Marino Software is putting out an open invitation to financial services teams, to conduct a 'rapid roadmap workshop'. This session explores the implications of incoming compliance directives, including DORA (Jan 2025), the EEA European Accessibility Act (Jul 2025) and PSD3 (est. 2026+). Fill out this quick form for a roadmap workshop application.
The digital landscape of the financial sector is rapidly evolving. With it comes a heightened responsibility to ensure resilience against cyber threats.
In response to this, the European Union introduced the Digital Operational Resilience Act (DORA), a comprehensive regulation aimed at bolstering the digital operational resilience of financial services across the EU. Published in 2022, DORA will apply in full from January 2025. This means a limited time frame for financial institutions and their partners to achieve compliance.
At this stage financial bodies will have DORA compliance efforts well underway. At Marino Software, we recognise the critical importance of DORA compliance. Not just as a regulatory requirement, but as a cornerstone of cyber resilience for the financial sector. As a trusted software delivery partner of PTSB and a Critical Third Party Provider (CTPP), we have a unique “on the ground” perspective on DORA.
In June 2024, Gerry Cross, Director of the Central Bank of Ireland, underscored the significance of DORA by stating, "Digital operational resilience is a fundamental underpinning of a resilient and well-functioning financial system supporting the economy and serving the needs of citizens. Financial services are fundamentally about information and data. So the threat surface is large, the risks are significant and increasing, and the potential impact is great."
The implications of his statement are clear: as financial services become increasingly digitised, the need to protect the integrity, availability, and confidentiality of data has never been more critical. DORA is designed to address these concerns through its framework, ensuring that financial entities, including their critical service providers, are equipped to manage and mitigate ICT risks effectively.
DORA is best embraced as a modernising influence. It is built around five key pillars, each addressing a critical aspect of digital operational resilience:
1. ICT Risk Management: Financial institutions must establish a robust ICT risk management framework that aligns with DORA’s principles and requirements. This framework must be integrated into the overall risk management strategy, ensuring that ICT risks are identified, assessed, and mitigated effectively.
2. Cyber Incident Reporting & Responses: DORA mandates the reporting of major ICT-related incidents to the relevant authorities. Timely and accurate reporting is crucial for mitigating the impact of cyber incidents and ensuring coordinated responses across the financial sector.
3. Operational Resilience Testing: Regular testing of operational resilience, including both basic and advanced scenarios, is required to ensure that financial entities can withstand and recover from ICT disruptions. This pillar emphasizes the need for proactive resilience measures.
4. Third-Party Risk Management: Given the reliance on third-party providers like Marino Software, DORA places significant emphasis on monitoring third-party risks. This includes key contractual provisions to ensure that third-party services are resilient and aligned with the financial entity’s risk management strategies.
5. Information Sharing: The exchange of information and intelligence on cyber threats is a crucial aspect of DORA. Financial entities and their partners must engage in active collaboration to share insights, detect emerging threats, and develop collective defences.
As a critical third-party provider (CTPP) of ICT services to PTSB, Marino Software understand first-hand what compliance looks like in practice.
As an AWS Partner, we can leverage the scale and resilience of the AWS Cloud, using existing DORA requirements analysis and frameworks alongside our experience of DORA compliance within the financial services sector.
Recommended reading: AWS User Guide to the Digital Operational Resilience Act (674Kb PDF).
Marino Software is putting out an open invitation to financial services teams, to conduct a 'rapid roadmap workshop'. This session explores the implications of incoming compliance directives, including DORA (Jan 2025), the EEA European Accessibility Act (Jul 2025) and PSD3 (est. 2026+). Fill out this quick form for a roadmap workshop application.
We’re ready to start the conversation however best suits you - on the phone at
+353 (0)1 833 7392 or by email