DORA
Digital Operational Resilience Act
Definition
An EU regulation establishing a comprehensive framework for digital operational resilience in the financial sector. DORA sets requirements for ICT risk management, incident reporting, digital operational resilience testing, third-party ICT risk management, and information sharing arrangements.
Regulatory Context
DORA entered into force in January 2023 and applies from January 2025. It covers a broad range of financial entities including banks, insurers, investment firms, and crypto-asset service providers, as well as critical ICT third-party service providers.