Finery Markets’ Role in a DORA-Compliant environment

The Digital Operational Resilience Act (DORA) is a game-changer for financial institutions across the EU, setting new standards for information and communication technology (ICT) risk management and resilience. It is set to apply from January 17, 2025 and the financial industry is gearing up for significant changes in ICT risk management.

Here’s how it impacts us and our clients at Finery Markets:

What is DORA?

DORA is an EU regulation designed to ensure financial entities—such as banks, payment providers, and investment firms—can withstand and recover from ICT-related disruptions. It establishes a binding, comprehensive framework for ICT risk management in the EU financial sector. The regulation aims to ensure that financial institutions can withstand, respond to, and recover from all types of ICT-related disruptions and threat

It introduces:

Mandatory testing and risk management for ICT systems;
Stricter oversight of third-party ICT providers;
Enhanced incident reporting requirements.

To comply with DORA, financial entities must:

Establish comprehensive ICT risk management frameworks;
Implement incident reporting mechanisms;
Conduct regular resilience testing;
Manage third-party ICT risks effectively.

Our role

As an ICT service provider supporting financial institutions, Finery Markets plays a vital role in their operational resilience. We are the first crypto ECN to obtain SOC-2 Type 1 and Type 2 certifications.

These certifications reflect our continuously evolving processes across critical information security domains, including access management, network security, operational monitoring, incident management, business continuity, secure software development, and more.

In addition, we conduct annual penetration testing with a CREST-certified provider, ensuring our platform meets and industry benchmarks for resilience.

Here’s how we align with DORA’s requirements:

Delivering secure, reliable, and scalable ICT solutions;
Supporting clients with robust operational continuity measures;
Offering transparency to help financial institutions meet DORA’s due diligence standards.