THE FINTECH INTERVIEW
Balancing innovation with regulatory compliance Regulations including the Digital Operational Resilience Act( DORA) and cyber resilience legislation take effect in 2025, creating additional complexity for cloud transformation initiatives.
Banks must balance rapid innovation requirements with increasingly stringent regulatory demands. DORA specifically targets financial services operational resilience, mandating comprehensive risk management for digital systems and third-party dependencies.
These requirements add layers of compliance complexity to cloud migration projects.
The constant introduction of new regulatory standards creates confusion and operational overhead. International debates between governments and technology companies regarding different market approaches exacerbate this complexity.
“ The almost-constant introduction of new regulatory standards brings increased confusion and complexity,” Peter explains.“ That’ s exacerbated by international debate, whether between government or big tech players, on the validity of different approaches in different markets.” Organisations require clarity above all else when navigating this regulatory landscape. Establishing clear ownership hierarchies for key regulatory pillars represents a basic but crucial step toward meeting compliance standards.
55 %
of banks cite legacy systems as their top transformation barrier
Demanding clarity from regulatory bodies becomes equally important. This involves defining critical elements within legislation and ensuring no ambiguity exists regarding compliance requirements. Clear parameters enable effective implementation strategies.
Once these parameters are established, automation can reduce the burden of monitoring compliance performance.
Many regulations now mandate continuous reporting, making AI-powered monitoring solutions increasingly feasible and necessary.
“ Many bills like DORA now mandate constant reporting, and the advent of AI has made that process much more feasible,” Peter says.
Ideally, monitoring platforms and dashboards should enable real-time incident response capabilities. Continuous awareness provides limited value without the ability to react immediately to cyberthreats or performance changes.“ 24 / 7 awareness will only take you so far if you can’ t react to incidents like cyberthreats, or changes in performance, as they’ re taking place,” Peter says.
fintechmagazine. com 31