CLPAI 2026.1 Methodology

Home Glossary Digital Operational Resilience Act

Operational Resilience (DORA)

Digital Operational Resilience Act (DORA)

Regulation (EU) 2022/2554 — EU-wide ICT risk-management framework that applies to CASPs from January 2025.

Definition

DORA is the EU framework for ICT risk management and operational resilience in financial services. Applies to CASPs alongside MiCA. Five pillars: ICT risk management, incident reporting, digital operational resilience testing, third-party risk management, information sharing. In force from 17 January 2025.

Regulatory citation

Regulation (EU) 2022/2554 ↗

Related deep-dives

DORA · ICT operational resilience

DORA ICT Resilience Plan for CASPs: What 2026 Requires

DORA applies to MiCA-authorised CASPs from 17 January 2025. By 2026 supervisors are scrutinising ICT-resilience plans against actual operati…