IKT Asset
AIDORABaFinComplianceIT-ModernisierungFinanzsektor

Navigating IT Modernization Projects in Compliance with BaFin and DORA: Challenges and Solutions

The Digital Operational Resilience Act (DORA) imposes new requirements on IT modernization in the financial sector. Companies must prepare for upcoming deadlines and compliance requirements.

Introduction

The Digital Operational Resilience Act (DORA) presents a challenge for companies in the financial sector, particularly regarding IT modernization projects. With DORA coming into effect on January 17, 2025, organizations must ensure their information and communication technology (ICT) systems comply with stringent regulations.

BaFin and DORA Compliance

DORA protects financial entities against cyber risks and holds management accountable for ICT risk management. Failures can result in significant fines, potentially reaching up to 2% of global annual turnover. Therefore, companies must continuously update and document their ICT systems.

Challenges in Contract Compliance

Reviewing and updating IT-related supplier contracts is one of the biggest challenges for financial institutions. The deadline for complying with DORA requirements is approaching, making it crucial for companies to adjust their contracts accordingly.

Conclusion

Implementing DORA requires a deep understanding of the new regulations and their impact on existing systems and processes. Companies must act proactively to ensure compliance and minimize regulatory risks.