EBF STATEMENT

Joint Statement on Duplication in the Cyber Resilience Act

BRUSSELS, 23 November 2023 – The European Banking Federation (EBF), together with the European Association of Co-operative Banks (EACB), the European Savings Banks Group (ESBG), the Association for Financial Markets in Europe (AFME) and the European Payment Institutions Federation (EPIF) released a joint statement on the ongoing process of finalizing the trilogue discussions on the Cyber Resilience Act (CRA).

The industry acknowledges that cross-sectoral rules on mitigating vulnerabilities within the lifecycle of digital products contribute to elevating cybersecurity throughout the entire supply chain. However, there are already rules in place for the financial sector that ensure its strong digital operational resilience and cybersecurity. The Digital Operational Resilience Act (“DORA”) introduces a comprehensive cybersecurity and ICT risk management regime that introduces requirements for financial services equivalent to the CRA.

Avoiding duplications and overlaps between the CRA and DORA is crucial for a clear, fit-for-purpose and harmonized European cybersecurity regulatory landscape. Therefore, we support the amendments introduced in the CRA text by the European Parliament that reference the compatibility of the CRA with other Union rules, notably DORA and financial services.

For more information:
Dimos Karalis, Policy Adviser – Cybersecurity & Innovation, d.karalis@ebf.eu

x

About the EBF:

The European Banking Federation is the voice of the European banking sector, bringing together national banking associations from across Europe. The EBF is committed to a thriving European economy that is underpinned by a stable, secure and inclusive financial ecosystem, and to a flourishing society where financing is available to fund the dreams of citizens, businesses and innovators everywhere.