The Digital Operational Resilience Act (DORA), more formally known as Regulation (EU) 2022/2554, took effect on January 16, 2023, with final industry compliance required by January 17, 2025. The regulation underscores the importance of digital operational resilience in today’s increasingly interconnected and digitized landscape and seeks to expand the reach of European regulators. Compliance with DORA is a top priority given financial entities’ dependence on ICT, including third-party ICT service providers, as well as the heightened focus on ICT and cyber-related risks impacting these third parties. 

This whitepaper explores how firms can respond to and apply the DORA requirements by the implementation date.