GREECE Law and Practice Contributed by: Paris Tzoumas, Vivian Efthymiou and Dimitrios Mekakas, Zepos & Yannopoulos
into such agreements, ensure service provid - ers meet high security standards, and have audit and inspection rights. Therefore, their outsourcing arrangements will need to be re-assessed on this basis. Outsourcing agree - ments should include specific provisions under DORA (including clear service descrip - tions, security requirements, and exit strate - gies to minimise disruptions in the event of termination). Additionally, concentration risks and subcontracting must be carefully evalu - ated, particularly when dealing with providers in third countries. In summary, DORA represents a significant shift in how financial institutions and credit institu - tions will manage their digital operations and risks in an increasingly tech-driven environment. It aims to ensure that institutions are better pre - pared to handle disruptions and cyber threats, while holding them more accountable for their ICT systems’ resilience and third-party depend - encies. Therefore, credit institutions need to implement the appropriate policies, procedures and measures to ensure compliance with the new requirements.
EU’s recovery from the COVID-19 pandemic and the transition to climate neutrality. There are also provisions going beyond Basel III, such as credit institutions’ obligations to identify, disclose and manage ESG risks at individual level, the har - monised framework in relation to fit and proper assessment of key function holders, and a new common framework in relation to third-country institutions’ branches due to their material foot - print in the EU. It is important to note that third-country under - takings wishing to offer “core banking servic - es” in an EU member state will need to assess their model of operation and seek legal advice in order to evaluate whether they will trigger a third-country branch authorisation requirement under CRD VI. CRD VI must be transposed into national law by EU member states by 10 January 2026, and it will be generally applicable from 11 January 2026. However, the provisions on third- country branches will be applicable one year later, on 11 January 2027. Proposals on payment services and credit transfers A proposal for the Payment Services and Elec - tronic Money Services Directive (PSD3), Pay - ment Services Regulation (PSR) and Regulation on a Framework for Financial Data Access (FIDA) was issued on 28 June 2023. The package aims, inter alia, to contribute to further harmonisation and the consistent application of legal require - ments, avoiding regulatory arbitrage and ensur - ing a level playing field between the different types of payment-service providers. In March 2024, Regulation (EU) 2024/886 amending, inter alia, Regulations (EU) 260/2012 and (EU) 2021/1230 as regards instant credit transfers in euros was adopted in order to force credit institutions to offer instant payments in
11. Horizon Scanning 11.1 Regulatory Developments EU Regulations The EU banking package
One of the most significant legislative initiatives at EU level is the recently adopted EU bank - ing package implementing the Basel III frame - work, and, more specifically, CRR III and CRD VI adopted by the European Parliament in May 2024 to fully apply the Basel III standards. The new provisions aim to ensure that EU credit insti - tutions become more resilient to potential future economic shocks, while also contributing to the
230 CHAMBERS.COM
Powered by FlippingBook