Operational Resilience is an existing key strategic theme across the financial services industry as well as wider across Information Communications and Technology companies providing services to financial services firms. To date, we have seen a number of interest groups publish their approach to Operational Resilience and DORA specifically. We also see an increased focus on operational resilience in countries such as the UK and the US which further drive the need for alignment.
DORA will apply to the whole financial sector. It will also apply to firms captured within the expanded regulatory perimeter under the term ‘critical ICT third-party service providers’, which will include services such as cloud resources, data analytics and audit.
Although the Act is currently still in draft form and the final regulations are only expected to be published by 2022, it is imperative for firms to start thinking about, and working on, their operational resilience journey.