Description

By January 17, 2026, the European Commission shall carry out a review of DORA requirements and submit a report to the European Parliament and the Council on the appropriateness of strengthened requirements for statutory auditors and audit firms. National competent authorities are expected to carry out audits and supervisory reviews in early 2026.

Requirements

Review DORA compliance posture ahead of supervisory review
Prepare documentation for potential NCA audit
Ensure ICT risk management framework is current
Validate incident response procedures
Update digital operational resilience testing records

Applicable To

BanksInsurance CompaniesInvestment FirmsCritical ICT Service Providers

Penalty Information

⚠Non-compliance with DORA can result in administrative fines and supervisory actions by national competent authorities.

Passed

40 days ago

January 17, 2026

Share:X in @

Framework

DORA

Digital Operational Resilience Act

Related DORA Deadlines

DORA Register of Information Annual Submission
March 31, 2026
DORA ICT Risk Management Framework Review
June 30, 2026

DORA European Commission Supervisory Review