The European regulator Esma has revealed that cyber risk and digital resilience are now the primary focus of its Strategic Supervisory Priorities. Photo: European Securities and Markets Authority

The European regulator Esma has revealed that cyber risk and digital resilience are now the primary focus of its Strategic Supervisory Priorities. Photo: European Securities and Markets Authority

The European Securities and Markets Authority announced on Thursday that its supervisory priorities will now include cyber risk and digital resilience, in anticipation of the Digital Operational Resilience Act coming into effect in 2025, while maintaining a strong emphasis on enhancing ESG disclosures to tackle greenwashing and enhance investor comprehension.

In a recent shift of focus, the European Securities and Markets Authority has updated its Union Strategic Supervisory Priorities to include cyber risk and digital resilience as core concerns, the EU-wide market regulator on Thursday 9 November.

This move is in alignment with the imminent introduction of the Digital Operational Resilience Act, set for enforcement in 2025, said Esma. The regulator emphasised the need for improved supervision and the building of new supervisory capacities to keep abreast of rapid market and technological advancements and to mitigate the widespread impact of cyber-attacks and disruptions.

The introduction of the new USSP aligns with a proactive timeline ahead of Dora’s implementation, providing member state supervisors and firms with adequate preparation time for compliance. Esma and national regulators have commenced the planning and development of supervisory activities to support the new priority.

Esma will continue its commitment to enhancing environmental, social and governance disclosures as a secondary priority. Through this continued effort, Esma said that it seeks to combat greenwashing, enhance investor comprehension and embed sustainability within firms’ advisory services to investors, with a concentrated focus throughout 2024 on key segments of the sustainable finance value chain, including issuers, investment managers and investment firms.

The prioritisation of cyber risk and digital resilience will supersede the previous focus on ‘market data quality,’ clarified the regulator in the press statement. Esma, along with member state financial regulators, has made significant strides in this domain, establishing uniform data quality methodologies and frameworks for data sharing, Esma stated. The authorities have also improved their capacity to detect supervisory issues and have developed tools to extract more intelligence from reported data.

Esma stressed that ensuring data quality remains a core responsibility for firms, particularly their senior management, who must not only report data but also leverage it for internal use. Supervisory activities surrounding data quality will persist, utilising the methodologies and tools derived from past USSP initiatives.

Esma underlined the ongoing importance of this area in fostering a data-driven supervisory approach, a strategic goal outlined in the . The USSPs continue to serve as a vital instrument for Esma to coordinate and concentrate supervisory efforts with national regulators on specific topics across the EU, it asserted.

Related articles