# DORA and the Bank of Lithuania: Practical Guide for Fintechs Source: https://www.cyadviso.com/dora-bank-of-lithuania Last reviewed: 2026-05-01 Country: Lithuania (LT) Tags: DORA, Lithuania Lietuvos bankas as the DORA competent authority for fintechs in Lithuania: who is in scope, ICT incident reporting framing, evidence checklist and 2026 sources. --- ## Short answer In Lithuania, the Bank of Lithuania (Lietuvos bankas) supervises the financial entities that fall within DORA scope, including EMIs, payment institutions, investment firms and CASPs authorised under MiCA. Reporting channels, templates and submission instructions should be verified on the Lietuvos bankas website before filing. ## Competent authorities - **Bank of Lithuania (Lietuvos bankas)** (Lietuvos bankas) — https://www.lb.lt/en/ ## Entities in scope - Credit institutions (banks) - Payment institutions and electronic money institutions (PIs / EMIs) - Investment firms - Crypto-asset service providers (CASPs) authorised under MiCA - Insurance and reinsurance undertakings, where supervised in this jurisdiction - Other financial entities listed in DORA Article 2 ## Jurisdictional nuances - Lithuania is one of the larger EU markets for EMIs and payment institutions, so DORA scope frequently overlaps with PSD2 and EMD obligations. - MiCA authorisation in Lithuania flows through Lietuvos bankas; CASPs become DORA-in-scope financial entities the moment authorisation takes effect. - Existing supervisory expectations on outsourcing and ICT risk (built on EBA Guidelines) are the operating baseline that the DORA framework attaches to. ## Primary sources - Bank of Lithuania — Supervision — https://www.lb.lt/en/supervisory-activities - Bank of Lithuania — Crypto-asset services (MiCA) — https://www.lb.lt/en/markets-in-crypto-assets - Regulation (EU) 2022/2554 — DORA, EUR-Lex — https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32022R2554 - European Banking Authority — Digital Operational Resilience Act (DORA) — https://www.eba.europa.eu/activities/direct-supervision-and-oversight/digital-operational-resilience-act --- Canonical HTML: https://www.cyadviso.com/dora-bank-of-lithuania Authored by Andrey Gubarev — CISO for EU fintechs (CISM, CDPSE, SABSA). CyAdviso · DORA / ICT risk / vCISO programmes for EU-licensed fintechs.