The European Securities and Markets Authority (ESMA), the EU markets regulator, has redefined its Union Strategic Supervisory Priorities (USSPs) to focus on digital resilience and cyber risk, alongside Environmental, Social, and Governance (ESG) disclosures. This new USSP replaces the existing USSP on market data quality.
ESMA claims that this enhanced regulatory emphasis on ICT risk management at financial firms aims to “keep pace with market and technological developments, and closely monitor potential contagion effects of attacks and disruptions across markets and firms.”
The new USSP will come into force in 2025, and will operate concurrently with the EU Digital Operational Resilience Act (DORA).
