Written by Champion and Author Weiyee In, Chief Information Officer, Protego Trust Bank
Executive Summary
This white paper examines some of the key differences between the European Union’s Digital Operational Resilience Act (DORA) and the operational resilience frameworks in the United States, particularly those from the Federal Financial Institutions Examination Council (FFIEC) and other regulatory bodies. It highlights the inconsistencies in approach, scope, and requirements, with a focus on the treatment of Information and Communication Technology (ICT) third-party service providers. This white paper highlights several of the challenges financial institutions will face beginning in January 2025 and the dire need to carefully map the requirements of each framework, develop thoroughly comprehensive and adaptable compliance, security, and data strategies to address the demands of multi-jurisdictional regimes.
