Strengthening digital resilience in financial reporting
DORA (Digital Operational Resilience Act)
DORA (Digital Operational Resilience Act) is part of European Union regulations that focus on ensuring financial companies and institutions have strong operational resilience, particularly in the face of IT disruptions or cyber threats.
On July 17, 2024, the European Supervisory Authorities (EBA, EIOPA, and ESMA) introduced important updates under the Digital Operational Resilience Act (DORA). This new package includes:
- Four final draft Regulatory Technical Standards (RTS)
- One set of Implementing Technical Standards (ITS)
- Two guidelines
Recent cyber incidents have highlighted the pressing need for strong resilience and incident response capabilities. As financial institutions increasingly depend on complex IT systems, ensuring business continuity and data protection is essential.
The implementation of DORA requirements aims to ensure that financial services across the EU remain uninterrupted. The regulatory framework emphasizes proactive strategies, such as regular testing and improved incident reporting, to effectively manage cyber risks.
Next steps
The European Supervisory Authorities (ESAs) have already adopted the new guidelines. The final draft technical standards have been submitted to the European Commission for review.
Sectors impacted by DORA
DORA affects a wide range of businesses within the financial sector. Over 22,000 organizations across the EU will need to comply with the new reporting requirements.
Who does DORA apply to:
- Credit institutions
- Investment firms
- Insurance undertakings
- Reinsurance undertakings
- Payment institutions
- Electronic money institutions
- Central securities depositories
- Crypto-asset service providers
- Central counterparties
- Trade repositories
- Investment fund managers
Discover our SaaS solution for XBRL transformation from Excel
Contact us to find out more about how we can help you with DORA reporting