DORA Check. An overview on the Digital Operational Resilience Act

DORA Check

The most important information about DORA at a glance

Digital threats and cyberattacks are increasing every year. In 2023, digital threats caused damages of more than €200 billion in Germany, of which 72% resulted from cyberattacks (source: Bitkom, study on economic protection 2023). To counter the threat to the system-critical financial sector, the EU has decided to implement a uniform, high level of security. The Digital Operational Resilience Act (DORA) is the answer.

The regulation on digital operational resilience is intended to reduce the risks arising from the ever-increasing dependence on information and communication technology in the financial sector. In particular, DORA is expected to reduce the risk of severe operational disruption arising from digital threats and cyberattacks, by focusing on the entire value chain. Notably, DORA subjects IT service providers to direct financial supervision – for the first time.

 

About the DORA Check

DORA Check allows you to access the most important information on DORA, as well as a short quiz to check your own knowledge of the regulation. Each question includes help and explanations, so it can be used independently. A short summary of the most important topics included in the tool can be downloaded here.

The tool has been developed especially for non-experts and provides only basic knowledge. Please contact us for further information.

 

Using DORA Check

DORA Check provides a first overview of the regulation, with basic information about DORA and its goals. Our interactive quiz allows you to test your knowledge of the regulation, find out if your company is affected, and explore what action needs to be taken. In addition, you can download a compact one-pager that provides a quick overview the most important points and requirements of the regulation.

 

Take action

DORA will apply to companies in the financial sector and their IT service providers from January 17,  2025. It is very important for every company to check whether DORA applies to them and what measures need to be taken now. This ranges from reviewing outsourcing contracts for DORA compliance to reviewing internal IT infrastructure, management, and contingency plans. We will be happy to advise you individually if your company is affected by DORA.

Financial Regulatory News Blog

Our regular updates provide you with insights into regulatory issues of German and European financial supervisory law, such as licensing requirements for tokenization and crypto asset trading, crypto custody, e-money/e-wallets, etc.

Discover CORA

German and European law contains a large number of such licensing requirements, particularly for the conduct of banking business and financial services as well as for the provision of investment and payment services. We have therefore developed our Check of Regulatory Authorizations (CORA) to help you gain an initial overview of possible licensing obligations!

Contact

Our team advises national and international investment companies, banks, financial and payment service providers, asset managers and investment funds on all aspects of German and European financial supervisory law. Please do not hesitate to contact us!