Go to search feature Go to content

Reflections on DORA

Welcome back to my Tech Blog! This time, I will be reflecting on the Digital Operational Resilience Act.

In the ever-evolving landscape of financial technology, the Digital Operational Resilience Act (DORA) has emerged as a crucial regulatory standard. But the “R” in DORA should not be too focused on Reporting, it means for much more. At its core, DORA embodies the principles of Resilience, the ability to protect our customers' data, uphold the integrity of their assets, and maintain a secure, robust operational environment that supports both innovation and AI-driven capabilities.

Beyond reporting: building a resilient digital foundation

Traditional views of compliance often emphasise documentation, reporting structures, and regulatory checkboxes. However, DORA challenges this approach by demanding a holistic commitment to operational resilience that encompasses infrastructure, security, data management, and recovery practices. For financial institutions, this means moving beyond periodic reporting to ensure that systems and processes are equipped to withstand, adapt to, and recover from cyber threats, operational disruptions, and unexpected shocks.

Protecting customer data and assets: a core responsibility

DORA emphasis on resilience centers on protecting what matters most, our customers’ data and assets. Compliance with DORA is not merely regulatory; it is a proactive stance that demands strong cybersecurity measures, robust data encryption, and continuous monitoring to prevent unauthorized access and ensure data integrity. This protection extends beyond regulation; it is a commitment to maintaining trust and confidence in our services.

Creating a secure and scalable environment for AI and innovation

Resilience is more than a response to threats; it is about building an environment primed for the future. DORA compliance requires us to establish a foundation that supports AI-driven innovation and cutting-edge solutions without compromising security. This includes integrating scalable, cloud-based solutions, deploying advanced threat detection, and implementing real-time monitoring to enable AI capabilities while keeping customer data secure.

As we develop AI applications and explore new technological frontiers, DORA offers a structured framework for introducing innovations responsibly. Compliance here is not a restriction, it is an enabler of growth that is secure, scalable, and resilient.

Embracing resilience as a continuous journey

DORA compliance is far from a one-time checklist; it is an ongoing journey of continuous improvement. By embedding resilience into our daily operations and technology strategies, we are positioning ourselves to respond to and recover from any incident that may threaten our operations or compromise customer security. This commitment requires continuous monitoring, regular testing, and the refinement of our operational processes to keep us a step ahead in an unpredictable landscape.

SEB Position

In redefining resilience through DORA, SEB is not just meeting regulatory demands; we are positioning ourselves as leaders in building a secure, innovative, and customer-focused future. Resilience is about more than reporting; it is about taking proactive, strategic steps to ensure that our systems, data, and operations are robust, adaptable, and forward-looking. 

By embedding DORA principles deeply into our operations, SEB is fulfilling its duty to protect and serve our customers, drive secure innovation, and reinforce trust in our services. This commitment to DORA distinguishes SEB as a financial institution that prioritises not only compliance but resilience, creating lasting value for our customers and setting a high standard within the industry.

 

Author: Ulf Larsson, SEB Security CTO

Upp Up