On 30 June 2026, all credit institutions and financial services institutions in Germany received an important circular: Following the consultation...
Financial Sector & Compliance
usd AG Listed as EPI Partner for Mobile Security Evaluations
The popularity of mobile payments is growing, and with it, the demand for verified security. usd AG is expanding its activities in the EPI...
KAMaRisk in the Consultation Phase
After Bafin (Federal Financial Supervisory Authority) released the draft of the 9th amendment to MaRisk for consultation in early April, the...
CRA Reporting Obligations from September 2026: Have You Considered Them?
Many manufacturers of products with digital elements continue to focus their preparation for the Cyber Resilience Act (CRA) strongly on 2027. Then...
Effectively Implementing Third-Party Risk Management under DORA
The Digital Operational Resilience Act (DORA) is now a reality for financial institutions and their service providers. In 2026, the focus will shift...
EU Cyber Resilience Act (CRA): Threat Modeling as a Compliance Accelerator
The Cyber Resilience Act (CRA) is fundamentally changing how companies must prove the security of their digital products. In the future, security...
DORA Deep Dive: Threat-Led Penetration Testing (TLPT)
Since the publication of the original blog post in May 2024, the final version of the RTS for TLPT has been released. The blog post has been updated...
DORA Requirements Become More Concrete: Further RTS and ITS Published
Original publication date: July 30, 2024. Since this blog post was published, the final versions of the RTS and ITS have been released. You can find...
Update to the SWIFT Customer Security Controls Framework: What Changes Does CSCFv2026 Introduce?
Since 2017, the Customer Security Controls Framework (CSCF) has been helping organizations to effectively secure their SWIFT infrastructure. The aim...
Navigating DORA: Delvag's Successful Journey from Gap Analysis to Compliance
A cyberattack on an insurance company is far worse than just a technical problem: in addition to the breakdown of central IT systems, there is also...
New BSI Criteria Catalogues: Guidelines for the Use of AI in the Financial and Administrative Sectors
The German Federal Office for Information Security (BSI) has published two new sets of criteria for evaluating Artificial Intelligence (AI). They...
SWIFT CSCFv2025: Current Version of the Framework Brings Changes for Architecture Type B
Since its introduction in 2017, the Customer Security Controls Framework (CSCF) has aimed to strengthen the security of the SWIFT network. The aim...









