Bringing together all aspects of digital operational resilience

DORA: The 10 key challenges of a successful compliance journey

image-hero
  • Issue
  • 10 minute read
  • December 19, 2023
2025

DORA is applicable from 17 January 2025

5

Essential pillars to be implemented by financial institutions

10

Key challenges to consider

What is DORA?

The “Digital Operational Resilience Act”, commonly known as “DORA”, is a European Union regulation that aims to strengthen the digital operational resilience of the financial sector in a context of deep digital business transformation and an increased exposure to cyber and IT risks. The regulation came into force on 16 January, 2023 and will be applicable from 17 January, 2025 across all EU member states. Operational Resilience is a challenge for financial service firms and the sector as a whole. Given the increase in cyber attacks and the interconnected nature of the financial system the profile of digital operational resilience has been elevated significantly.

DORA introduces very specific and prescriptive requirements that are homogenous across EU member states. Organisations need to be able to withstand, respond and recover from the impact of ICT incidents, thereby continuing to deliver critical and important functions and minimising disruption for customers and for the financial system. This is only achievable by establishing robust measures and controls on systems, tools and third parties, by having the right operational continuity plans in place, while testing their effectiveness on a continuous basis. Five core pillars of the regulation play an important role: ICT risk management, management of ICT incidents, digital operational resilience testing, management of third parties and information exchange.

“Banks and insurance companies need access to an increasing volume of internal and external data.They have become increasingly reliant on information and communications technology third-parties. European regulators therefore want to take steps to establish the risk generated by these developments is managed effectively”

Karine Pariente, Partner, PwC France

The 10 key challenges of a successful compliance journey

The 10 key challenges presented below come from the main messages and testimonies of the conference “DORA Regulation: Decryption, issues and sharing of experiences” organised on 24 November, 2022 by PwC France and Maghreb.

These challenges are all avenues to help you prepare for the requirements of the DORA regulation. They constitute benchmarks that will need to be adapted to each business environment in order to make DORA an opportunity for financial services institutions, not an additional regulatory constraint. 

Download the white paper

DORA: The 10 key challenges of a successful compliance journey

Contact us

Rami Feghali

Rami Feghali

Partner, Head of Risk Services EMEA, PwC France

Tel: +33 (0) 1 56 57 71 27

Grant Waterfall

Grant Waterfall

EMEA Cybersecurity & Privacy Leader, PwC Germany

Tel: +49 170 1553647

Philipp  Schulz

Philipp Schulz

Director, DORA Lead, PwC Germany

Tel: +49 69 95855555

Samantha Trama

Samantha Trama

Director, DORA Lead, PwC Italy

Tel: +39 3493360414

Follow us

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Contact us

Sam Samaratunga

Sam Samaratunga

UK and Global Head of Risk Services, PwC United Kingdom

Tel: +44 (0)7710 058286

Shaun Willcocks

Shaun Willcocks

Global Risk Markets Leader, Global Internal Audit Leader, Partner, PwC Japan

Tel: +81 (0)90 6478 6991

Sean Joyce

Sean Joyce

Global Cybersecurity & Privacy Leader, PwC US; Cyber, Risk & Regulatory Leader, PwC United States

Jennifer Ho

Jennifer Ho

Asia Pacific, Mainland China & Hong Kong Risk Services Leader, PwC Hong Kong

Tel: +[852] 2289 2919

Dr. Robert Paffen

Dr. Robert Paffen

Global Risk Services Digital Leader, Germany Risk & Regulatory Leader, PwC Germany

Mitchell Schuckman

Mitchell Schuckman

Global Tax Reporting & Strategy Leader, Partner, PwC United States

Hide