Our client, a global insurance and reinsurance group, needed to ensure compliance with the upcoming Digital Operational Resilience Act (DORA) requirements by January 2025.
However, they were uncertain about their current level of compliance. They wished to understand where the gaps were, and to have an achievable plan to address these prior to the implementation deadline.
Global Insurer
Operational Resilience
Operational Resilience, DORA
Enhanced compliance with DORA requirements, ensuring regulatory readiness.
Improved operational efficiency through identified enhancements.
Strengthened organisational resilience with tailored training and expert support.
BeyondFS was engaged due to our extensive experience in assessing and implementing operational resilience, including specific experience in the insurance market.
We applied our expertise to the new DORA regulations by conducting a comprehensive assessment of the client's business areas. This involved evaluating their current compliance against existing operational resilience best practice and the new DORA requirements.
Our team reviewed operational data and reporting and conducted interviews with senior managers to gauge current compliance levels. We considered other regulatory drivers, such as GDPR, and examined their interaction with DORA.
Through this process, we identified critical gaps and proposed solutions, recommending a prioritised approach to address these gaps and operationalise the necessary changes for compliance.
BeyondFS documented a comprehensive matrix of required changes, mapped against regulatory requirements, and developed a plan to implement these changes well before the DORA deadline.
In addition to addressing operational resilience, we identified and integrated other operational improvements to enhance efficiency.
We provided board-level training on operational resilience requirements and secured approval for the recommended changes and plan from the client’s executive team.
The next step involves a 5-month programme to execute the changes, with a dedicated team of two consultants collaborating with the client’s in-house team. Regulatory-standard artifacts have been incorporated into the statement of work, covering both operational resilience and other efficiencies.