DORA: Turning Risk into Readiness in 180 Days

In a little under 180 days, the Digital Operational Resilience Act (DORA) is set to reshape the landscape for financial service providers (FSPs) in the European Union – and as the UK continues to play a pivotal role in European finance, UK-based FSPs must also prepare for compliance. 

Recent findings from the BDO Global Risk Landscape Report 2024 highlight a significant surge in regulatory concerns among business leaders and underscore the urgency of meeting the transition period ending in January 2025. In the last year, the proportion of leaders citing regulation as a top three risk has skyrocketed from 7% to 37%. The report attributes this spike to the evolution of AI, continued advancements in digitisation and increased focus on Environmental, Social, and Governance (ESG) standards – some of the biggest risks businesses can face with rigorous regulatory demands and substantial financial penalties for noncompliance.

Concerns about technological changes have also dramatically increased. 23% of leaders now cite it as a significant risk compared to just 4% the previous year, and 48% of those surveyed highlight the rapid pace of this change as a major risk their organisations are unprepared for. 

The Stakes are High 

For FSPs, DORA offers a comprehensive framework covering all aspects of operational resilience, from cybersecurity and incident management to data management and governance. However, the Act’s implications extend beyond traditional financial entities as it also mandates compliance from the FSP’s critical third-party Information and Communication Technology (ICT) service providers. Whether data centres, cloud platforms, or data analytics, all such ICT service providers must align with the standards outlined in the Act. 

In short, the aim of DORA is clear: to ensure that FSPs can withstand severe operational disruptions, such as cyberattacks and IT system failures, without compromising the continuity of financial services. This broad scope necessitates a meticulous approach from FSPs to ensuring their service providers - and their contractual arrangements - meet the nuanced range of operational resilience standards. 

The Path Forward 

DORA marks a significant shift in the regulatory landscape. It is a game-changer that reflects the fast-paced evolution of technology and the critical need for operational resilience - and the clock is ticking for FSPs to ensure compliance. At Lendscape, we understand the challenges and opportunities that come with this new regulation, and our extensive experience in secured finance technology equips us to support our clients in navigating the complexities of DORA. 

To better understand what DORA entails and how to prepare, you can refer to our detailed guide that outlines key obligations and strategies to fortify your operations and ensure readiness. 

Turning Around Risk Readiness 

The pace of technological change and intensifying focus on regulatory compliance have propelled these concerns to the forefront of risk registers. Leaders need to meet these challenges head-on, transforming potential vulnerabilities into strengths. In this critical period leading up to DORA’s implementation, FSPs have an unprecedented opportunity to “do a 180” on risk readiness in 180 days, assessing, testing and remediating any threats and vulnerabilities. 

Embracing the comprehensive requirements of DORA allows FSPs to enhance their operational resilience, safeguard sensitive financial data, and maintain the continuity of financial services - even in the face of severe disruptions. As the countdown continues, FSPs must leverage the next 6 months to fortify their operations, ensuring they are not only compliant but also prepared for the future of finance. 

Lendscape is at the forefront of secured finance technology, providing working capital and asset finance solutions for a diverse range of FSPs around the globe. As a technology provider, we adhere to stringent, internationally recognised standards of security and compliance and are committed to helping our clients navigate the complexities of DORA, ensuring the continuity of financial services in an increasingly dynamic environment.

 

Article written by:

Kevin Day & Iain Gomersall