- What are the requirements of the DORA legislation?
- Why is legislating operational resilience essential?
- How are financial institutions being held back from meeting these requirements?
- What liabilities and risks do third-party vendors pose to operational resilience?
- How are financial institutions responding to DORA requirements?
The financial world is in a transitional period towards a more digital and instant world. This digitised financial ecosystem is leading to changes in data ownership and protection and shifts in responsibilities and liabilities. It has also opened the financial world to a range of new vulnerabilities. In response to these developments, the European Union has established the Digital Operational Resilience Act (DORA), which aims to standardise mitigating operational risk and strengthen cyber resilience. This framework targets Europe, but has worldwide implications for operational resilience standards.
While DORA is set to come into full effect in January 2025, many financial institutions are facing critical roadblocks to their ability to meet the standards set out in the framework. Legacy infrastructure is at the core of these problems because it cannot effectively manage the level of digitalisation and effectively defend itself against attacks. Additionally to this financial institutions will often turn to third-party vendors to cope with the strain of this challenge.
Regardless of DORA, there will be a requirement and expectation of financial institutions to have operational resilience. It is important that the industry is working collaboratively and collectively for this legislation to be effective. Operational resilience is becoming more essential as the world becomes more digital, but many financial institutions are being held back by legacy systems and vulnerabilities. Financial institutions need to come together to review how they are tackling this.
Sign up for this Finextra webinar, hosted in association with NTT DATA, to join our panel of industry experts as they discuss the following areas:
- Gary Wright - Head of Research, Finextra [Moderator]
- Sumant Kumar - CTO, Banking & Financial Services, NTT DATA
- Kaspar Loog - Director of Product Management, LHV Bank
- Ramon Villarreal - Payments Sector Global Lead, Red Hat
- Andreas Papaetis - Senior Policy Expert, Digital Finance Unit, European Banking Authority (EBA)