Nearly half of the UK’s financial institutions are at risk of missing the European Union’s (EU’s) DORA compliance deadline today.
According to a survey commissioned by Orange Cyberdefense, 43% of these institutions admit they are still grappling with DORA’s requirements and anticipate needing at least three more months to comply, which could expose them to substantial regulatory fines, claims Computer Weekly.
The survey, carried out by Censuswide, involved 200 UK chief information security officers and cyber decision-makers, highlighting widespread belief that DORA will significantly bolster resilience across the EU’s financial sector and its extended ecosystem. Despite the optimism, several barriers to compliance were noted. These include internal prioritisation issues (28%), constrained timelines (25%), a lack of necessary skills and knowledge (24%), and poor visibility into supply chains and third-party partnerships (23%). To address these challenges, a whopping 97% of respondents are considering seeking external support.
Financial commitment towards compliance appears robust, with 84% stating they have received adequate or more than sufficient budgets. A parallel report from Rubrik Zero Labs revealed that nearly half of the surveyed organisations have invested over €1m (£842,000) in compliance-related activities. Richard Lindsay, principal advisory consultant at Orange Cyberdefense, commented on the congested regulatory landscape, “The financial services industry is now navigating a maze of overlapping standards and laws. The threat landscape has also become more volatile, making financial institutions prime targets for cyberattacks.”
DORA, which aims to enhance cybersecurity and operational resilience across various financial entities, including banks and insurance companies, mandates several measures. These range from comprehensive cyber risk assessments and integrated incident reporting to cyber resilience testing and cross-framework governance. Mitun Zavery, vice president of solution architecture at Sonatype, compared the urgency of DORA compliance to the GDPR, suggesting that prioritising these efforts now could mitigate future challenges and penalties.
Keep up with all the latest FinTech news here
Copyright © 2025 FinTech Global
