Comments on the EU-Cyber Resilience Act

The EU Cyber Resilience Act (CRA) contains an opening clause. This clause allows the restriction or exclusion of products if they are already covered by other regulations addressing the same or higher cybersecurity risks. These restrictions or exclusions must be compatible with the general legal framework for these products. The sectoral regulations must achieve an equivalent or higher level of protection than this regulation provides. The German Banking Industry Committee (GBIC) is committed to ensuring that digital financial products distributed by the financial sector across the EU are eligible for such a restriction or exclusion.

Download

Comments on the EU-Cyber Resilience Act

PDF

02.04.2025

Download

Contact

Jörg Bernhauer

Banking Technology and Security

Related Content

Comments

27th of March 2025

GBIC interpretation of the DORA constellation

‘ICT service as part of a regulated financial service’

The background to the paper is the Q&A of the European Supervisory Authorities (EBA, ESMA, EIOPA) of 22 January 2025, which provides the EU Commission's clarification on this constellation.

Comments

26th of March 2025

EU Taxonomy: GBIC comments to amendments of delegated acts

In response to the European Commission’s consultation on its proposed changes to the delegated acts of the EU Taxonomy the German Banking Industry Committee (GBIC) issued a statement.

Comments

21st of March 2025

GBIC statement on the secure display of transaction data with the FIDO2 standard

Extending the specification to include a standardized interface for these functions is essential.