Global Trustee and Fiduciary Services Bite Sized Issue 7 2023

Global Trustee and Fiduciary Services Bite-Sized | Issue 7 | 2023 2 QUICK LINKS CRYPTOASSETS CYBER DORA ELIGIBLE ASSETS DIRECTIVE FINANCIAL STABILITY BOARD FINTECH LTAF MICA MIFID II/MIFIR NBFI SUSTAINABLE FINANCE/ ESG ASIA EUROPE LUXEMBOURG NORTH AMERICA UNITED KINGDOM • Govern and manage organisational-wide cyber risks; • Identify and protect information assets that support critical business services; and • Detect, respond to and recover from cyber security incidents. The survey is accessible to ASIC regulated entities by logging into the ASIC Regulatory Portal, and following the link provided. ASIC will publish a report with key findings from the survey later this year. After the survey closes, participants who elected to receive an individual report will receive insights into how they have assessed their current cyber resilience capability compared to those of industry peers. Link to ASICMedia Release here DORA ESAs Consult on the First Batch of DORA Policy Products On 19 June 2023 the European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) launched a consultation on the first batch of policy products under the Digital Operational Resilience Act (DORA). This includes four draft regulatory technical standards (RTS) and one set of draft implementing technical standards (ITS). These technical standards aim to ensure a consistent and harmonised legal framework in the areas of ICT risk management, major ICT-related incident reporting and ICT third-party risk management. DORA, which will apply from 17 January 2025, aims to enhance the digital operational resilience of entities across the EU financial sector and to further harmonise key digital operational resilience requirements for all EU financial entities. This regulatory framework covers key areas such as ICT risk management, ICT-related incident management and reporting, digital operational resilience testing and the management of ICT third-party risk. DORA has mandated the ESAs to jointly develop altogether 13 policy instruments in two batches. The first batch of technical standards, on which the ESAs launched this consultation are the following: • RTS on ICT risk management framework and RTS on simplified ICT risk management framework; • RTS on criteria for the classification of ICT-related incidents; • ITS to establish the templates for the register of information; and • RTS to specify the policy on ICT services performed by ICT third-party providers. The ESAs expect to submit these draft technical standards to the European Commission by 17 January 2024. The consultation runs until 11 September 2023. Link to Consultation here ELIGIBLE ASSETS DIRECTIVE ECMakes Formal Request to ESMA for Review of the Eligible Assets Directive In a letter dated 6 June 2023, the European Commission (EC) wrote to the European Securities and Markets Authority (ESMA), making a formal request to ESMA for technical advice on the review of Commission Directive 2007/16/EC on UCITS eligible assets. ESMA is invited to propose clarifications on the key definitions and the criteria against which the eligibility of an asset is assessed. ESMA is also requested to analyse whether and to what extent cross-references to other EU legal frameworks could improve legal clarity and, where appropriate, consistency between these frameworks.