Podcast: Dr Katarzyna Parchimowicz on DORA

Dr Katarzyna Parchimowicz told GRIP about why the Digital Operational Resilience Act – DORA – is becoming applicable in 2025 and what it means for firms that could be designated as critical third party providers.

Dr Parchimowicz is Assistant Professor at the Academic Excellence Hub, Digital Justice Center of the University of Wroclaw, Associate Researcher at the European Banking Institute and Research Associate at the Amsterdam Center for Law & Economics. 

Her research focuses on international and EU financial regulation, especially the regulation of global systemically important banks and new technologies in financial system. She is the author of The Regulation of Megabanks. Legal Frameworks of the USA and EU.

The research discussed in this podcast has been conducted under the Legal Research Programme 2022 sponsored by the ECB. The main result stemming from it is the working paper ‘Do Not Get Lost in the Cloud. How EU Financial Institutions Could Avoid Legal and Practical Problems with Cloud Services Arising under DORA’ (being prepared for publication). Any views expressed are only those of the author and do not necessarily represent the views of the ECB or the Eurosystem.

We discussed:

  • why DORA is becoming applicable in 2025;
  • the practical challenges of DORA;
  • what and who will qualify as a critical third party provider (CTP);
  • why the rules will change for third party providers;
  • how much designated CTPs should expect to pay;
  • the fine line between regulation and oversight;
  • advice to vendors preparing for DORA;
  • how this will affect market competition and the potential for further monopolization of cloud services; and
  • how DORA differs from NIS2 and why they complement each other.

A transcript for this podcast is available here.