i-law

Compliance Monitor

DORA drives new era of operational resilience

Designed to consolidate and upgrade ICT risk requirements across EU financial services and beyond, DORA is now in force and similar UK rules apply fully in March 2025. Actions required for compliance are comprehensive and demand immediate attention, reports Jonathan Armstrong.

Jonathan Armstrong (jonathan.armstrong@puntersouthall.law) is a partner with Punter Southall Law who specialises in compliance and technology. He is also a Professor at Fordham School of Law teaching a new post-graduate course on international compliance.

With 2025 well underway, firms across the European Union and their key service providers have been gearing up to meet the requirements of the EU's Digital Operational Resilience Act (DORA), which applied to financial entities from 17 January. [1] This landmark regulation is set to reshape the operational resilience landscape, enforcing stringent ICT (Information and Communication Technologies) risk management standards and extending oversight to critical third-parties such as cloud service providers.

The rest of this document is only available to i-law.com online subscribers.

If you are already a subscriber, click Log In button.

Copyright © 2025 Maritime Insights & Intelligence Limited. Maritime Insights & Intelligence Limited is registered in England and Wales with company number 13831625 and address 5th Floor, 10 St Bride Street, London, EC4A 4AD, United Kingdom. Lloyd's List Intelligence is a trading name of Maritime Insights & Intelligence Limited.

Lloyd's is the registered trademark of the Society Incorporated by the Lloyd's Act 1871 by the name of Lloyd's.