TLDR:
- DORA (Digital Operational Resilience Act) is a new EU regulation aimed at ensuring cybersecurity and operational resilience in the financial sector by 2025.
- Capgemini’s Global Head of Cloud for Financial Services, Ravi Khokhar, highlights the challenges and opportunities for financial organizations and fintechs.
Capgemini’s Global Head of Cloud for Financial Services, Ravi Khokhar, discusses the challenges and opportunities presented by the upcoming Digital Operational Resilience Act (DORA) in a recent article. DORA is an EU regulation that aims to ensure that all participants in the financial system have adequate measures in place to address cyber-attacks and other risks. The regulation, set to come into full effect by 2025, requires organizations to conduct risk assessments, predict potential problems, and report any incidents that occur. Khokhar emphasizes the importance of standardizing resiliency requirements, active cyber risk management, and regular testing and reporting of IT systems to comply with DORA. Additionally, DORA mandates the implementation of disaster recovery and business continuity measures, as well as incident tracking and reporting. While the challenges to comply with DORA may seem extensive, Khokhar also highlights the opportunities it presents for institutions to establish a unified ICT risk management framework and potentially drive global adoption of digital single market standards in the financial sector. With DORA expected to go into full effect in 2025, organizations are encouraged to start early and focus on pillars of resilience such as ICT risk management, incident reporting, operational reliance testing, third-party risk, and information sharing to ensure compliance.