In this second part of our discussion with Lafond, he refers to internal threats, side-channel attacks, vendor risks and having a well-equipped incident response plan and team.

With DORA now in effect, the EU’s financial sector is entering a new phase of operational resilience obligations, where firms must shift from preparation to action.

The absence of a transitional period presents a challenge for firms and third parties.

Experts from Morgan Stanley, BNY, Nomura and First Abu Dhabi Bank discussed this key issue at the leading compliance industry event.

Regulatory preparedness, resilience and evolving challenges among the topics covered in an insightful and data-rich document.

Developments include: potential standardization of threat-led penetration testing, new oversight director for DORA and ESA's work program.

Although non-mandatory and applicable to regulated entities in Germany the practical guidance offers helpful insight into key aspects of the new regime.

Increasing reliance on digital platforms and a growing threat from bad actors means regulators are giving more attention to cybersecurity compliance.