Secure, Innovative & Customer-focused: Key Pillars of DORA & fintech customers
“To earn the respect (and eventually love) of your customers, you first have to respect those customers”
Respect and trust go hand in hand. Hence why we see the importance of the Digital Operational Resilience Act (DORA) in providing best in class services - enabling our payments customers to service their customers with integrity and security while embracing leading edge solutions.
To delve deeper into the impacts of DORA on fintech customers, it's essential to understand the specific aspects of the legislation and how they translate into tangible outcomes for consumers of financial technology services.
The Digital Operational Resilience Act is structured around several key pillars designed to ensure the operational resilience of the financial sector.
These include requirements for risk management, incident reporting, digital operational resilience testing, third-party risk management, and information and intelligence sharing regarding cyber threats.
Let's explore these aspects in more detail:
1. Risk Management
Direct Impact: Fintech firms are required to identify, document, and manage all risks related to their Information, Communication Technology (ICT) systems and services. For their customers, this means dealing with companies that are more aware of their vulnerabilities and are actively working to mitigate these risks. The proactive management of these risks contributes to a safer financial ecosystem, reducing the likelihood of significant disruptions to services.
Enhanced risk management practices may lead to the development of more robust and user-friendly platforms as fintech firms work to eliminate points of failure and streamline customer interactions to minimise risk exposure.
2. Incident Reporting
Transparency and Trust: The obligation to report major ICT-related incidents to regulatory authorities, and in some cases to the public, increases transparency in the fintech sector. Customers can benefit from this transparency by gaining insights into the operational reliability of their service providers, further fostering trust.
Improved Response: Over time, the aggregation and analysis of incident reports will provide valuable insights that can be used to drive improvements and prevent future incidents, leading to a more resilient financial services sector for consumers.
3. Digital Operational Resilience Testing
Service Reliability: DORA mandates regular testing of digital systems to withstand potential cyber threats and other ICT disruptions. This requirement means that the fintech platforms that customers use are likely to be more robust and less prone to outages, ensuring that critical financial transactions can be carried out without interruption.
Innovation in Security: The need for ongoing resilience testing may encourage fintech firms to innovate, adopting new technologies and practices that enhance security and service reliability.
4. Third-party Risk Management
Supply Chain Security: Many fintech's rely on third-party providers for critical services. DORA's focus on managing the risk associated with these third parties means that fintech customers can have greater confidence in the overall security and reliability of the fintech ecosystem, as vulnerabilities in the supply chain are addressed.
Consistency in Service Quality: With stricter controls on third-party providers, customers can expect a more consistent level of service, as fintech firms are held accountable for ensuring their partners meet the same high standards of operational resilience.
5. Information and Intelligence Sharing
Collective Defence: By facilitating the sharing of information and intelligence on cyber threats within the financial sector, DORA enhances the collective ability to defend against cyberattacks. This collaborative approach benefits customers by making the financial ecosystem more secure as a whole.
For fintech customers, the implications of DORA extend beyond enhanced security and reliability. The act fosters an environment where financial services are not only more secure but also more innovative and customer-focused. The emphasis on resilience, transparency, and collaboration aims to create a financial sector that is not only resistant to disruptions but also more aligned with the needs and expectations of its customers. However, the full impact on customers will also depend on how fintech companies implement these requirements and communicate their efforts to customers, balancing the costs of compliance with the need to provide competitive and high-quality services.
