DORA (Digital Operational Resilience Act) is an EU regulation that requires financial entities and their ICT providers to ensure digital operational resilience. It has applied since 17 January 2025.
DORA (Digital Operational Resilience Act) is an EU regulation (2022/2554) on digital operational resilience in the financial sector. As a regulation it applies directly in all member states without national transposition, and has applied since 17 January 2025.
DORA applies to financial entities such as banks, insurers, investment firms and payment service providers, as well as to their critical ICT third-party providers. This brings IT and cloud providers into scope.
DORA requires comprehensive ICT risk management, the handling and reporting of ICT-related incidents, regular digital operational resilience testing, and management of ICT third-party risk including minimum contractual requirements.
If a financial entity uses cloud services, these often qualify as ICT third-party providers under DORA. The regulation's contractual and security requirements must therefore be considered when selecting and managing the provider.
SecureCloud offers a platform hosted in Germany that is GDPR-compliant, ISO 27001- and Trusted-Cloud-certified, BSI C5-attested and CIS-compliant, with encryption, granular access control and an audit log. This supports financial entities with their ICT security and traceability requirements under DORA.
Industry-specific implementation: financial sector, banks & fintechs.
DORA has applied since 17 January 2025. As an EU regulation it applies directly in all member states, without separate national transposition.
DORA applies to financial entities such as banks, insurers and payment service providers, as well as to their critical ICT third-party providers, which can include cloud providers.
DORA is a sector-specific regulation for the financial sector, while NIS2 is a cross-sector directive. Where they overlap, DORA takes precedence as the more specific rule.
Unsere Experten beantworten Ihnen gerne alle Fragen.