The EU Digital Operational Resilience Act (DORA) took effect on January 17, 2025, marking a significant milestone in the EU's push to bolster digital operational resilience in the financial services sector. Given the sector's increasing reliance on technology, it has become more vulnerable to various information communication and technology (ICT)-related risks, including cyberattacks, ICT failures and disruptions caused by ICT third-party service providers. DORA aims to address such risks and provide a unified framework for managing digital operational resilience across the sector.

This article examines how the EU's financial sector is entering a new phase of operational resilience obligations. Now that DORA is in effect, firms must shift from preparation to action.

"DORA: Navigating the Path Ahead," Grip., January 27, 2025