×
MACURA | Unikalna wiedza ekspercka

Kancelaria MACURA.
ul. Odyńca 7/13
02-606 Warszawa

T: (+48) 696-011-713
M: monika.macura@kancelariamacura.pl

See us on:

Our
experience

Cryptoassets and tokens|E-commerce|Lending institutions|Mergers and acquisitions|New technologies and IT|Payment services|Personal data|
Home / Experience / DORA implementation

DORA implementation

We continue to work with the client – a leading payment institution. Due to changes in the legal environment and the commencement of application of Regulation (EU) 2022/2554 of the European Parliament and of the Council of December 14, 2022 on the operational digital resilience of the financial sector and amending Regulations (EC) No. 1060/2009, (EU) No. 648/2012, (EU) No. 600/2014, (EU) No. 909/2014 and (EU) 2016/1011 (the DORA Regulation), the client asked us to prepare the necessary documentation and adapt its operations to the requirements of the DORA Regulation.

Due to the complexity of the work on the documentation, the we created project teams with the client, in which the work on the documentation was carried out. Also a different law firm was the project work, supporting the us in the work on adjusting the client’s internal documentation.

Due to the broad regulatory area, the project required the involvement of IT network security specialists. The project required the identification of critical business functions of the client’s adopted service delivery model and included a comprehensive analysis of current IT security measures used by the client.

As part of the our interdisciplinary collaboration with the client’s security, risk management, IT and customer service specialists, our team developed a strategy for building operational digital resilience and built principles for managing risks associated with ICT incidents.

During the course of the project, we also provided support in negotiating contracts with ICT service providers supporting the Company’s business functions and analyzed annex proposals submitted by the Company’s contractors.

Our team, in cooperation with the client, also developed internal documentation such as the Operational Digital Resilience Strategy, ICT Risk Management Policy and Communications Policy. In addition, we tailored the content of the client’s internal procedures to meet the requirements of the DORA Ordinance, including Security Policies, Business Continuity Policies, Internal Control Policies, Outsourcing Policies, and Internal Regulations for Security Incident Identification and Management.

See also:

#Payment services
Ongoing legal assistance, application for national payment institution license

We continue to work with the client – a small payment institution, providing payment services: issuing credit cards and providing payment credit to consumers.

more more
#Payment services
Issuance of credit card with revolving limit

We acted as sole counsel in the end-to-end launch of a revolving-limit credit-card product for a small payment-institution and one of the market’s most prominent consumer-lending brands. The mandate began at concept stage and extended through commercial go-live.

more more