Blog article
See all stories »

One year to go on DORA! Why financial services should get ready now

It’s one year down and one to go for European financial organisations to get their houses in order. These institutions will have until January 2025 to ensure their compliance with the Digital Operational Resilience Act (DORA), demonstrating full visibility into their operations and how they ensure resiliency.

DORA will be the latest addition to numerous financial regulations, such as the Data Governance Act (DGA) and Building Operational Resilience PS6/21, to improve security measures, data sharing, and transparency in the European financial sector. Working with these regulations, not against them, provides the perfect opportunity to evolve financial operations for good.

So, how do financial services organisations ensure that they are DORA-compliant by January 2025, and gain the visibility and flexibility they need to ensure that their operations are resilient and secure? The answer is integration.

 

The importance of DORA

In January 2023, the Digital Operational Resilience Act came into force, giving European financial institutions just two years to become compliant. The Act aims to set higher standards for the financial sector’s digital operational resilience, with a focus on security and business continuity. DORA will place financial organisations under increased scrutiny, where banks and technology providers will be legally bound to prioritise operational resilience and prove that their processes are up to scratch.

The Act plays into a wider need for improved defences against cybercrime and fraud. For instance, in the first quarter of 2023 alone, the UK lost over £53 million due to internet banking fraud incidents, with cyberattacks increasing by 38% in 2022. DORA prompts financial organisations to step up their defences and increase their resilience against potential threats, vital in a world of ever-increasing financial crime — but this is easier said than done for a typically slow-moving industry.

 

The banking world is still playing catch-up

Siloed data, continued high levels of investment in new systems and the enduring importance of legacy systems make optimising operations highly challenging. What’s more, 32% of banks report that they do not have an up-to-date, reliable IT asset inventory, while 37% of significant institutions under the supervision of the ECB reported a cyber incident in 2022. The correlation between scattered IT systems and a financial organisation’s inability to protect itself from attack is clear.

Simply, many banks lack the visibility and transparency they need to ensure their operations are efficient, resilient, and will satisfy the impending DORA regulation. As well as issues bringing together the right data at the right time to power effective decisions, a bank’s agility and speed of execution are also vital. Banks must be able to quickly identify issues, uncover the information required to correct them, and apply remedies to ensure minimal disruption to staff and customers. With clunky processes and siloed data, staff do not have the tools they need to deal with disruption rapidly and effectively.

 

Unlocking DORA success 

By mapping all processes effectively and integrating all financial data, organisations can bring together different systems and applications, and create a single, trusted data source to improve processes and satisfy regulations. A connected infrastructure allows financial services to meet customer demands, monitor operations in real time, and find ways to drive innovation and higher productivity. This level of integration and visibility is vital for large, multi-national banks, allowing them to quickly respond to changing market conditions with their existing applications and data sets – regardless of how new or old they are, where they are hosted, or who is using them. Consolidating data into a single cross-border platform avoids chaos, risk and rising costs.

As well as providing end-to-end visibility and governance across geographies, IT environments, and complex business ecosystems, integration allows financial organisations to transform their digital offering. They can create connected customer and employee experiences and enhance B2B interactions — all while minimising disruption and risk. Having this solid foundation of data ensures the accuracy of mining and modelling processes, with financial organisations able to discover how systems and people are performing and learn from historical and real-time data to put insights into action. Whether the risks are ‘between the chair and the keyboard’, in the process landscape, or the disconnect of legacy systems and practices, this end-to-end visibility facilitates continuous process improvement, by which banks can learn from mistakes and improve resilience.

Ultimately, business process management and integration are key to becoming DORA-compliant by January 2025. Financial institutions are held to the highest standards, and robust risk management, security, and regulatory compliance are non-negotiable. Operational resilience relies on integrated applications that can improve financial organisations’ cyber defences and provide business value. The only way to identify and protect against threats and potential failures is to have a single pane of glass across a distributed technology landscape. This way, financial services organisations can find the value trapped in their data, and crucially, satisfy regulations.

 

10439

Comments: (0)

James Whybrow

James Whybrow

Head of Financial Services and Insurance

Software AG

Member since

27 May 2021

Location

London

Blog posts

4

This post is from a series of posts in the group:

Banking Strategy, Digital and Transformation

Latest thinking in respect to Banking Strategy, Digital and Transformation. Harnessing our collective wisdom to make banking better. Ambrish Parmar


See all

Now hiring