It’s one year down and one to go for European financial organisations to get their houses in order. These institutions will have until January 2025 to ensure their compliance with the Digital Operational Resilience Act (DORA), demonstrating full visibility
into their operations and how they ensure resiliency.
DORA will be the latest addition to numerous financial regulations, such as the Data Governance Act (DGA) and
Building Operational Resilience PS6/21, to improve security measures, data sharing, and transparency in the European financial sector. Working with these regulations, not against them, provides the perfect opportunity to evolve financial operations for
good.
So, how do financial services organisations ensure that they are DORA-compliant by January 2025, and gain the visibility and flexibility they need to ensure that their operations are resilient and secure? The answer is integration.
The importance of DORA
In January 2023, the
Digital Operational Resilience Act came into force, giving European financial institutions just two years to become compliant. The Act aims to set higher standards for the financial sector’s digital operational resilience, with a focus on security and business
continuity. DORA will place financial organisations under increased scrutiny, where banks and technology providers will be legally bound to prioritise operational resilience and prove that their processes are up to scratch.
The Act plays into a wider need for improved defences against cybercrime and fraud. For instance, in the first quarter of 2023 alone,
the UK lost over £53 million due to internet banking fraud incidents, with
cyberattacks increasing by 38% in 2022. DORA prompts financial organisations to step up their defences and increase their resilience against potential threats, vital in a world of ever-increasing financial crime — but this is easier said than done for a
typically slow-moving industry.
The banking world is still playing catch-up
Siloed data, continued high levels of investment in new systems and the enduring importance of legacy systems make optimising operations highly challenging. What’s more,
32% of banks report that they do not have an up-to-date, reliable IT asset inventory, while
37% of significant institutions under the supervision of the ECB reported a cyber incident in 2022. The correlation between scattered IT systems and a financial organisation’s inability to protect itself from attack is clear.
Simply, many banks lack the visibility and transparency they need to ensure their operations are efficient, resilient, and will satisfy the impending DORA regulation. As well as issues bringing together the right data at the right time to power effective
decisions, a bank’s agility and speed of execution are also vital. Banks must be able to quickly identify issues, uncover the information required to correct them, and apply remedies to ensure minimal disruption to staff and customers. With clunky processes
and siloed data, staff do not have the tools they need to deal with disruption rapidly and effectively.
Unlocking DORA success
By mapping all processes effectively and integrating all financial data, organisations can bring together different systems and applications, and create a single, trusted data source to improve processes and satisfy regulations. A connected infrastructure
allows financial services to meet customer demands, monitor operations in real time, and find ways to drive innovation and higher productivity. This level of integration and visibility is vital for large, multi-national banks, allowing them to quickly respond
to changing market conditions with their existing applications and data sets – regardless of how new or old they are, where they are hosted, or who is using them. Consolidating data into a single cross-border platform avoids chaos, risk and rising costs.
As well as providing end-to-end visibility and governance across geographies, IT environments, and complex business ecosystems, integration allows financial organisations to transform their digital offering. They can create connected customer and employee
experiences and enhance B2B interactions — all while minimising disruption and risk. Having this solid foundation of data ensures the accuracy of mining and modelling processes, with financial organisations able to discover how systems and people are performing
and learn from historical and real-time data to put insights into action. Whether the risks are ‘between the chair and the keyboard’, in the process landscape, or the disconnect of legacy systems and practices, this end-to-end visibility facilitates continuous
process improvement, by which banks can learn from mistakes and improve resilience.
Ultimately, business process management and integration are key to becoming DORA-compliant by January 2025. Financial institutions are held to the highest standards, and robust risk management, security, and regulatory compliance are non-negotiable. Operational
resilience relies on integrated applications that can improve financial organisations’ cyber defences and provide business value. The only way to identify and protect against threats and potential failures is to have a single pane of glass across a distributed
technology landscape. This way, financial services organisations can find the value trapped in their data, and crucially, satisfy regulations.
