The beginning of a New Dawn – 17th January 2025 (11 Weeks to Go)

Dear reader, I know you are intrigued to know why 17th January 2025 is a date that would mark the beginning of a new dawn for financial institutions across Europe.

Its “DORA” – Digital Operational Resilience Act (An EU specific regulation) which becomes mandatory for all financial institutions falling under the EU.

It aims to ensure that financial institutions can (i) withstand (ii) respond to (iii) recover from all types of information and communication technology related incidents, risks and threats.

DORA uniquely, sets out requirements for:

(a)??? Risk management

(b)??? Incident reporting

(c)??? Testing

(d)??? Third-party risk management and

(e)??? Information sharing

Good questions you might want to provide answers to as a financial institution to while there is still time are:

(1)??? Are you aware of DORA?

(2)??? Did you know before now and understand what it entails?

(3)??? Have you taken time to check and be assertive that you have what it takes to comply with each category of the requirement (a to e above)

(4)??? Have you made plans and to ensure that you meet up with the deadline (11 weeks to go)

(5)??? Are you aware that there are penalties should you fail to meet up?

(6)????? Are you aware that as part of the penalty, you may have to pay between 1 to 2% of your total annual worldwide turnover? (how does that sound and look on your financial statement?)

(7)??? Have you made arrangement to delegate a qualified person in your financial institution to put on the DORA hat and be accountable for all matters related to DORA?

(8)??? Did you know that DORA takes precedence over NIS 2, and not intended to replace GDPR?

(9)????? Did you know that even if you have qualified internal testers, you still must engage qualified external testers to meet up with DORA requirements?

(10)????? Do you have exit strategy and termination procedure for all your critical 3rd party ICT service providers?

(11)??? Have you identified the ESA in your region?

(12)????? Are you a financial institution in Africa with a presence under any of the European country? If yes, you must get ready to be DORA compliant.

The Good News:

If you cannot at this point, confidently answer these questions, it's time to seek help.

Visit: www.afenoid.com or call Dotun on: +234-209-291-1777 to get in touch with us for consulting services, compliance validation, digital transformation, training services to help your organization to become more resilient to cyber-attack and get better at what you do. Furthermore, we can provide you with DORA training and be prepared to comply with DORA using qualified and experienced professionals.

#Afenoid

#PCIDSS

#CISA

#CISM

#DORA

#CRISC

#CGEIT

#SWIFT

#ISO 27001

#1SO 22301

#ISO 20000

#ISO 27005

#ISO 27032

#ISO 42001