On 14 November, ESBG submitted its input to the European Commission’s call for feedback on the proposed Cyber Resilience Act, which was published in September. All feedback received will be summarised by the Commission and presented to the European Parliament and Council with the aim of feeding into the legislative debate.
On 15 September, the Commission published a proposal for a Cyber Resilience Act, which aims to protect consumers and businesses from products with inadequate security features. The Cyber Resilience Act introduces mandatory cybersecurity requirements for products with digital elements. It will ensure that digital products, such as wireless and wired products and software, are more secure for consumers across the EU. In addition to increasing the responsibility of manufacturers by obliging them to provide security support and software updates to address identified vulnerabilities, it will enable consumers to have sufficient information about the cybersecurity of the products they buy and use.
In the position paper, ESBG members welcome the Commission proposal and support the goal of only having secure software on the internal market. However, members believe that the Cyber Resilience Act leaves too much room for interpretation regarding its scope of applicability and therefore proposes that the Commission should make a clear scope-statement that would dissolve any uncertainty whether the software developed, operated, or marketed by financial institutions is in scope of this Act.
In addition, there are vertical initiatives that already regulate the cyber-resilience of hardware and software products used by certain sectors. This is the case of the Digital Operational Resilience Act (DORA) for the financial sector, a regulatory framework specifically designed and developed to ensure the digital operational resilience of the financial sector. Extending the scope of the Cyber Resilience Act to products manufactured by credit institutions may place additional burdens onto banks, on top of the already existing tight regulatory corset.
related
European Banking Authority (EBA) on ESG risk management
The European Savings and Retail Banking Group (ESBG) submitted its response to the consultation launched by the European Banking Authority (EBA). ESBG insists on the need for consitency with CSRD and CSDDD, the addressees of this guideline should also
Enhancing Transparency in Bank Disclosures: ESBG delivers comprehensive response to the EBA’s Pillar 3 data hub consultation
On 14 December 2023, the European Banking Authority (EBA) published a discussion paper on the Pillar 3 data hub processes and its possible practical implications.
IASB Exposure Draft (ED) on Financial Instruments with Characteristics of Equity
On 29 November 2023, the International Accounting Standards Board (IASB) proposed amendments in an Exposure Draft to tackle challenges in financial reporting for instruments with both
ESBG’s response to the EFRAG Comment Letter on Financial Instruments with Characteristics of Equity
On 29 November 2023, the International Accounting Standards Board (IASB) proposed amendments in an Exposure Draft to tackle
ESBG advocates for increased clarity and streamlining of supervisory reporting requirements
On 14 March, ESBG submitted its response to the European Banking Authority (EBA) consultation on ITS amending Commission Implementation Regulation (EU) 2021/451 regarding supervisory reporting
WSBI-ESBG advocates for robust implementation of the BCBS Pillar 3 framework for climate-related financial risks
On 14 March, WSBI-ESBG submitted its response to the Basel Committee on Banking Supervision (BCBS) consultation on its Pillar 3 disclosure framework for climate-related financial risks
ESBG stresses the need for consistency and clarity in its Response to the SFDR Review Consultation
ESBG submitted its response to the European Commission’s consultation on the SFDR review, aiming to enhance transparency in sustainability-related disclosures within the financial services sector
ESBG response to the EBA’s consultation on Guidelines on preventing the abuse of funds and certain crypto-assets transfers for ML/TF
The guidelines on the “travel rule” delineate the actions that Payment Service Providers (PSPs), Intermediary PSPs
ESBG responds to the SRB consultation on the future MREL policy
The European Savings and Retail Banking Group (ESBG) submitted its response to the consultation launched by the Single Resolution Board (SRB) in December 2023 on the future of the Minimum Requirement for own funds
ESBG’s response to the Commission’s consultation on the GDPR
The primary EU legislation ensuring the fundamental right to data protection is the General Data Protection Regulation