From challenges to opportunities: Experts decode DORA’s impact on FinTech
By Gloria Methri
This week, the Digital Operational Resilience Act (DORA) officially takes effect in the EU, marking a seismic shift in the regulatory landscape for financial services. Designed to enhance operational resilience in an increasingly digital financial ecosystem, DORA promises tighter controls and heightened accountability across the sector.
But what does this mean for FinTechs, financial institutions, and their customers? Industry experts weigh in, offering their perspectives on this groundbreaking regulation.
The End of ‘Move Fast and Break Things’
Marios Joannou, Head of Digital Risk and Privacy at payabl., captures the essence of DORA’s transformative impact: “In many ways, DORA is a step by regulators to address the vulnerabilities exposed by the rapid innovation of FinTech. It signals the end of the ‘move fast and break things’ era that accelerated growth but often left critical resilience gaps, exposing institutions and markets to significant operational risks.”
DORA’s scope extends beyond cybersecurity. It also addresses service availability, business insolvency, and even the risk of hostile takeovers. The aim is clear: balance innovation with sustainable growth. However, this balance comes at a cost. As Joannou points out, high compliance expenses and stringent oversight could pose significant challenges for startups and scale-ups, even as they pave the way for a more mature industry.
For multinational institutions like payabl., the harmonisation of resilience rules between the UK and EU simplifies some processes but doesn’t eliminate operational challenges, particularly with dual compliance frameworks.
Lessons from GDPR and the Role of AI
Paulo Rodriguez, Head of International at Vanta, sees parallels between DORA and another landmark EU regulation—GDPR, “GDPR was introduced six years ago, and businesses are still struggling to grapple with the regulation to this day. Achieving and maintaining compliance demands a significant overhaul of business practices, as well as resource-heavy monitoring and auditing. No doubt DORA is leaving financial institutions and their third-party vendors facing similar headwinds.”
Yet, there’s a silver lining. Rodriguez highlights AI as a game-changer for achieving compliance, “AI has proven particularly effective at automating manual tasks and could be the perfect companion for security teams dealing with DORA. The technology has the potential to make achieving and maintaining compliance a far more straightforward task for financial institutions, ensuring greater digital resilience.”
A Wake-Up Call for Operational Resilience
Eduardo Crespo, VP of EMEA at PagerDuty, underscores DORA’s necessity in the wake of frequent and costly global outages: “Our recent research highlights that 88% of executives in the EU and UK expect another major incident will occur in the next 12 months. Given the interconnected nature of systems and the pressing need to safeguard financial data and customer trust, this regulation provides welcome control for the market.”
Crespo stresses that time is of the essence for firms to comply with DORA’s rigorous requirements, which include audits, reporting, and accountability for services provided. To succeed, firms must lean on technology, particularly AI and AIOps, to minimise disruptions and ensure a swift return to normalcy when outages occur.
Crypto and DORA: A Gateway to Legitimacy
For the crypto sector, DORA represents a critical step toward mainstream acceptance. Can Taner, CPO at Bitpace, believes the regulation, alongside MICA guidelines, provides the robust framework necessary to legitimise crypto as a viable payment solution:
“DORA’s impact will herald new levels of transparency in the industry and prove a positive step for building consumer trust in digital payments. It encourages companies to take a proactive approach to security, building out a robust data strategy rather than mitigating risks by allocating capital to cover losses.”
Taner also highlights crypto’s potential to offer businesses a lifeline amidst geopolitical and economic challenges, providing a gateway to borderless commerce and streamlined digital payments.
A New Chapter in Financial Resilience
While DORA presents significant challenges—particularly for smaller players—it is a necessary evolution as the industry shifts from rapid growth to long-term stability. The regulation not only aims to protect consumers and markets but also encourages the adoption of technologies like AI to navigate its complexities.
For the financial services sector, this is a wake-up call to embrace resilience at scale, ensuring customer trust and market integrity. As Eduardo Crespo aptly puts it: Time is of the essence. FS leaders must act now, leveraging technology to build the resilient, transparent, and compliant systems DORA demands.”
IBSi FinTech Journal

- Most trusted FinTech journal since 1991
- Digital monthly issue
- 60+ pages of research, analysis, interviews, opinions, and rankings
- Global coverage
Other Related News
February 11, 2025
Safer Internet Day 2025: Why RBI’s latest security moves matter for every Indian
Read MoreRelated Reports

Sales League Table Report 2024
Know More
Global Digital Banking Vendor & Landscape Report Q4 2024
Know More
NextGen WealthTech: The Trends To Shape The Future Q4 2023
Know More
IBSi Spectrum Report: Supply Chain Finance Platforms Q4 2023
Know More