Embracing EU’s DORA: Our proactive approach to enhanced financial resilience

As DORA comes into effect, we are working hard to approach this significant regulation proactively in collaboration with our customers.
Two men smiling and sitting next to each other at a desk in an office setting.

In the rapidly evolving financial landscape, regulatory compliance is more than just a requirement; it's a foundation of trust and reliability. As the European Union's Digital Operational Resilience Act (DORA) comes into effect, we work hard to take a proactive approach to this significant regulation in collaboration with our customers. In this blog, we share the measures Trapets takes to stay ahead. 

The foundation: ISO27001 certification

A central component of our work is prioritising the security of our solutions and protecting our customers' data. The certification under ISO27001, the international standard for information security management, proves this commitment. This certification ensures that we have established, implemented, maintained, and continuously improved a robust information security management system (ISMS).

The ISO27001 certification provides a strong foundation, aligning practices with the best global standards. It covers critical areas such as risk management, incident response, and business continuity, which are now integral to our daily operations.

Understanding DORA

The Digital Operational Resilience Act (DORA) is an EU regulation that aims to ensure that the financial sector in the EU can withstand, respond to, and recover from all types of ICT (information and communication technology) related disruptions and threats. It focuses on five key pillars:

  1. ICT risk management
  2. ICT incident reporting
  3. Digital operational resilience testing
  4. Third-party risk management
  5. Information sharing

Recognising the importance of these pillars and integrating them into an operational framework is key to enhancing resilience further.

How we go beyond compliance

While compliance with DORA is mandatory, Trapets' approach goes beyond compliance. Here's how we are taking proactive measures to align with and exceed the expectations of DORA:

1. Enhanced ICT risk management

An updated risk management process, including advanced threat detection and mitigation strategies, is currently in progress. With continuous, regular risk assessments and audits, we ensure that our systems are resilient against emerging threats.

2. Robust incident reporting mechanisms 

We are refining our incident reporting mechanisms to ensure timely and accurate reporting of ICT-related incidents.

3. Comprehensive resilience testing

Regular resilience testing, including penetration tests, is conducted to validate the effectiveness of our defences. These tests help us identify vulnerabilities and address them promptly.

4. Strengthened third-party risk management

We are implementing more efficient information sharing to facilitate our customers' pre-contractual due diligence and ongoing audit. A continuous focus on implementing more stringent criteria and processes for evaluating and managing the risks associated with our third-party vendors shows a commitment to continuous improvement across the chain. Our due diligence processes ensure that our partners meet high security and resilience standards.

5. Collaborative information sharing

We actively participate in information-sharing networks to stay informed about the latest threats and best practices. This enables us to respond to threats more effectively and contributes to the overall security of the financial sector.

A commitment to staying ahead

Our dedication to staying ahead of financial crime relies on ongoing work with our security and operational resilience. As new challenges and regulations arise, we will continue to adapt and enhance our practices. Our proactive approach to DORA reflects our commitment to protecting our clients and maintaining their trust.

Embracing these regulations by going beyond compliance, provides a safer, more resilient financial environment.

A busy city street in Stockholm with modern buildings and a blurred person walking in the foreground.

Trapets and DORA

To answer some of the most commonly asked questions about Trapets and DORA, we have summarised some initial information in the document below.