Exploring DORA: Loud Echoes of Central Bank Guidelines

Designed to ensure the European financial sector is resilient enough to withstand severe operational disruption, DORA (the Digital Operational Resilience Act) comes into force for banks, insurance companies and investment firms from January 2025.

 

While DORA will not apply to Irish credit unions, it is still important for credit unions to consider how DORA can inform the continued development of effective management of cyber risks.

 

Moreover, while DORA is not mandatory for credit unions, the Central Bank’s Cross Industry Guidance on Operational Resilience does apply to the sector in full force. The two have much in common.

 

The Central Bank of Ireland (CBI) guidance was published in December 2021. It clearly states that international best practice, including the then anticipated introduction of DORA, informed the document. It was the Central Bank’s intention that their guidance complement both DORA and NIS2 (Directive on Security of Network and Information Systems).

 

Central Bank and DORA: common pillars of operational resilience

 

  1. Disruption preparedness: Both emphasise the importance of organisations being prepared for operational disruptions, with particular emphasis on cyber threats. 
  2. Risk management: CBI guidance highlights the need for a documented operational resilience framework, which aligns with DORA’s requirements for a risk management framework that addresses ICT (Information and Communication Technology) risks .
  3. Incident management: Both the CBI and DORA focus on how institutions should classify, report, and manage ICT-related incidents
  4. Testing and learning: The Central Bank promotes regular testing of operational resilience, and DORA mandates bodies to conduct digital operational resilience testing.
  5. Third-party risk management: Both the CBI and DORA acknowledge the importance of managing risks associated with third-party ICT service providers.  

 

In essence, as far as credit unions are concerned, DORA builds upon the existing principles established by the Central Bank, providing a more comprehensive and standardised approach to operational resilience across the financial sector.

 

Viatel Technology Group (Viatel), a trusted partner of so many Irish credit unions, strongly believes that adopting a DORA-preparedness mindset will benefit our partners in the financial sector. By improving each organisation’s ability to withstand and recover from IT disruptions and cyber attacks, credit unions protect their members, reach compliance standards and continue to merit their sector’s longstanding and well documented reputation for  trust and customer service.

 

Viatel at CUMA

Viatel Technology Group are excited to attend the CUMA Credit Union Managers Association Spring Conference, “Meeting Challenge” on 10-11 April 2024 at Mount Wolseley Hotel, Spa & Golf Resort. Discuss DORA and much more with our credit union experts, Seamus, Nicola and Marc at  Stand 51.

 

 

About Viatel Technology Group: your partner in compliance

Viatel Technology Group has over twenty years of experience working with over sixty credit unions across Ireland. We have a clear understanding of the risk profile and regulatory requirements faced by our credit union partners. We are very proud to provide the technology solutions underpinning such a vital and respected part of the financial community.