back Back

Nearly half of UK banks will miss DORA deadline, risking hefty fines

By Gloria Methri

January 17, 2025

  • Compliance Regulations
  • Cyber - Attacks
  • Cyber Fraud
Share

Fraud, Risk Management, AI, ML, Financial Crime, FinTech, EuropeAs the clock ticks down to January 17th, the deadline for the Digital Operational Resilience Act (DORA) looms over the UK’s financial services industry. However, new research from Orange Cyberdefense reveals that 43% of UK financial institutions are unlikely to meet the stringent DORA compliance deadline, putting them at risk of substantial fines that could reach up to 1% of their worldwide daily turnover for up to six months. With non-compliance potentially costing firms millions, the pressure is mounting.

DORA, a regulation introduced by the European Union (EU), aims to bolster the resilience of the financial sector against digital threats. While nearly 9 in 10 senior security decision-makers acknowledge the value of DORA in strengthening the financial ecosystem, compliance remains a major hurdle.

A Censuswide survey of 200 UK CISOs and senior security experts, commissioned by Orange Cyberdefense, found that although there is broad support for the regulation, many firms are struggling to meet the requirements.

The Compliance Challenge

Despite positive sentiments about DORA’s potential, financial institutions face several barriers to compliance. The research highlights that a lack of prioritisation from the wider organisation (28%), a short timeline (25%), insufficient knowledge or skills (24%), and lack of visibility over third-party partners (23%) are the most significant challenges. These obstacles are putting organisations at risk of missing the deadline.

“Given the complexity of the regulation and the ongoing pressure to balance security needs with broader business goals, it’s no surprise that many financial institutions are falling behind,” said Richard Lindsay, Principal Advisory Consultant at Orange Cyberdefense. “The financial services sector is under constant threat, and while DORA aims to increase resilience, it also requires significant changes to operations.”

External Support and Budget Concerns

To overcome these barriers, a staggering 97% of respondents plan to or already rely on external support. This support comes as no surprise, given that cybersecurity teams are already stretched thin by existing challenges like the Network and Information Systems Directive 2 (NIS2), which took effect in October 2024. The overlapping nature of these regulations is adding further pressure to compliance efforts.

Budget constraints have often been a significant roadblock in cybersecurity. However, 84% of respondents report that their organisations have allocated sufficient funds to meet DORA compliance. Many firms have shifted resources, with 78% reallocating budget from other business areas and 48% moving staff from other projects to focus on cybersecurity. Still, 66% of senior security professionals predict that DORA will significantly increase cybersecurity costs in the long term.

The Growing Threat Landscape

The urgency surrounding DORA compliance is not only due to regulatory pressures but also the increasing risks in the cyber threat landscape. The financial services industry remains a prime target for cybercriminals, and as Lindsay points out, “The likelihood of a breach has never been higher.” DORA’s regulations mandate essential measures for protection, detection, containment, recovery, and repair, along with oversight of ICT third-party risks, to help mitigate these risks.

Financial services firms that fail to meet the DORA deadline risk not only hefty fines but also the potential for reputational damage and loss of customer trust. As Lindsay emphasises, “The clock is ticking, and businesses must take action now to avoid catastrophic consequences.”

The path to DORA compliance isn’t without challenges, but the benefits of building operational resilience and avoiding hefty fines far outweigh the risks. For many organisations, the time to act is now – before it’s too late.

Previous Article

January 17, 2025

Lunate, Wio Invest partner to boost wealth creation for UAE investors

Read More
Next Article

January 17, 2025

Amazon to acquire Indian digital lending firm Axio

Read More






IBSi FinTech Journal

  • Most trusted FinTech journal since 1991
  • Digital monthly issue
  • 60+ pages of research, analysis, interviews, opinions, and rankings
  • Global coverage
Subscribe Now

Other Related News

February 11, 2025

Safer Internet Day 2025: Why RBI’s latest security moves matter for every Indian

Read More

February 10, 2025

ACI Worldwide partners with Banfico to tackle APP fraud in Europe

Read More

February 07, 2025

Perfios acquires fraud-detection platform Clari5

Read More

Related Reports

Sales League Table Report 2024
Know More
Global Digital Banking Vendor & Landscape Report Q4 2024
Know More
NextGen WealthTech: The Trends To Shape The Future Q4 2023
Know More
IBSi Spectrum Report: Supply Chain Finance Platforms Q4 2023
Know More
Treasury & Capital Markets Systems Report Q4 2024
Know More