Session Details
Mission Possible: Agentic AI and the DORA Compliance Frontier

Start: at 16:00

Presenting Speakers

About the Session

With DORA and its global counterparts setting a new operational resilience standard, the financial sector is under mounting pressure to fortify every layer of its digital ecosystem – including an estimated 40,000 suppliers. The challenge isn’t just scale – it’s achieving clarity, coordination, and control across a sprawling, complex environment. Enter agentic AI.

This panel explores how financial institutions are turning to next-gen AI technologies to make the impossible, possible. From mapping regulatory obligations to streamlining policy reviews and identifying supply chain risks, AI is pushing compliance from reactive to proactive, from fragmented to unified.

As the regulatory spotlight shifts toward AI governance itself, panelists will examine how firms secure the “seaworthiness” of the financial sector amid accelerating digital risk?

Regulatory Challenges
  • NIST Guidelines for API Protection for Cloud-Native Systems here 
    ECB Guide on outsourcing cloud services to cloud service providers here
  • FIRE (Format for Incident Reporting Exchange): Final format here
  • BoJ use of cloud in FS survey results here UK Containerization guidance here, BIS managing cloud risk here
  • EC Digital Operational Resilience 01/24 standards hearing here rules here ESA DORA technical advice here
  • UK  ICO Generative AI data protection and GenAI here and HMG framework here
  • Netherlands AI masterplan here
  • Singapore model AI governance framework for generative AI here
  • FSI Insights on policy implementation No 53; Managing cloud risk 
  • US AI 012/24 fact sheet here strategic plan here and Whitehouse blueprint for AI bill of rights here 
  • EU Cyber resilience act here cybersecurity certification MRA here and background  here
  • APRA operational risk management – CPS 230 here PRA PS6/21 OpRes here
  • HMT Critical third parties here PRA DP3/22 CTP here / PRA SS2/21 Outsourcing and TPRM here
  • US  Interagency Guidance on Third-Party Relationships: Risk Management here
  • EU Artificial Intelligence Act leaked copies here and here original texts here and here
  • UK National AI action plan here ICO guidance on AI and data  here
  • EU  deforestation regulation here
  • EU Corporate sustainability due diligence (CSDDD) here 
New RegTech/SupTech drivers
  • GFMA White Paper on Public Cloud Portability here 
  • Legal assessment of draft EU AI act text here
  • Analysis: Decoding DORA standards: what it means here
  • Analysis: Accountability for GenAI here
  • Forbes: New Financial Services Regs Will Require Comprehensive Action By Boards here
  • Research report ‘Managing Digital Infrastructure Risk: a collaborative path to financial services safety’ here
  • Analysis – the dawn of compliance FS infrastructure here
  • EBA prudential disclosures on ESG risk here
  • EBA Casper Platform here
  • RegCast – digital supply chain transparency here