Where do DMA and NIS2 Directive overlap?

In 3 article-level pairings recorded in the Fontvera corpus. The table above lists each pair with the specific articles and a plain-language description.

Where do DMA and NIS2 Directive conflict?

In 0 article-level conflicts. The most concrete ones are summarised in the Conflicts explained section.

Which regulation prevails in a conflict between DMA and NIS2 Directive?

Neither regulation resolves the conflict on its face. Conflicts are typically resolved by the more specific provision or by regulator guidance — a legal-judgement call, not a mechanical rule.

§ DMA · NIS2 Directive COMPARISON

DMA vs NIS2 Directive: Where They Overlap and Conflict

3 overlaps, 0 conflicts and 2 gaps mapped between DMA and NIS2 Directive in the Fontvera regulatory corpus.

Summary

DMA and NIS2 Directive both apply across European business activity, but they were drafted at different times with different policy goals. This page summarises every article-level crossref between the two in the Fontvera corpus.

3 overlaps mean the same conduct triggers obligations in both regimes — design controls once, document twice. 0 conflicts mean the two regulations push in opposite directions on a specific question. 2 gaps mean one regulation leaves something on a topic the other addresses.

Who this applies to

Compliance teams who need to map a single control framework onto both DMA and NIS2 Directive.

Compliance deadline

§ Detail

In depth

Summary statistics

Overlaps: 3 · Conflicts: 0 · Gaps: 2

5 article-level crossrefs catalogued between DMA and NIS2 Directive from the Fontvera EU regulatory corpus. Article numbers are verbatim from the underlying obligation_crossrefs table; descriptions are extracted, not paraphrased.

All crossrefs between these regulations

Article (A)	Article (B)	Type	Severity	Description
DMA Art 1	NIS2 Directive Art 13	overlap	low	[entity affected: Commission and Member States] Both regulations require close cooperation and coordination between the Commission and Member State authorities to ensure effective enforcement and info
DMA Art 27	NIS2 Directive Art 13	overlap	low	[entity affected: National competent authorities] Both regulations mandate that national competent authorities transfer or exchange relevant information with the Commission or other authorities regard
DMA Art 21	NIS2 Directive Art 20	overlap	medium	[entity affected: Gatekeepers / Essential and Important Entities] Both regulations impose obligations on entities to provide necessary information and ensure management bodies oversee compliance, thou
DMA Art ?	NIS2 Directive Art ?	gap	high	[entity affected: Gatekeepers providing Core Platform Services] Gatekeepers are subject to DMA market fairness rules but may not be explicitly classified as 'essential' or 'important' entities under N
DMA Art ?	NIS2 Directive Art ?	gap	medium	[entity affected: Commission] Neither regulation explicitly defines the protocol for the Commission to share DMA-specific market investigation data with NIS2 CSIRTs for cybersecurity threat analysis,

Overlaps explained

No conflict-type crossrefs were catalogued for this pair, but the 3 overlaps below mean a single control can be designed to satisfy both regulations at once. Plan the controls jointly to avoid duplicate effort:

DMA Art 21 vs NIS2 Directive Art 20 (medium severity) — [entity affected: Gatekeepers / Essential and Important Entities] Both regulations impose obligations on entities to provide necessary information and ensure management bodies oversee compliance, though DMA focuses on data/algorithms for market fairness and NIS2 on cybersecurity risk management.
DMA Art 1 vs NIS2 Directive Art 13 (low severity) — [entity affected: Commission and Member States] Both regulations require close cooperation and coordination between the Commission and Member State authorities to ensure effective enforcement and information exchange.
DMA Art 27 vs NIS2 Directive Art 13 (low severity) — [entity affected: National competent authorities] Both regulations mandate that national competent authorities transfer or exchange relevant information with the Commission or other authorities regarding compliance issues or incidents.

Which regulation takes precedence

EU law does not lay down a universal precedence rule between DMA and NIS2 Directive. In practice three resolution approaches apply: lex specialis (the more specific provision wins when both purport to govern the same conduct); regulator guidance (EDPB, EBA, ESMA and the AI Office have all issued joint readings on overlapping articles — check the most recent applicable opinion); and document the choice (when the regulations leave the call to the controller, the audit defence is your written reasoning, not the regulator's silence). Where the corpus surfaces a conflict rather than an overlap, treat that as an escalation path to legal — not a control-design question.

What this means for your compliance team

Treat the 3 overlaps as design opportunities — one control, two regulatory anchors. Treat the 0 conflicts as escalation paths to legal: the regulations themselves don't resolve them, you do, and you document the reasoning. The 2 gaps point at scenarios where one regulation is silent while the other speaks — assume the regulator who has the explicit rule will win.

Related Fontvera pages

Check your full compliance exposure with the 5-minute Fontvera diagnostic →

§ What Fontvera found

Documents in our corpus

Enforcement data is expanding. AI Act enforcement begins 2 August 2026 — this section will populate automatically as authorities and courts publish decisions citing the regulations covered on this page.

§ Cross-references

Related Fontvera intelligence

Need a cross-border briefing on this?

Search Fontvera ↵ Run the AI Act diagnostic

AI Act enforcement

63 days

until 2026-08-02, when most AI Act provisions begin to apply.