๐ฎ๐ณIndia
DORA compliance in India
DORA (Digital Operational Resilience Act) applies to financial entities and their ICT third-party providers in the EU, ensuring digital operational resilience.
Enforcement authority
National financial supervisory authorities + ESAs (EBA, ESMA, EIOPA)
Maximum sanctions
Penalties determined by national competent authorities. Critical ICT providers face fines up to 1% of daily worldwide turnover.
Key obligations
What DORA requires from organizations operating in India.
Implement ICT risk management framework
Establish ICT-related incident reporting procedures
Conduct digital operational resilience testing
Manage ICT third-party risk with contractual provisions
Participate in threat-led penetration testing (TLPT)
Local context in India
DORA applies from January 17, 2025. Financial entities must ensure full compliance with ICT risk management requirements.
DORA by industry in India
Frequently asked questions
How does DORA apply in India?
DORA (Digital Operational Resilience Act) applies to financial entities and their ICT third-party providers in the EU, ensuring digital operational resilience.
Who enforces DORA in India?
National financial supervisory authorities + ESAs (EBA, ESMA, EIOPA)
What are the penalties for DORA non-compliance?
Penalties determined by national competent authorities. Critical ICT providers face fines up to 1% of daily worldwide turnover.
Check your DORA compliance now
Run a free scan to see your risk score and applicable obligations.