The European Council has confirmed a strategy to protect financial institutions from exponential cyber attacks with the introduction of the Digital Operational Resilience Act (DORA), imposing requirements for security infrastructure and systems to stay resilient throughout a period of severe operational disruption.

The Act will concentrate on protecting financial entities such as banks, private banks, insurance companies and investment firms.

Czechia’s Finance Minister, Zbynek Stanjura, acknowledged the hard and uncertain times that the financial sector is facing as an especially targeted industry for criminals looking to undermine the excellent capabilities of digital ID.

“We live in uncertain times”, he said. “Banks and other companies which provide financial services in Europe already have plans in place for their IT security, but we need to go one step further. Thanks to the harmonised legal requirements which we adopted today, our financial sector will be better able to continue to function at all times. If a large-scale attack on the European financial sector is launched, we will be prepared for it”.

The Council presidency and European Parliament reached political agreement over the Act to harmonise frameworks for solution providers in ensuring the security level of integrated technologies and systems across the finance sector is unified.

The directive, that was mandated by the European Commission in June, set out to strengthen the resilience of network and information infrastructure, as well as cloud technologies such as cloud platforms or data analytics services.

Organisations and companies in the banking industry provide a vital service to citizens across the EU as the backbone of livelihoods and financial security.

The proposal of the Act indicated that each member state would adopt a national strategy to “enhance the resilience of critical entities”, carrying out a necessary risk assessment at least once every 4 years. The act is finalised and can now be enacted into law by each member state in the EU.

The DORA proposal surfaced in September 2020 as part of a broader financial package that will provision technological development while maintaining technical frameworks.