.jpg?cache-buster=2025-06-26T15:37:04.954Z)
Digital Operational Resilience Act
The Digital Operational Resilience Act (DORA) is an EU regulation aimed at ensuring that financial entities and their critical ICT service providers can effectively manage and withstand cybersecurity and operational disruptions.
It establishes uniform requirements for ICT risk management, incident reporting, third-party oversight and resilience testing.
DORA entered into force on 16 January 2023 and becomes fully applicable across the EU on 17 January 2025.
As a cloud service provider operating in the EU, Nebius qualifies as an ICT third-party service provider under DORA.
Nebius aligns its practices with the regulation and has undergone an independent audit to assess compliance with DORA and NIS2 requirements.
This includes robust risk management, incident response and business continuity controls to support the operational resilience of financial sector clients.
Questions and answers
DORA (Digital Operational Resilience Act) is an EU regulation that sets uniform requirements for managing ICT-related risks in the financial sector. It aims to ensure that financial entities and their critical ICT providers can prevent, respond to and recover from operational disruptions and cyber threats.