Demo
Free attack scan · then autonomous pentesting Try the free scan →
Insights · Week 20 / 2026 16 May 2026 6 min read

DORA Year One reflections, BaFin enforcement patterns, EU AI Act red-teaming guidance

Sixteen months into DORA enforcement, two BaFin enforcement patterns worth flagging. EU Commission draft on Article 15 red-teaming for high-risk AI systems lands for consultation. Pentera surpasses $100M ARR. The week in EU cybersecurity governance.

1. DORA Year One — what 16 months of enforcement revealed

The Digital Operational Resilience Act has been in force since 17 January 2025. Sixteen months of national-authority enforcement data has consolidated into recognisable patterns. Three from the BaFin practice worth flagging:

  • Closed evidence chain is non-negotiable. Findings → assessment → plan → remediation → retest. The absence of a retest column in the pentest report is the most common evidence-chain failure point in audits this year.
  • Third-party findings flow into the supplier register. Open-source CVEs, SaaS-integration vulnerabilities, partner-API gaps must attribute to the specific supplier under Article 28(3). Generic "third-party risk" sections in audit submissions are being rejected as insufficient.
  • "Proportionality" is operationalised. Article 24's "appropriate and proportionate" language is read through MaRisk-style risk-profile derivation. Entities running non-trivial public frontends are held to concrete expectations beyond a generic vulnerability scan.

We covered this in more depth on the blog last week: DORA Article 24 pentest requirements — the complete guide.

2. EU Commission draft — Article 15 red-teaming for high-risk AI systems

The EU Commission released a draft implementing regulation for Article 15 of the AI Act, covering "accuracy, robustness, and cybersecurity" of high-risk AI systems. The relevant cybersecurity test obligation:

  • Red-team testing required for high-risk AI systems before market placement. "High-risk" classification follows Annex III of the AI Act (employment, education, law enforcement, critical infrastructure, etc.).
  • Documentation of attacker scenarios tested, adversarial inputs attempted, mitigations applied. Stored in the EU AI Act technical-documentation file for 10 years post-market-placement.
  • Continuous monitoring for model drift and emerging adversarial-input categories. Initial red-team is not a one-and-done.

The consultation period runs through Q3 2026; final regulation expected Q1 2027. Operationally relevant for any EU entity placing a generative model, classifier, or decision-support system into one of the Annex III high-risk categories.

3. Market structure — Pentera passes $100M ARR

Pentera announced in January that it crossed $100M ARR — the first autonomous validation platform to reach what their CEO calls "Centaur" status. Customer base: 1,200+ enterprises across 60 countries. Recent acquisitions: DevOcean (AI remediation, October 2025), EVA Information Security (AI red-teaming, November 2025).

The relevant observation for EU SMEs: Pentera operates squarely in the enterprise network-validation market — $35K+ per customer, sales-led motion, continuous validation product. Most EU SMEs under DORA / NIS2 don't have the budget or operational maturity for that consumption model. The autonomous-pentesting market is wide enough for both the enterprise continuous-validation segment (Pentera, Horizon3.ai) and the SME on-demand audit-ready segment (where SQUR plays).

For the full comparison: SQUR vs Pentera — different markets, honest comparison.

4. National authority round-up

  • BaFin: two enforcement actions this week against mid-sized payment institutions for inadequate ICT testing documentation. Fines under €500K each but consistent with the "evidence chain" pattern above.
  • AMF (France): published updated guidance on Article 28 supplier-register requirements. Mirrors BaFin's third-party-finding attribution expectations.
  • AFM (Netherlands): signalled focus shift toward cloud-provider concentration risk under DORA Article 28a. Multi-cloud architectures with single-region failover will face scrutiny.
  • CSSF (Luxembourg): revised TLPT scoping memo — clarifies which fund-management entities now fall under significance criteria.

5. Operational watchlist for next week

  • Cyber Resilience Act — final implementing acts on conformity assessment for "important products with digital elements" expected for publication.
  • ENISA's annual threat-landscape report (typically late May) — sets the policy framing for autumn enforcement priorities.
  • NIS2 transposition deadline review in member states where transposition was delayed (Italy, Germany regional gaps).