The Wealth Mosaic’s talks to interview series shines a light on senior executives from leading wealth management firms, solution providers, and WealthTech influencers to learn more about them, their perspectives on the market, and how they see the future of wealth management.

“With DORA coming into force from January next year, impacting over 22,000 finance sector firms and their ICT service providers, now is the time for these firms to quickly assess their level of DORA readiness.”

For this iinterview, we interviewed Rupert Bull, CEO and Founder of The Disruption House, about the increasing importance and need to be DORA compliant by January 2025.

Can you tell our readers a bit about yourself, your career to date, and your role at The Disruption House?
I’m a serial entrepreneur with over 25 years of Fintech experience within both large organisations, such as Reuters and Instinet, and startups.

I previously co-founded, built, and sold Expand Research – the leading Capital Markets benchmarking and research business – to the Boston Consulting Group in 2011.

In early 2015, I co-founded The Disruption House with the goal of making ESG and Business Resilience services accessible to businesses of all sizes. Today, we provide one of the fastest and most effective sustainability assessment frameworks on the market.

What is DORA?
Over the past 20 years, the finance industry has suffered more than 20,000 cyberattacks, generating US$12 billion in losses, according to the IMF’s latest Global Financial Stability Report (1).

That’s why legislators have introduced the Digital Operations Resilience Act (DORA), which comes into force in January 2025. DORA will require the financial industry to treat operational resilience and cybersecurity risk at a level comparable to financial risk. 

The financial services sector is uniquely exposed to cyber risk, due to the interdependence of financial institutions and the sensitive nature of the data they collect.

DORA ensures that financial institutions, their vendors – and their clients – are protected against just this kind of risk. 

Whilst larger institutions may have their own robust cybersecurity systems, they also need to ensure that all of the businesses in their supply chain are similarly protected. Likewise, if these supply chain companies want to keep doing business with the banks, they need to prove their resilience.

Why is DORA relevant in the industry today?
DORA is coming. In just over three months, it will directly impact tens of thousands of organisations, and affect many more of their suppliers, whether they’re ready or not. It lays down stringent requirements to strengthen cybersecurity and operational resilience for organisations in the financial sector.

To ensure they’re compliant, these organisations will need to take a hard look at the architectural decisions they’ve made over the years – and they’ll need to do it sooner rather than later. 

You can read more about DORA’s background and its ongoing relevance to the financial sector in The Disruption House’s recent article with The Wealth Mosaic here.

What demands does DORA impose?
The nature of the cyberthreats to the finance sector – and those who rely on it – makes action from regulators and supervisors to identify vulnerabilities and boost resilience inevitable. But if one looks at what DORA demands of firms, it is largely requiring them to look after their own interests. To deliver to clients, a firm’s governance, risk management and controls must extend seamlessly and comprehensively across its ICT infrastructure – including the suppliers, networks, systems and data exchange and storage capabilities that underpin its services and operations.

Going forward, to demonstrate end-to-end cyber-resilience to the satisfaction of the European Supervisory Authorities, firms will need to develop a global strategy, built on a programme that covers third-party risk management, skills development, inventory management, business continuity, asset configuration management and penetration testing.

How should firms get ahead of DORA?
In the first instance, firms need to secure their digital borders in line with regulations like DORA because global policymakers and supervisors expect it. As the IMF notes, "Cyber incidents are a key operational risk that could threaten financial institutions’ operational resilience and adversely affect overall macro-financial stability."

But getting ahead of DORA is not just a matter of compliance.

In-scope firms also need to develop and reinforce strategies to handle these growing and evolving risks for their own long-term success. To bring ones’ operational resilience up to a new global standard is to take a step towards a future based on deep, trusted and sustainable relationships along the supply chain.

How does The Disruption House support DORA readiness?
The Disruption House’s operational resilience experts, in conjunction with our industry-leading partners, support DORA readiness via a programme of assessments, reporting, recommendations and remediation.

To deliver practical and actionable value, our DORA-specific questionnaire is designed to assess a firm’s digital resilience capability and potential red flags, provide alignment scores with DORA, then recommend a remediation strategy.

Businesses are already seeing success with the assessment. Ben Saxton, head of banking at Formpipe, recently said that it ‘quickly delivered positive insights regarding our alignment to the regulation and helped us on our readiness strategy.’

Discover more information on how The Disruption House is supporting the transition to DORA alignment here.

About The Disruption House
The Disruption House is a world-leading, trusted sustainability advisory firm. The company is led by Rupert Bull, a seasoned entrepreneur with a stellar record of building successful businesses in the financial services arena. Rupert is supported by a growing team of highly experienced sustainability, technology and business development experts. The team is committed to helping clients transform into modern, sustainable businesses. We are with you wherever you are on this vital journey.

Review your business capabilities and get ready for upcoming sustainability and operational resiliency regulations with our convenient and cost-efficient assessment frameworks, designed by industry experts to empower businesses.

For more information, please visit here.

About the WealthTech Talks Interview Series
The Wealth Mosaic’s WealthTech Talks Interview series shines a light on senior executives from leading wealth management firms, solution providers, and WealthTech influencers to learn more about them, their journey, their perspectives on the market, and how they see the future of wealth management.

Interested in featuring in The Wealth Mosaic’s WealthTech Talks Interview series? Get in touch to discover more and how you can feature today: office@thewealthmosaic.com