The European Union (EU) has been providing regulations and guidance around emerging issues caused by the shift to an information economy. At the forefront of these efforts stands the General Data Protection Regulation (GDPR), which set a global standard for data protection when it came into effect in 2018. However, legal guidance on information and communication technologies (ICT) used to deliver critical services needed clearer definition, especially for banking and financial institutions where regulations were minimal. In 2020, the EU responded by drafting the Digital Operational Resilience Act (DORA).
By understanding and adhering to DORA’s requirements, organizations can not only mitigate regulatory risks but also capitalize on the opportunities presented by the information economy. In this white paper, we delve into:
- Who DORA applies to
- Key provisions of the regulation
- DORA’s implications for financial entities operating within the EU
- Practical insights for achieving compliance while maximizing the value of data assets