DORA in Practice: What’s Next for Operational Resilience in 2026

As financial institutions move from DORA compliance deadlines into a new phase of implementation and supervision, 2026 will mark a pivotal shift from proving readiness on paper to demonstrating it in practice. Regulators across Europe are already signaling heightened expectations for testing, third-party risk management, and cross-border operational resilience. Yet for many organizations, key challenges remain: fragmented risk data, manual reporting, and difficulty connecting ICT and business services in a measurable, testable way.

This session will explore what lies ahead for financial firms as DORA oversight matures, highlighting both the regulatory trajectory and the operational realities of sustaining compliance at scale. The discussion will also examine how technology, from automation and AI to integrated GRC platforms, is helping firms move beyond reactive compliance toward continuous resilience.

Key Learning Objectives:

• What regulators are prioritizing for DORA supervision in 2026
• The biggest implementation challenges still facing financial institutions
• How automation and AI can accelerate evidence, testing, and control validation
• Strategies for unifying risk, resilience, and ICT data for ongoing assurance

GRC 20/20 Presenter . . .

Michael Rasmussen is an internationally recognized authority, thought leader, and pioneer in the disciplines of governance, risk management, and compliance (GRC). With over 30 years of experience, he is globally known for defining and shaping GRC strategy, processes, and technology. In February 2002, while at Forrester Research, Michael developed the concept of GRC — establishing the foundation for how organizations approach strategy, process, and technology in today’s complex business environment. For this, he is widely acknowledged as the “Father of GRC.”

A trusted advisor to boards, executives, and professionals around the world, Michael has dedicated his career to helping organizations design and implement effective GRC strategies that are aligned with business objectives. His work empowers organizations to be more effective, efficient, resilient, and agile. He is a sought-after keynote speaker, author, and advisor, with his thought leadership influencing legislation, regulatory frameworks, and corporate best practices globally.

Michael is the host of the Risk is Our Business and the Hitchhiker’s Guide to the GRC Technology podcasts, where he leads conversations with global experts exploring the evolving frontiers of risk, resilience, and corporate integrity.

Webinar Host . . .

CLDigital is a no-code platform built to automate GRC, risk, and resilience—empowering organizations to move with clarity, confidence, and speed. From enterprise risk and operational resilience to DORA and compliance automation, our platform helps teams stay ahead, even when the future is uncertain. Whether you start with an out-of-the-box solution or build your own using our drag-and-drop app builder, you’ll be live in days—and scaling without spreadsheets, delays, or technical debt.