In our latest Privacyespresso episode, we continue our deep dive into building a unified compliance strategy within NIS2, CRA, DORA, and GDPR. This time, we focus on DORA, the regulation shaping digital operational resilience in the financial sector.
Financial institutions across Europe are working to implement DORA, but many are encountering common pitfalls that could create compliance risks. In this episode, Nicole Fortunato from Morais Leitão (MLGTS), PrivacyRules Portuguese member firm, shares real-world insights on key mistakes businesses are making, including:
– Misinterpreting the scope of ICT services under DORA compared to outsourcing rules.
– Overlooking location requirements, leading to compliance gaps.
– Treating DORA’s data protection requirements as identical to GDPR, missing key distinctions.
– Failing to create a cross-functional compliance team that brings together legal, IT, and risk experts.
Why does this matter? DORA is more than just another compliance requirement—it is designed to enhance cybersecurity resilience and ensure financial stability in an increasingly digital landscape. Organizations that take the right approach from the start will avoid costly missteps and ensure long-term compliance.
Don’t miss these key takeaways! Watch the full episode and gain practical insights from our expert discussion.
Listen to the full episode : https://bit.ly/4ivNWCa