EU Lawmakers Vote for Stronger Cyber Protection for Crypto, Other Finance

The crypto world is highly prone to hacks and attacks, but the jury is out on the impact the new measures will have.

AccessTimeIconNov 10, 2022 at 10:42 a.m. UTC
Updated Nov 10, 2022 at 4:22 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

European Union lawmakers Thursday showed support for strict cybersecurity rules on crypto providers and other financial firms in a 556-18 vote.

The European Commission proposed the bill in 2020 given fears that banks were outsourcing data to the same handful of major, unsupervised cloud computing companies – but the impact it will have on a crypto sector that is plagued by cyberattacks and other exploits remains disputed.

The Digital Operational Resilience Act (Dora) is “a cornerstone of our work on digital finance in the European Union, making sure that we support innovation and do it in a safe way,” European Commissioner Mairead McGuinness said in a Wednesday night debate on the law. “Protecting the financial system from cyber attacks and cyber fraud is vital.”

Financial institutions will have to monitor and report major cyber incidents and test defenses, and the big tech firms offering them services must submit to supervisory oversight, McGuinness said.

The vote formalizes a deal struck between the European Parliament and EU member governments in May. As well as banks and payment firms, it applies to crypto companies such as wallet providers who are set to be regulated under the bloc’s Markets in Crypto Assets Regulation (MiCA) and indeed the two laws were originally proposed as a package.

“After the vote on the cryptocurrency legal act and blockchain, this is one more step towards Europe's digital sovereignty,” said centrist French lawmaker Stéphanie Yon-Courtin. “This will protect European investors on the one hand, but it will also prepare financial enterprises against cyber attacks on the other.

In the EU, that could be a significant change for the crypto sector, which may have lost as much as $3 billion in hacks worldwide this year – but some are concerned it comes at the cost of privacy.

“When cryptocurrencies appeared people went there because they thought they would be free from surveillance,” said Ivan Sinčić, who is president of, and only EU lawmaker for, Croatia’s Ključ Hrvatske party. “If we regulate it now we'll have another world where they will be controlled with biometric control … these measures are undermining the idea of cryptocurrencies.”

MiCA itself is set to be voted on by a plenary session of the parliament in February, after suffering delays due to its length and complexity.

Quotes have been translated from the original language.

CORRECTION (November 10, 2022, 13:27 UTC): corrects voting numbers in first paragraph.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Jack Schickler

Jack Schickler was a CoinDesk reporter focused on crypto regulations, based in Brussels, Belgium. He doesn’t own any crypto.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.