Source: OJ L 333, 27.12.2022, pp. 153–163

Current language: EN

Article 8 Amendment to Directive (EU) 2016/2341


Summary What does Article 8 of the DORA directive say?

This article amends Directive (EU) 2016/2341, which governs the activities and supervision of institutions for occupational retirement provision (IORPs).

It replaces an existing provision to bring IORPs into alignment with DORA (Regulation (EU) 2022/2554) by explicitly requiring that their network and information systems be set up and managed in accordance with that regulation.

The broader obligation — to take reasonable steps to ensure continuity and regularity in their activities, including contingency planning — is retained, with DORA compliance now embedded within it.

Important points:

  • Member States are required to ensure that IORPs set up and manage their network and information systems in accordance with DORA.
  • The DORA obligation applies to IORPs where applicable, meaning it is not unconditional but subject to relevance in a given context.
  • This article connects directly to DORA, extending its digital operational resilience requirements into the occupational pensions sector.

Springlex's summary of the article, a reading aid, not a substitute for the legal text.

Article 21(5) of Directive (EU) 2016/2341 is replaced by the following:

  1. Member States shall ensure that IORPs take reasonable steps to ensure continuity and regularity in the performance of their activities, including the development of contingency plans. To that end, IORPs shall employ appropriate and proportionate systems, resources and procedures, and shall, in particular, set up and manage network and information systems in accordance with Regulation (EU) 2022/2554 of the European Parliament and of the Council(22), where applicable.

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod