EU’s new ‘DORA’ rules come into effect: What does it mean for crypto?
Cryptocurrency businesses in the EU must comply with new cybersecurity regulations under the Digital Operational Resilience Act (DORA), effective January 17. DORA mandates that financial entities maintain a comprehensive register of contracts with third-party IT service providers to enhance infrastructure safety and risk management. This regulation complements the EU’s Markets in Crypto-Assets Regulation (MiCA), aiming to bolster resilience against cyberattacks and IT failures, thereby improving investor protection and market integrity. MiCA-licensed firms, such as MoonPay and Gemini, are implementing strategies to ensure compliance with DORA. The act also affects third-party providers used by virtual asset service providers (VASPs), potentially leading to consolidation among service providers to meet security standards. DORA emphasizes the importance of cybersecurity, third-party risk management, and incident response protocols in the crypto sector.
