Since the use of digital technology in the financial sector and global markets, different types of cyber threats have emerged, which have generated some uncertainty and mistrust among some users, whether they are companies, businesses, and consumers.
To address this issue, the European Union created the Digital Operational Resilience Act (DORA), which seeks to generate greater trust in the digital environment, as well as help online platforms in the financial sector to operate smoothly. Below, we will learn more about this law.
What is the European Union’s Digital Operational Resilience Act (DORA)?
The Digital Operational Resilience Act (DORA) is a regulation created by the European Union that seeks to strengthen the security of information and communications technologies (ICT) used by financial institutions.
Why was the DORA law created, and when did it come into effect?
The DORA Law It was created with the aim of ensuring that all financial institutions and companies have the capacity to prevent, resist, recover and adapt to possible problems or incidents related to information and communications technologies.
Although this regulation was enacted on January 16, 2023, it will only come into force on January 17, 2025, and failure to comply with it may result in significant financial penalties, operational disruptions, and damage to the reputation of financial institutions and companies.
Objectives of the DORA law
The European Union hopes that with the implementation of the DORA Law, the following objectives:
Harmonizing regulations
DORA Act aims to create a unified framework for information and communications technology (ICT) risk management across the European Union, thereby reducing regulatory fragmentation and ensuring a consistent approach across Europe.
Strengthening financial stability
With this law, the European Union seeks to strengthen the stability of the financial system, ensuring that financial institutions can prevent, withstand, and recover from any type of disturbance or problem related to the use of information and communications technologies (ICT).
Improving third-party risk management
Since most financial institutions and companies depend on third parties (ICT service providers), which may include the management or storage of information in the cloud and data centers, the European Union seeks (through this law) that financial entities can manage (in a better way) the risks associated with said providers, to guarantee operational resilience in the online environment.
Improve security and oversight of critical third-party vendors
The DORA law aims to supervise information and communications technology service providers in order to ensure compliance with the security standards and regulations of the financial industry. In this way, the security of financial institutions can be improved, which will allow for greater confidence in the market, thanks to greater protection of data and financial transactions.
What do you think about this topic? Do you want to know more about the DORA Law?
If you are interested in Pilsenga products or services, you can contact us by visiting the following link.
