All regulations
European Union

DORA

The Digital Operational Resilience Act establishes uniform requirements for the security of network and information systems supporting EU financial entities — including AI and ICT third parties.

Who it applies to

  • Banks, insurers, investment firms and other EU financial entities
  • Critical ICT third-party providers, including AI vendors
  • Cross-border financial groups operating within the EU

Core obligations

  • ICT risk management framework with board accountability
  • Incident classification and reporting to competent authorities
  • Digital operational resilience testing including TLPT
  • Manage and monitor ICT third-party risk concentrations

How Vigil24 helps

  • Inventories AI and ICT third-party tools used by staff
  • Identifies concentration risk and unapproved vendors
  • Generates DORA-aligned third-party risk evidence