IT Security Regulatory Update | April 2024

Focus: Financial stability in Germany, DORA, expansion of banking supervision

← NoSQL Databases - Definition, Overview & Context | 30.04.24 FPSL release upgrades - ADWEKO’s guideline for a successful execution | 14.05.24 →

Highlight from April 2024

Bundestag publishes tenth report on financial stability

The Bundestag has analyzed the stability of the German financial system, focusing on global and national economic developments.

“Stay up to date with our monthly regulatory update on IT Security Management!”

German Bundestag publishes tenth report on financial stability

The German Bundestag’s tenth report on financial stability analyzes the stability of the German financial system in the context of global and national economic developments. He sheds light on the challenges posed by higher interest rates and geopolitical uncertainties, in particular the impact of the war in Ukraine.

The report highlights risks in the German financial system, primarily for banks, insurers and the real estate market, and discusses the impact of interest rate changes and macroeconomic conditions on financial stability. It emphasizes that the German financial system has remained stable despite some strains in the reporting period, but warns of possible future risks and underlines the need for continuous monitoring and adjustment.

You can find the tenth Financial Stability Report here.

ESAs publish factsheet on the dry run in the context of the information register

The ESAs will launch a voluntary exercise in May to collect information on contractual arrangements for the use of third party ICT providers as required by DORA. The information is collected via the competent authorities and is intended to help financial companies prepare for the creation of their information register, the collection of relevant information and the reporting of their information registers.

Financial institutions participating in the trial run will receive support from the ESAs on the format of the registers to test the reporting process, check data quality and improve internal processes and the quality of their registers. The ESAs will provide feedback on data quality to participating financial companies, return cleansed files with their information register, organize workshops and answer frequently asked questions. In this context, the ESAs have provided a factsheet with the relevant information on the dry run.

You can find the factsheets for the Dry Run here.

Source: © European Security and Markets Authority – ESMA, esma.europa.eu

Core principles for effective banking supervision

Based on feedback, the committee amended several requirements in the consultation document. The most important changes are summarized as follows:

Supervisory powers and responsibilities: Minor adjustments have been made to clarify the scope of supervisory access, the application of macroprudential supervision and the scope of supervisory discretion.
Business model sustainability: The definition has been amended to clarify its relationship to the business model analysis and to emphasize that responsibility for sustainable business strategies lies with the Bank’s Board of Managing Directors.
Corporate governance and risk management: Adjustments have been made to better align these areas with the Committee’s 2015 Corporate Governance Principles, improve the risk management process and allow flexibility in dealing with related party transactions.
Climate-related financial risks: A definition for these risks has been introduced and the requirements for scenario analysis and stress testing have been adjusted to allow for more flexible application.
Financial risks: Minor refinements have been made to improve consistency and clarity across various principles, particularly in relation to capital adequacy, concentration risks and liquidity risks.
Service providers and operational resilience: The definition of service providers was primarily clarified in relation to Group-internal units, and the requirements were adapted to the guidelines for outsourcing in financial services.
These changes aim to improve clarity, flexibility and consistency with established principles and frameworks.

The document with the core principles can be found here.

At ADWEKO, we keep an eye on national, European and international regulations for you and support you in their implementation.

The current regulatory developments can be found here.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional		The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary		This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy		The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.