Achieve compliance with the DORA regulation

Understand your risks to better respond to the DORA regulation,
the new resilience standard for the European financial industry

DORA, Europe's new digital operational resilience standard for the financial sector

The new regulation will enter into force in January 2025. It requires European financial players to take a series of measures to guarantee the continuity of their services and their resilience in the digital world. What's more, it expands the codes of good conduct in the digital sector and makes it possible to propose a global approach at European level. 


EBRC was founded in 2000, with the aim of becoming a centre of excellence in the management and protection of sensitive information. EBRC offers 6 service packages to its customers, ranging from hosting services via the Cloud or Data Centres, to consulting services. 

EBRC has a team of multilingual experts who provide its customers with tailor-made support to help them comply with the latest regulations. 

DORA, 5 pillars to guarantee your compliance

DORA is built around five key pillars to help financial players become more resilient:

  1. ICT risk management: Every financial institution must implement IT risk management processes, including risk analysis, resource mapping and business continuity plans. 
  2. Incident reporting: The regulation requires that reporting requirements relating to incidents involving information and communication technologies be complied with. Each institution is therefore required to comply with all of these requirements. 
  3. Testing: The DORA regulation also requires organisations to test their digital operational resilience. In particular, institutions may use a Red Team to assess the incident response. 
  4. Risk management for third-parties: Risk management for subcontractors and the use of external resources, such as the cloud, is a major component of the DORA regulation.
  5. Sharing information and intelligence: to enable everyone to better understand the risks and threats.   

Our added value

Prepare and govern with peace of mind
Prepare and govern with peace of mind:

Effectively assess the gap between your existing systems and the requirements of the directive. Analyse your achievements and identify the various areas for improvement and the processes to be implemented. 

Focus on specific areas
Focus on specific areas:

EBRC's expertise enables us to cover all the requirements of the standard, but we can also help you with specific requests such as supplier analysis or an in-depth analysis of the Cyber-Resilience of an IS.

Benefit from an operational response at all levels
Benefit from an operational response at all levels:

Whether via our Cloud services, where we can offer you a multi-cloud and resilient environment limiting dependency on a single supplier, or via our CYBERFORCE services, EBRC and POST can offer an operational response to incidents, incident response and testing requirements.  

Go further with EBRC:

Get in touch!