The Bank of France announced that it, the French National Agency for the Security of Information Systems and the Prudential Supervision and Resolution Authority have signed an agreement to strengthen information sharing and cooperation on information systems security in the financial sector. The arrangement is designed to support the three authorities’ complementary mandates as cyber risk to the financial system intensifies, and to reinforce coordination under the Digital Operational Resilience Act and the Network and Information Security 2 Directive. The agreement covers exchanges and cooperation on cyber incidents and threats, supervisory checks and mutual assistance, cyber crisis management, and threat-led penetration testing. Under the framework, the French National Agency for the Security of Information Systems will oversee application of NIS 2 and, through CERT-FR, handle the technical response to cybersecurity incidents affecting the financial sector. The Prudential Supervision and Resolution Authority is responsible for compliance with DORA by supervised firms, while the Bank of France is responsible in particular for the resilience of financial infrastructures. NIS 2 entered into force in January 2023 and is to be transposed nationally through a future Resilience Law, while DORA has applied since January 2025 as the sector-specific framework for financial entities.