No Match Found
Today, information and communication technology (ICT) plays a vital role in the financial industry and the volume of data processed every day ever increases – with no end in sight. The regulatory landscape that addressed operational resilience with respect to services provided and regulatory compliance for financial entities in Europe was until the entry into force of DORA very heterogenous. Banking institutions were for example facing much higher regulatory standards on paper than other financial entities such as Management Companies, Alternative Fund Managers and Insurance Companies.
As of January 2025 around 22,000 of EU regulated financial entities (e.g. banks, insurance companies, management companies, AIFMs, PSF (expected)) are required to comply with uniform regulatory standards that have two main objectives:
Build, assure and review the operational integrity of the service and operating model to ensure the continued provision of (the quality of) the financial services including throughout disruptions; and
Limit the risk of contagion within the EU financial system by prescribing a harmonised minimum standard of digital operational resilience.
DORA is establishing several pillars with detailed and specific requirements to be considered. Next to the pillars shown below, DORA also details Governance requirements that specifically address the expectation for skills and expertise, involvement and understanding of ICT at local (management) level as well as the establishment of a new 2nd line control function for operational ICT risk.
Below you will find a selection of the topics that are relevant within the different DORA pillars.
DORA is an all-encompassing regulation that will challenge every organisation to its core. We recommend the following approach:
We recommend starting in 2023 as some of the foundations that are required to implement a successful DORA project will require a significant lead time and business decisions on the service and business model set-up.
Deputy Managing Partner, Technology & Transformation Leader, PwC Luxembourg
Tel: +352 49 48 48 4174
Advisory Partner, Cybersecurity & Privacy Leader, PwC Luxembourg
Tel: +352 49 48 48 2096
Advisory Partner, Regulatory & Change Management, PwC Luxembourg
Tel: +352 49 48 48 3612
Advisory Partner, Technology Partner and Digital Leader, PwC Luxembourg
Tel: +352 62133 35 33