On the 10th May 2022, the European Commission, the European Parliament and the Council agreed on a common text for the Digital Operational Resilience Act (DORA) which will make sure the financial sector in Europe is able to maintain resilient operations through a severe operational disruption.
DORA sets uniform requirements for the security of network and information systems of companies and organisations operating in the financial sector as well as critical third parties which provide ICT (Information Communication Technologies)-related services to them, such as cloud platforms or data analytics services. DORA creates a regulatory framework on digital operational resilience whereby all firms need to make sure they can withstand, respond to and recover from all types of ICT-related disruptions and threats. These requirements are homogenous across all EU member states. The core aim is to prevent and mitigate cyber threats.
Given the ever-increasing risks of cyber attacks, the EU is strengthening the IT security of financial entities such as banks, insurance companies and investment firms. The Commission came forward with the DORA proposal on 24 September 2020. It is part of the larger digital finance package, which aims to develop a European approach that fosters technological development and ensures financial stability and consumer protection.
Source: Council
