Cryptocurrency businesses in the EU now face new cybersecurity regulations as the Digital Operational Resilience Act (DORA) takes effect on January 17, 2025. DORA requires financial entities to maintain a comprehensive register of contracts with third-party IT service providers to enhance infrastructure safety and risk management. The aim is to bolster investor protection and market integrity against disruptions like cyberattacks. Companies licensed under the Markets in Crypto-Assets (MiCA) regulation must comply with DORA, prompting firms like MoonPay and Gemini to adopt new operational resilience strategies and update vendor relationships. DORA extends its influence beyond virtual asset service providers (VASPs) to cryptocurrency issuers, necessitating that even smaller service providers enhance their cybersecurity frameworks. This could lead to consolidation within the industry, as firms strive to comply with the stringent security requirements laid out in DORA. The act emphasizes the importance of third-party risk management and incident response protocols, indicating a shift towards increased operational resilience within the crypto sector.

Source 🔗