EU has identified a high degree of interconnections across financial services, significant cross-border activities of financial entities and an extensive dependency on ICT third-party service providers for the financial sector. As a result the financial sector suffers an increased vulnerability to cyber threats or ICT disruptions.

Building Digital Operational Resilience

The European Commission published the first draft of the Digital Operational Resilience Act (DORA) as part of the Digital Finance Package (DFP) in fall 2020. The DFP includes a comprehensive package of measures to enable and support the innovation and competitiveness of digital finance while reducing vulnerabilities and risks.

Moreover, DORA addresses the risk side of DFP with the with the preamble stating that digitalisation and operational resilience within the financial sector are two sides of the same coin. Furthermore, the European Union (EU) cannot reach digital operational resilience without adequately harmonising protection across the union.

Why is DORA needed?

While most financial entities integrate high digitalisation and connectivity, they need to incorporate digital resilience into their operational frameworks. Furthermore, EU members perceive an absence of detailed and comprehensive rules on digital operational resilience, leading to the proliferation of national regulatory initiatives and supervisory approaches. This underscores the importance of understanding why DORA is crucial in addressing these challenges.

DORA presents the fundamental requirements within Information and Communication Technologies (ICT), risk management, information security and ICT outsourcing. Notably, DORA intends to harmonise the requirements across the EU by establishing one single comprehensive regulation for the financial industry.

Advisense help you navigate

We are committed to delivering in-depth expertise and pro-active advice to our clients. Additionally, our teams have successfully assisted numerous financial service entities adhering to the EBA, EIOPA ICT and security risk management regulations and prepared for the introduction of DORA. Furthermore, we have assisted third-party providers in adopting DORA.

For further information on Digital Operational Resilience Act (DORA), click here. We have identified five key challenges that your financial services organisation may encounter during the implementation of DORA. You can find information about them in this article.

Want to find out how Advisense can help you?