Comments on the Commission guidance on the application of the Cyber Resilience Act (CRA)

The Commission guidance can help better understand the CRA requirements. In this context, there are still a number of questions, which we explain in the attached appendix. We also support the issuance of further guidelines under Article 26 of the CRA regarding the interaction between the CRA and Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (DORA). As we have already noted in previous comments we call for clear exemption from the CRA for financial entities subject to DORA.

DK zu den Leitlinien der Europäischen Kommission zur Anwendung des Cyber Resilience Act

PDF

01.04.2026

Download

This might also interest you:

Comments

16th of March 2026

GBIC comments on amending Delegated Regulation (EU) 2019/98

The German Banking Industry Committee (GBIC) welcomes the objective of revising Commission Delegated Regulation (EU) 2019/980 to simplify prospectus requirements, streamline their content and further standardise format and structure, thereby reducing administrative burdens for issuers, improving comparability for investors and strengthening access to EU capital markets.

Comments

21st of January 2026

Input on a revised Delegated Act concerning standards for sustainability reporting

under the Corporate Sustainability Reporting Directive (CSRD)

The German Banking Industry Committee (DK) has taken a position on the revision of the ESRS and the EU taxonomy as part of the participation process initiated by the Federal Ministry of Justice and Consumer Protection (BMJV).

Comments

30th of December 2025

GBIC Comments on the Draft Implementing Act for EUDIW User Onboarding under eIDAS 2.0

The statement relates to the European Commission’s draft implementing act on the onboarding of users to the European Digital Identity Wallet (EUDIW) under the amended eIDAS-Regulation (eIDAS 2.0).