DORA: More than meets the eye…
A look at how DORA will bring change in practical terms, including reach and extraterritoriality.
EU DORA
The Digital Operational Resilience Act (DORA for short) is intended to strengthen the IT security frameworks of financial entities and ensure that they remain resilient in the face of cybersecurity threats and in the event of severe operational disruption.
Overview
Notable
Latest News
Further Reading
Notable
DORA implementation firmly on track according to EU regulators
Remarks by Gerry Cross of the Central Bank of Ireland also highlight challenges and provide useful details.
Your DORA questions answered – Scope
The first of a series of six articles covering a practical session organised by Ashurst focuses on the scope of DORA.
Latest News
More on DORA
-
ECB issues new guidance on outsourcing cloud services
The guide sets out the central bank's expectations on the requirements of DORA, including good practices which add an additional layer of complexity.
-
What you need to know about ESMA's new Registration Guide
While not legally binding, the guide provides clarity on ESMA's assessment process for financial entities navigating the registration process.
-
BaFin publishes DORA document requirements cheat sheet
Comprehensive register of key documents is relevant to all organizations running digital systems and needing to ensure their security.
-
BaFIN to intensify third-party supervision in 2025
The regulator continues to be concerned about outsourcing dependency and concentration risk and wants to obtain clarity on technology interconnectedness in the financial sector.
-
Infringement procedures launched over delayed DORA transposition
Full implementation is vital for strengthening the EU's financial sector against increasing digital risks.
-
GRIP Extra: CFPB drops Zelle suit, Barclays suffers 3-day IT outage
Other news includes assistance from the SEC for filers using EDGAR, a probe into Nvidia shipments to Malaysia and another bank reviewing its approach to DEI.
-
Privacy experts give advice on complying with DORA and NIS2
Adequate preparation, identifying what and who is critical, and, above all, "practice, practice, practice" highlighted.
-
Podcast: Practice and procedure with GRIP – DORA implementation
DORA is a response to persistently elevated cyber threat levels, Jean and Thomas discuss how firms can achieve operational resilience.
Further Reading
