What is the Digital Operational Resilience Act (DORA)?

The Digital Operational Resilience Act is a regulation that was adopted by the EU in 2022 and will become effective in January 2025. It is designed to harmonise the rules and requirements relating to operational resilience for the financial sector across the EU, covering over 20 different types of financial entities as well as ICT (Information and Communications Technology) third-party service providers.More than just a recommended safeguard, DORA is a critical regulation that seeks to strengthen the cybersecurity posture and operational resilience of the European financial system as a whole. To achieve that, DORA mandates that financial institutions understand their entire IT infrastructure, including third-party suppliers and identify potential vulnerabilities and risks. These entities will be expected to implement robust strategies to protect their systems, data, and customers from disruptions.