DORA is now live, without any transitional provision.
A wide range of rules applicable for managing ICT risks, including risks linked to ICT third-party service providers, applies from today. DORA applies to nearly all financial entities in the EU, with very few exemptions for smaller institutions. For the first time, it also covers major unregulated