DORA and Sustainability: Strengthening Financial Resilience for a Greener Future

The financial sector is undergoing a profound transformation, driven by two fundamental forces—digital resilience and sustainability.

At first glance, these may seem like separate objectives, but the European Union’s Digital Operational Resilience Act (DORA) reveals how interconnected they truly are. By enforcing stringent cybersecurity, risk management, and transparency standards, DORA fortifies the financial ecosystem against digital threats and lays the groundwork for a more sustainable and ethically responsible financial sector.

DORA, took effect on 17 January, 2025, is often discussed in the context of cybersecurity and ICT risk management, but its broader implications extend into corporate governance, ethical investment, and environmental sustainability.

As financial institutions adopt DORA’s requirements, they are compelled to enhance operational sustainability, ensuring business continuity while minimising their environmental footprint. This alignment is not coincidental—It reflects a growing recognition that long-term resilience requires both technological robustness and responsible resource management.

One of the key objectives of sustainability is to reduce systemic risks—whether environmental, financial, or technological. DORA plays a crucial role in risk mitigation, ensuring that financial institutions withstand digital disruptions, cyber threats, and operational failures, much like ESG (Environmental, Social, and Governance) frameworks seek to address environmental and social vulnerabilities.

To comply with DORA, in-scope entities must adopt robust measures across several key areas but the main three (3) are noted.

A Business Imperative

While many organisations may initially perceive DORA as an added regulatory burden, it should instead be viewed as a value driver. A secure, transparent, and sustainable financial ecosystem fosters investor confidence, enhances risk management, and creates long-term competitive advantages.

In short, DORA should be seen as a fundamental enabler of sustainability in the financial and commercial sector. By strengthening digital resilience, enforcing transparency, and embedding ethical considerations into financial operations, DORA helps financial institutions and organisations to adapt to an era where resilience and sustainability are inseparable.

The challenge now is for financial institutions to embrace this shift proactively, using DORA as a tool not just for compliance, but for building a more secure, transparent, and sustainable financial future.

Combating ‘Greenwashing’

A major challenge in sustainable finance has been greenwashing—the practice of misleading stakeholders about environmental commitments. DORA introduces enhanced transparency and regulatory oversight that can help combat greenwashing, ensuring that financial institutions are held accountable for their sustainability claims.

By requiring institutions to disclose risks, report incidents, and maintain operational transparency, DORA naturally extends to sustainability disclosures. Financial institutions now have an obligation to demonstrate digital resilience as well as genuine environmental and social responsibility.

Sustainable Investment and Ethical Operations

DORA also plays a pivotal role in reshaping investment strategies. The regulation encourages institutions to integrate ethical and sustainable considerations into their operations, reinforcing the idea that responsible investing is not just a compliance requirement but a business imperative.

With growing investor demand for sustainable finance, financial entities must ensure that the ICT infrastructure supporting green investments is resilient. Cyberattacks, system failures, or weak digital governance could undermine sustainable initiatives—making digital resilience a prerequisite for the credibility of ESG-driven financial products.

DORA, in practice, provides reliable metrics that help teams contextualise their performance. It aims to unify development and operations to enhance overall efficiency and capabilities while promoting a high degree of transparency. This transparency enables fact-based decision-making across the entire spectrum of strategic planning, risk management, IT investment management, change execution, and operations.

Entities are expected to adopt clean, streamlined IT procedures and a structured process landscape that integrates risk considerations into corporate decision-making.

*Nicole K. Phinopoulou, Lawyer, Banking & Financial Services, ESG & Sustainable Finance Expert, Regulatory Compliance, LL. B (Hons), LL.M(UCL), LPC, CISL, University of Cambridge