DORA-The EU’s New Regulations for Crypto

The EU has been flirting with regulations for the crypto industry, postponing the vote on the Markets In Crypto Assets bill (MICA) until February 2023 to give lawmakers time to unpack the enormous piece of legislation. In the meantime, they have passed a portion of the larger legislation called the Digital Operations Resilience Act (DORA).

• This law will set new rules on cybersecurity monitoring for crypto asset service providers and develop a standard process for reporting cybersecurity incidents.
• The law will apply to EU-regulated financial entities such as traditional finance banking, investment firms, and electronic money and crypto asset service providers. It will also apply to tech service providers for these markets such as data analytics companies.
• Frances Fitzgerald, a co-drafter of the law, said “financial institutions and companies, including in the crypto space, hold extremely sensitive information about customers and it is vital that EU-wide digital security measures are put in place to defeat the threat that exists.” 

Although the larger bill is back up for review in February, cybersecurity monitoring and reporting is one area where crypto proponents and naysayers can probably agree. It is difficult to speculate how much of MICA will get passed in the future, but rushing DORA to vote was most likely due to the fact that October 2022 was named ‘the worst month in the worst year for crypto hacks‘ by Chainalysis.