All sectors
🏦
S03 · EU Compliance

Financial / Banking — compliance

Financial institutions face the most demanding regulatory stack in the EU. DORA enters full enforcement in 2025. Combined with AVG, PSD2 and Basel IV, operational resilience is now a board-level obligation.

Start free compliance scan Speak to Mike
Relevant roles: CFO · CIO · CISO · CEO

What keeps compliance officers awake

// SECTOR REALITY

DORA requires ICT risk management, regular resilience testing (TLPT), incident classification within 4 hours and strict third-party oversight. Non-compliance with DORA carries unlimited fines based on annual turnover.

Applicable EU frameworks

DORA
Digital Operational Resilience Act
Full enforcement from Jan 2025. ICT risk, TLPT testing, 4h incident classification, third-party registries.
PSD2
Payment Services Directive 2
Strong customer authentication, open banking APIs, third-party provider oversight.
AVG/GDPR
Algemene Verordening Gegevensbescherming
Customer financial data: consent, profiling restrictions, breach notification.
Basel IV
Basel Committee Banking Supervision IV
Operational risk capital requirements — cyber risk now a material line item.
Free · 30 minutes

Know exactly where you stand

The CMO→FMO scan gives you a personalised compliance report for Financial / Banking. 9 questions. Instant report. No registration.

Start CMO → FMO scan (free) ← Other sectors