Digitalization of the financial sector has brought significant benefits but has also exposed businesses to rising technology risks, including cyberattacks, system outages, and third-party information and communications technology (ICT) failures. To ensure financial institutions (FIs) remain resilient in the face of these threats, the European Union’s Digital Operational Resilience Act (DORA) sets out detailed requirements for EU-based FIs to protect their key business processes (see sidebar “DORA’s scope”). While DORA has some overlap with other regulations (such as BAIT and VAIT in Germany1), it is the first regulation of its kind to focus on digital resilience across the European financial ecosystem.

Interested in reading more about Europe’s new resilience regime: ‘The race to get ready for DORA’, please download McKinsey and Company’s full article here.