Digital Operational Resilience Act
An EU regulation that requires banks, insurers, investment firms, and other financial entities to withstand and recover from ICT disruptions. It mandates ICT risk management, incident reporting, resilience testing, and oversight of critical third-party providers such as cloud vendors. It applies from January 2025 and reshapes how European finance manages technology risk.