The proposed Digital Operational Resilience Act (DORA) aims to harmonize ICT risk requirements across Europe. What does that mean for you?
The Digital Operational Resilience Act (DORA) Proposal was published in response to the European Commission’s Digital Finance Strategy (September 2020), which tackles digital transformation risk mitigation through prescriptive and consistent rules on digital operational resilience. It aims to create one unified approach across Europe, across regulators and across the financial services industry.
Whilst official regulation is still in draft form within Europe, regulators expect financial institutions to begin focussing on operational resilience. Moreover, we see an increased interest in the Belgian financial services sector. The December 2020 Statement issued by the European Central Bank (ECB) regarding supervisory cooperation on operational resilience focused on the following key points:
Operational Resilience is an existing key strategic theme across the financial services industry as well as wider across Information Communications and Technology companies providing services to financial services firms. To date, we have seen a number of interest groups publish their approach to Operational Resilience and DORA specifically.
DORA will apply to the whole financial sector. It will also apply to firms captured within the expanded regulatory perimeter under the term ‘critical ICT third-party service providers’, which will include services such as cloud resources, data analytics and audit.
Although the Act is currently still in draft form and the final regulations are only expected to be published by 2022, it is imperative for firms to start thinking about, and working on, their operational resilience journey.
Below we present high-level items to help you understand the regulation and identify where to focus. It outlines DORA’s specific objectives:
Despite this regulation being brand new, geevo® can help you prepare. We have a track record of delivering operational resilience transformation projects through our multidisciplinary teams, and can help you evolve, grow and comply in this rapidly changing regulatory environment.