BRUSSELS, 9 April 2021 – Banks have been among the first companies to install computers and create large data centres. This has contributed to the efficiency of their role of financing the economic activity and intermediating between savers and borrowers.
As IT architecture has become essential for economic activity, the risk of disruption of this architecture and its consequences for the banks and their clients are of paramount importance. Consider for example the damage done by data breaches, ransomware or service outage of cloud service providers.
The European Savings and Retail Banking Group (ESBG) is aligned with the goal pursued by the Digital Operational Resilience Act (DORA) to create a comprehensive framework for the digital operational resilience of the financial sector in the EU. We welcome the initiative to bring together ICT risks in finance in this legislative proposal that advocates for a level playing field approach. Since the implementation of this framework implies a lot of policy work for the European Supervisory Authorities, we suggest however that the entry into force would be 30 months after the publication of the act.
As for the content of the act, ESBG thinks rules should be adjustable to the different business models in our membership. Smaller financial institutions should be excluded from the framework. We believe that the direct supervision of critical ICT service providers by the ESAs should cover only large, internationally active service providers. Predominantly nationally active critical ICT service providers should be supervised at the national level to avoid incompatibilities with national security laws. We advocate for the creation of a reporting hub at the national level and that the reporting at the EU level is done by the National Competent Authorities. We do not oppose to the creation of an EU hub receiving all reporting but if it is finally set up, it must replace all pre-existing reporting and risks should be properly assessed to ensure the highest levels of cybersecurity.
Finally, the cost of supervising the ICT-providers should not be on the banks or even less on the bank customers’ shoulders. Just as banks rightfully support the cost of financial supervision, ICT providers should bear the cost of their supervision.
related
October 5, 2022
Joint letter to Commissioner McGuiness on the EFRAG consultation regarding its first set of draft ESRSs
On 27 September, the ESBG, together with the European Banking Federation (EBF), the European Association of Co-operative Banks (EACB), Insurance Europe, Accountancy Europe, Business Europe and…
September 9, 2022
ESBG response to the EFRAG consultation on its first set of draft ESRSs calls to ensure levelled global playing field
In its response to the European Financial Reporting Advisory Group (EFRAG) public consultation on the first set of Draft EU Sustainability Reporting Standards (ESRSs), the European Savings and Retail…
September 7, 2022
EU Taxonomy minimum safeguards: Criteria for the application of external checks should be further defined
The European Savings and Retail Banking Group submitted its final response to the Platform for Sustainable Finance (PSF) consultation on its draft report on minimum safeguards (MS). In its response,…
August 3, 2022
International Sustainability Standards Board consultation on Sustainability Disclosures
The International Sustainability Standards Board (ISSB) has been established at COP26 with the purpose of developing a comprehensive global baseline of sustainability disclosures for the capital…
July 8, 2022
World savings and retail banks call for harmonised taxonomies on sustainable finance
The World Savings and Retail Banking Institute (WSBI) called today on policymakers for the harmonisation of taxonomies on sustainable finance. At the end of the 26th WSBI World Congress, the…
July 7, 2022
World savings and retail banks moving forward on sustainability
World Savings and Retail Banking Institute (WSBI)'s members get together for the first time since 2018 at the 26th World Congress, in Paris. Under the title 'Locally Rooted, Globally responsible' the…
May 27, 2022
ESBG calls for more feasible rules on the new corporate sustainability due diligence
In its response to the European Commission call for feedback on the proposal for a Directive on Corporate Sustainability Due Diligence, the European Savings and Retail Banking Group (ESBG) suggests…
April 28, 2022
ESBG response to ESMA’s consultation on guidelines of MiFID II suitability requirements
ESBG's response to the European Securities and Market Authority (ESMA) consultation on some MiFID II sustainability aspects. European banks calls for clear procedures and to avoid unnecessary…
March 3, 2022
Strengthening the quality of corporate reporting and its enforcement in the EU
The consultation aims to evaluate the impact of the EU framework on the three pillars of high quality and reliable corporate reporting: corporate governance, statutory audit and supervision. This…
February 25, 2022
European Commission Banking Package proposal
ESBG responded to the European Commission “have your say" consultation on the Banking Package proposal.
