%23012169' d='M0 0v30h60V0z'/%3e%3cpath stroke='%23fff' stroke-width='6' d='m0 0 60 30m0-30L0 30'/%3e%3cpath stroke='%23C8102E' stroke-width='4' d='m0 0 60 30m0-30L0 30' clip-path='url(%23b)'/%3e%3cpath stroke='%23fff' stroke-width='10' d='M30 0v30M0 15h60'/%3e%3cpath stroke='%23C8102E' stroke-width='6' d='M30 0v30M0 15h60'/%3e%3c/g%3e%3c/svg%3e){kind=small}
Need to comply with DORA?
Explore API aggregators that support European Union compliance.