The Digital Operational Resilience Act – Challenges For a Safer Financial Institutions

The Digital Operational Resilience Act (DORA) is the latest regulation issued by the European Union to address the financial sector's growing reliance on technology and manage the associated cyber security risks. DORA sets the whole framework and extends the requirements for financial sector resilience not only to financial institutions themselves, but also extends the security requirements to suppliers of critical ICT services. This paper nalyses the main issues of implementation starting with just determining whether a company is subject to DORA through to the actual implementation and the impact of DORA on internal processes, capabilities and more. The key problems associated with the implementation of DORA can be clearly considered to be the financial and time complexity of the implementation, the short timeframe for implementation, the degree of impact of DORA on the internal processes of companies and the need for significant changes within IT, IT process, IT Risk Management and especially the lack of experts with adequate knowledge and experience.