DORA: A guide for derivatives market participants

In a rapidly evolving digital landscape, the financial sector, including the derivatives markets, faces unprecedented challenges in terms of cyber threats and information and communication technology (ICT) related disruptions. Enter DORA - the European Union's Digital Operational Resilience Act. But what exactly is DORA, and why should derivatives market participants take note?

In this blog article, we introduce DORA, discuss the challenges it aims to tackle, and delve into its potential ramifications for the derivatives markets industry.

What is DORA?

The Digital Operational Resilience Act is the European Commission's strategy to ensure a harmonised approach to digital resilience across the EU's financial sector. Rather than navigating a myriad of national rules, DORA offers a consistent set of regulations focused on reinforcing the digital infrastructure of financial entities.

ICT Risk Management

DORA mandates financial institutions to adopt a robust ICT risk management framework. This framework must synchronise with the institution's overarching risk management ethos and undergo regular reviews and updates.

Recovery Planning

A comprehensive plan to endure and recover from ICT-induced disruptions is another cornerstone of DORA. Institutions must be equipped with preventive, detective, and responsive measures to ICT incidents. Additionally, strategies for restoring ICT systems post-disruption are imperative.

Reporting Requirements

To promote transparency and coordination, DORA obliges institutions to keep relevant authorities informed about their ICT resilience. Reports should encapsulate the ICT risk management framework, response plans for potential incidents, and results from resilience tests.

What challenges is DORA trying to address?

As the derivatives markets and other financial sectors increasingly depend on digital platforms, software, and third-party services, they become susceptible to ICT threats. From cyberattacks to technical glitches, these disruptions can have cascading effects, potentially destabilising not only individual institutions but broader financial ecosystems.

DORA is being introduced to address a number of challenges that have been identified in the financial sector, including:

  • The increasing reliance of financial institutions on ICT systems and processes.
  • The growing sophistication of cyberattacks.
  • The increasing interconnectedness of the financial system.
  • The lack of coordination between different regulators in the EU.

The new age of digital resilience

The derivatives markets are a complex and interconnected ecosystem. DORA is likely to have a significant impact on this ecosystem, as it will require all participants to improve their ICT resilience.

While DORA encompasses the entirety of the EU’s financial sector, derivatives market participants should be especially attuned. This includes trading platforms, clearing houses, brokers, and even software providers catering to the derivatives markets. The intertwined nature of the derivatives ecosystem means a disruption at one node can ripple across the network.

To conclude, DORA is a significant regulation that is likely to have a major impact on the derivatives markets ecosystem. As the digital frontier continues to expand, understanding and complying with DORA becomes paramount, not just for adherence but to safeguard the very essence of the derivatives landscape.

Get in touch to find out more about Cumulus9.