Skip to main content
Contact
Submit RFP

      The Digital Operational Resilience Act (DORA) requires financial organisations to maintain an information register containing all agreements on the use of information and communication technology (ICT) services.

      Many financial institutions face considerable challenges when creating this register for the first time. Different source systems, manual processes and short-term regulatory adjustments lead to considerable additional work. In view of these hurdles, low-code platforms offer the ideal mix of regulatory compliance, operational efficiency and customisability for many companies. They enable a structured and audit-proof implementation of the register where traditional solutions often reach their limits.

      The final Reporting Framework 4.0 of the European Banking Authority (EBA) clearly defines the requirements for data quality, consistency and reporting structure. Nevertheless, technical hurdles and uncertainties regarding content were widespread when first submitting data via portals such as the ECB's CASPER or BaFin's reporting and publication platform. Especially for financial institutions that worked with isolated tools or manual processes, the effort involved was considerable.

      High demands on data quality and system integration

      Many institutions still use Excel spreadsheets or non-integrated systems such as contract databases, third-party risk management or GRC (governance, risk and compliance) solutions. The consequences are shadow accounting, redundant entries and a lack of transparency, which can be a problem, especially in light of the high regulatory pressure. The DORA Regulation requires not only completeness, but also end-to-end traceability and auditability of the reported data.

      Media discontinuities, redundancies, lack of control

      Low-code platforms such as the Microsoft Power Platform enable efficient and compliant implementation of the information register, from data integration to supervisory transmission, as a centralised, automated and flexible solution. They offer the following advantages in relation to your DORA information register:

      Ready to talk? Contact us

      What low-code solutions can do for your DORA information register

      Low-code platforms offer an efficient way to implement requirements such as the DORA information register. And without rigid IT structures and with full control. KPMG's solutions are based on tried-and-tested components and can be flexibly customised to your requirements.

      Direct data integration and centralised database

      Existing systems such as SAP, Ariba, ServiceNow, GRC tools or Excel are connected via standard connectors or application programming interfaces (APIs). Relevant data flows automatically and without media disruptions into a central database.

      Recording missing data in the app

      Information such as sub-service providers or metadata can be added directly in the app using first or second line. Information is entered via dropdowns, plain text fields and validated masks.

      Role-based access and secure collaboration

      A finely controllable authorisation concept ensures clear responsibilities and a secure separation between first, second and third line of defence. Access is documented in a traceable manner.

      Directly integrated data quality checks

      Rule sets for consistency, completeness and plausibility are stored in the application. National and European requirements can therefore be checked and internally validated at an early stage.

      Automated transformation and reporting

      The data is transferred directly into the required format. The register can be created at the touch of a button, is compatible with CASPER or MVP and changes can be tracked at any time.

      Transparency through visualisation

      Real-time visualisations show anomalies such as concentration risks or data quality problems. The analyses are also suitable for internal reports and audits.

      Flexible and economical to realise

      The low-code approach makes implementation, maintenance and customisation significantly faster and more flexible than traditional software solutions - without compromising on security or efficiency.

      Insights: DORA information register

      Bildkarussell mit klassischer Caption
      Bild 1
      PowerBI - Interactive overall evaluation of the RoI
      Bild 2
      PowerBI - Interactive display of service providers per country of origin
      Bild 3
      Data quality display - Summary PowerBI
      Bild 4
      Data quality display in a data set
      Bild 5
      Data quality display in the app
      Bild 6
      Data entry in the app
      Bild 7
      Data quality export to Excel

      Create your DORA information register with our pre-configured ICT app solution approach on the Microsoft Power Platform

      Low-code platforms offer an efficient way to implement requirements such as the DORA information register. And without rigid IT structures and with full control. KPMG's solutions are based on tried-and-tested components and can be flexibly customised to your requirements.

      1085509_Schaubild-DORA-Inforegister_sdc_v1

      How you can benefit from these solutions

      KPMG brings together regulatory expertise, technical implementation expertise and proven low-code accelerators - without positioning itself as a provider of managed services. You receive a solution that is quickly ready for use, integrates seamlessly into your existing system landscape and fulfils regulatory requirements. Prefabricated app components enable a quick start without sacrificing customisability. If required, we can support you with workshops, training, architecture consulting and joint further development.

      Interested in our services? Contact us

      How to achieve DORA compliance with low-code

      From idea to implementation: a modern approach to sustainable IT compliance.

      Learn more
      Man at work

      Your contacts