The European Supervisory Authorities (ESAs) — including the EBA, ESMA, and EIOPA — have signed a Memorandum of Understanding (MoU) with ENISA to strengthen cybersecurity collaboration in the financial sector.
👉 Official Source — ESMA
Key Points of Cooperation
The MoU establishes:
-
Joint cybersecurity incident reporting guidelines.
-
Exchange of expertise on ICT risk management and resilience testing.
-
Collaboration on oversight of critical third-party ICT providers (in line with DORA — the Digital Operational Resilience Act).
Business Impact
Financial institutions and their technology partners must now:
-
Strengthen their ICT incident reporting workflows.
-
Align with ENISA’s EU-wide resilience testing frameworks.
-
Ensure third-party providers adhere to both DORA and ENISA security standards.
For compliance consultants, this opens opportunities to assist financial clients in achieving multi-regulatory alignment across GDPR, DORA, and NIS2.