DORA Is Live — What It Means for AI Systems in Financial Services

The Digital Operational Resilience Act (DORA) has been fully enforced since January 17, 2025. Yet across the financial services sector — banks, insurers, investment firms, payment institutions, and their technology providers — a significant portion of AI compliance work has focused almost entirely on the EU AI Act while treating DORA as an IT infrastructure problem owned by a different team. That siloing is creating gaps.

What DORA Is and Who It Applies To

DORA establishes a unified framework for ICT (Information and Communications Technology) risk management across EU financial entities. It applies to: credit institutions, payment institutions, electronic money institutions, investment firms, crypto-asset service providers, insurance undertakings, and — crucially — ICT third-party service providers that provide services to those entities. If your company provides AI services to a financial institution operating in the EU, DORA applies to you even if you are not yourself a financial entity.

DORA is organized around five pillars: ICT risk management, ICT-related incident classification and reporting, digital operational resilience testing, ICT third-party risk management, and information sharing. AI systems touch all five.

How AI Systems Fall Under DORA's ICT Risk Management Requirements

AI as ICT Systems

DORA defines ICT systems broadly to include software and hardware used to process, store, or transmit digital information — which captures all AI systems in scope. Under Article 6, financial entities must maintain an ICT risk management framework that addresses identification, protection, detection, response, and recovery across all ICT systems. This means AI systems used for credit decisioning, fraud detection, trade execution, customer service, or risk modeling must be formally included in the ICT risk management framework — with documented risk assessments, protection measures, and recovery plans.

Third-Party AI Providers and Concentration Risk

Articles 28–44 of DORA establish detailed requirements for managing ICT third-party risk, including mandatory contractual provisions, exit strategies, and — for 'critical' ICT third-party providers — direct oversight by EU regulators. Financial entities that use foundation model APIs (GPT, Claude, Gemini, or similar) as part of their AI infrastructure must map this dependency, assess concentration risk, and maintain contractual arrangements that include the DORA-mandated provisions. The European Supervisory Authorities (EBA, EIOPA, ESMA) have issued detailed RTS specifying what those contracts must contain.

Incident Reporting for AI Failures

DORA's incident reporting requirements (Articles 17–23) require financial entities to classify ICT-related incidents using specific criteria — including impact on availability, authenticity, integrity, and confidentiality of services. An AI system failure — whether a model producing systematically incorrect outputs, a prediction service going down, or a fraud detection model missing an attack pattern — can constitute a reportable incident under DORA's classification criteria. Financial entities need incident response playbooks that explicitly cover AI system failures, not just infrastructure outages.

The Overlap with EU AI Act

Financial services companies subject to both DORA and the EU AI Act face a compliance surface area that is larger than the sum of its parts — because the two frameworks approach AI risk from different angles with partially overlapping documentation requirements. DORA focuses on operational resilience: can the system keep running, can failures be detected and reported, can you recover. The EU AI Act focuses on system quality and governance: is the system accurate, fair, documented, and overseen. An AI system used in credit scoring must satisfy both: Article 14 human oversight under the AI Act and DORA's operational resilience requirements for the same system.

Key Gaps Most Financial Services Teams Are Missing

• AI system inventory scope: most DORA asset inventories were built by IT infrastructure teams and do not adequately capture AI models as distinct ICT assets with their own risk profiles, dependencies, and failure modes.
• Third-party AI provider contracts: standard AI API terms of service do not contain the DORA-mandated contractual provisions. If you are using foundation model APIs in production, your legal team needs to review those agreements against the RTS requirements.
• Resilience testing coverage: DORA requires threat-led penetration testing for critical systems and regular vulnerability assessments for others. AI model adversarial testing (prompt injection, model evasion) is distinct from infrastructure penetration testing and is not covered by typical TLPT programs.
• Incident classification for AI failures: financial entities need explicit classification criteria for AI-specific failure modes — model drift, output failures, data pipeline disruptions — mapped to DORA's incident classification thresholds.

DORA enforcement is live. The ESAs have been conducting supervisory convergence work throughout 2025, and 2026 is expected to see the first significant enforcement actions. Financial services AI teams that have been treating DORA as an IT department problem should bring it into their compliance scope now.