Legacy to Leader: how DORA can spark innovation in Britain’s building societies

The financial regulatory landscape is constantly evolving, and the Digital Operational Resilience Act (DORA) is a major new initiative to strengthen the digital defences of financial institutions. Similar to any other regulatory standard, DORA presents a pressing challenge for CIOs – the big DORA switch on, or the deadline to comply by January 2025, is fast approaching.

But DORA can be so much more than just a regulation. For CIOs in smaller financial institutions, like Britain’s building societies, DORA can be a much-needed springboard for modernising legacy investments, supercharging delivery processes, and rapidly bringing customer-centric products to market.

Why DORA?

Financial institutions are prime targets for cybercriminals because of the sensitive data they collect and store, and the financial assets they transact. Failing to manage these cyber risks can lead to a significant disruption in cross-border financial services, with a further risk of contagion setting in.

The ripple effect of an attack is likely to extend far beyond its initial target. A single breach could prevent consumers from accessing their funds, cripple interconnected businesses, disrupt entire industries, and ultimately destabilise the broader economy.

DORA is designed to safeguard the stability and integrity of the whole financial system. It will do this by fortifying the operational resilience of digital services within the financial sector, shielding institutions from the risks of cyberattack.

Implications for Britian’s building societies

Britain’s building societies are steeped in heritage, tracing back to the First Industrial Revolution where societies of people allied to build their own homes. As time progressed, these societies transformed into specialised community savings banks, focusing primarily on retail savings and mortgage lending.

Deep local roots and a strong commitment to community needs remain integral hallmarks of building societies. However, many are hampered by outdated core banking systems and siloed operations, relying heavily on manual processes that hinder efficiency and growth. While achieving DORA compliance might feel like a hurdle for building society CIOs who are stifled by legacy, it can be achieved through expert advice and delivery. It can also be a springboard for unlocking rapid innovation and new ways of working.

Here's how:

• Agility and Flexibility: Smaller building societies should be using their size to their advantage. This is a time to take rapid decisions and show maximum flexibility to swiftly reimagine and recognise ambitious technology outcomes.
• Tailored Solutions: Increased agility breeds increased creativity, enabling building societies to build on top of technical enhancements required for DORA compliance. This is a time to develop tailored technology solutions that address operational efficiency and enhance customer experience too.
• Competitive Advantage: By swiftly and proactively achieving DORA compliance, smaller building societies can gain a competitive advantage and a rare opportunity to showcase genuine innovation through a commitment to operational resilience, cybersecurity, and customer trust.

Technology Enablement: A key to unlocking opportunities

Embracing technology enablement is pivotal for smaller building societies to harness the opportunities presented by DORA. Here's how technology can facilitate compliance and drive growth:

• Affordable Technology Solutions: Smaller building societies can leverage cost-effective technology solutions, such as cloud-based platforms and scalable cybersecurity tools, to achieve DORA compliance without incurring prohibitive expenses.
• Collaborative Innovation: Organisations like Exception, who have demonstrable experience in tightly regulated industries, play an important role in helping building societies to find these opportunities and achieve them. Rapid innovation is enabled through blended purpose-led delivery teams.
• Customer-Centric Digital Transformation: Implementing customer-centric digital transformation initiatives can help smaller building societies enhance customer engagement, streamline operations, and differentiate themselves in the market, while aligning with DORA's objectives.

The DORA regulatory standard, while posing implementation challenges, presents a transformative opportunity for smaller building societies in the UK. As we explain in our ebook, "Ready, Steady for the Big DORA Switch On", by embracing technology enablement, fostering agility and flexibility, and leveraging their unique strengths and customer-centric approach, smaller building societies can not only achieve DORA compliance but also thrive and carve out a distinct competitive niche in the evolving financial landscape. This is a once in a generation opportunity for CIOs to transform their building societies from legacy to leader.