“Vámonos!” Declares DORA, but 43% of UK Financial Services Say “No”

On January 17^TH, 2025, the EU’s Digital Operational Resilience Act (DORA) came into effect. However, a recent survey of 200 UK CISOs from Censuswide found that 43% of the UK financial services industry will miss this compliance deadline despite facing the possibility of fines of up to 1% of global daily turnover for up to six months.

Make it Make Sense

A key question to answer first is, if the UK is no longer a member of the EU, why does DORA even apply to UK businesses? Well, although DORA isn’t directly applicable in the UK, it is still relevant for many UK-based entities, particularly financial firms and ICT service providers that offer services in the EU, either directly or through their group. 

DORA is a complex and comprehensive piece of cybersecurity regulation that impacts all entities operating within EU jurisdictions. It will affect ...