Question ID: DORA214 - 3297
Regulation Reference: (EU) 2022/2554 - Digital Operational Resilience Act (DORA)
Topic: Other DORA topics
Article: 3(21)
Status: Rejected
Date of submission: 20 Mar 2025
Question
Do mobile apps fall under the scope of the DORA regulation as ICT services used by financial sector companies to provide digital products and services to their customers? For example, would mobile banking apps, mobile payment apps, crypto digital wallets, and trading apps be covered under DORA?
Background of the question
Today, several financial institutions rely mainly—or even solely—on mobile apps to offer financial services to their customers. A disruption in these services can compromise their operations, put customer data and corporate data at risk, and even expose customers and companies to fraud.
EIOPA answer
This question has been rejected because it is already answered in Q&A DORA030.