ESMA prioritises cyber risk and digital resilience in 2026 supervisory strategy

The European Securities and Markets Authority (ESMA) has announced that cyber risk and digital resilience will remain central to its Union Strategic Supervisory Priorities (USSPs) for 2026. This follows strong engagement from national competent authorities (NCAs) and aligns with the implementation of the Digital Operational Resilience Act (DORA), enhancing ICT risk management and supervisory coordination across EU financial markets. ESMA urges NCAs to sustain supervisory momentum into 2026, as coordination between authorities' supervisory work and the DORA oversight framework will be essential. Additionally, NCAs will target supervisory efforts to consolidate achievement under the environmental, social and governance disclosures USSP, with a focus on high-risk areas. ESMA will also consider the potential introduction of new supervisory topics to address emerging risks at the Union-wide level in the following years.

Return to main website.