DORA is enforced by designated regulators in each EU member state, known as competent authorities. These competent authorities can request that financial organisations implement specific security measures and remediate vulnerabilities. Meanwhile, EU member states can impose penalties on organisations that fail to comply. The nature of these penalties is decided by each member state.
ICT service providers classified as critical by the European Commission are directly supervised by the European Supervisory Authorities (ESAs), which have similar powers to competent authorities (i.e., requesting the implementation of security measures and the remediation of vulnerabilities). ESAs also have the power to fine non-compliant ICT service providers up to 1% of their average daily worldwide turnover.
Achieve Full DORA Compliance with Confidence
Close your compliance gaps with expert support. We’ll deliver tailored, actionable recommendations to ensure you meet DORA requirements and protect your operations.
Find out more
related BLog
DORA - The Digital Operations Resilience Act
Published on
5 Jun
2025
URM’s blog discusses the EU’s Digital Operation’s Resilience Act (DORA), explaining who it will apply to, its requirements, how it will be enforced, and more.
Read more
"
It’s one thing having the required technical knowledge, it’s another thing for a consultant to apply that knowledge to the context of our organisation. To use a sporting analogy, we view cyber and information security as a marathon not a sprint. I am not a believer in doing everything all at once. Our approach has been risk based and incremental, remediating our biggest risks first before moving on. I believe this approach is far more sustainable and effective. And URM’s consultants fully understand this and are very pragmatic and tailored in their guidance and advice. They know we are not implementing ISO 27001 purely for the certificate, but more as a framework for continual improvement, and at a pace where new systems and processes can be fully understood and absorbed by our team and be business as usual.
The Owners and Distributors of Quality Brands
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.