On January 17, 2025, the DORA Regulation, a new European law to strengthen cybersecurity in the financial sector, will come into force. This regulation requires financial institutions to take a series of additional protective measures to prevent cyberattacks.
Ingrid González, manager in the area of data protection and digital law, comments in Xataka: “This regulation will apply after a two-year adaptation period, during which financial institutions have had to prepare to comply with all its requirements.”
And if, despite these measures, there is a cyberattack, what happens? Our expert lawyer comments: “It will depend on the actual damage suffered, which will then allow ordinary citizens to initiate proceedings to seek compensation for any damages they may have suffered.”
As for the penalties that can be applied to companies that do not comply with the requirements of the DORA Regulation, she comments: “It is a regulation that establishes a maximum standard. The guideline indicates what should be done, not so much what happens in the event of non-compliance.” Therefore, penalties ranging from administrative sanctions to “civil claims” by those affected have been stipulated.
If you would like further information, please do not hesitate to contact our office by calling 91.345.48.25 or sending an email to info@cecamagan_bs5.com