×
EHS & Quality
Our EHS & Quality research is designed for EHSQ professionals seeking to improve the effectiveness of their EHS information management strategies. We also serve the needs of C-level executives at EHSQ software and services firms who need to keep track of the competitive environment, get insight into buyer preferences and make investment decisions on the basis of reliable data
ESG & Sustainability
Our ESG & Sustainability research improves the decisions of investors, tech providers, financial services firms and corporate leaders. We deliver on this mission by conducting in-depth research on the full range of services and technologies required to succeed with ESG and sustainability strategies
Industrial Transformation
Our Industrial Transformation research is designed for operations, safety and asset reliability managers in large corporations seeking to improve the effectiveness of industrial transformation programmes through the use of innovative technologies. The research also serves the needs of C-level executives at vendors who need to keep track of the competitive environment, get insight into buyer preferences, identify acquisition opportunities and make product investment decisions on the basis of reliable market data
Net Zero & Energy Transition
Our Net Zero & Energy Transition research improves the decisions of investors, tech providers, financial services firms and corporate leaders. We deliver on this mission by conducting in-depth research on the full range of services and technologies required to succeed with net zero strategies
Real Estate & Built Environment
Our Real Estate & Built Environment research supports executives looking to better understand the markets for software firms in the building IoT platforms, IWMS, CAFM, CMMS, and energy management segments; real estate technology vendors as well as leaders of real estate services practices
Risk Management
Our Risk Management research supports corporate decision-makers, software and service vendor leadership teams, insurers and consultants specializing in risk-related areas, and investors of all types, as they broaden the scope of their responsibilities, liaise with new stakeholders and access innovative technological solutions and external expertise.
AI Applied
Generative AI has transformed the accessibility of high-powered artificial intelligence technologies. Digital capabilities which were previously the preserve of data scientists and expert engineers have been unlocked for all business professionals.
×
Research
Our team of experts have been analyzing the latest innovations for more than 10 years and are trusted to deliver impartial, evidence-based assessments of technologies that can give you the edge.

Research overview
Research portal
Vantage
Venture
Advisory
We develop long-term partnerships with our clients to support growth, efficiency and resiliency in their businesses. Our engagements range from market and product strategy with technology vendors, digital strategy development and execution with technology buyers and CDD with private ehs-quality
Verified Value Delivery
Our proprietary Verified Value Delivery methodology provides a fact-based evaluation of digital project ROI, enabling technology buyers to make informed purchasing decisions while helping vendors to accurately demonstrate the value of their solutions.
Data Navigator
Navigator gives you immediate access to the data that drives Verdantix research and analysis, allowing you to answer the specific questions that matter most to your business.

Find out more
Navigator Login
Vantage Councils
Vantage Councils bring together influential corporate leaders to facilitate knowledge-sharing and innovation in their areas of expertise.

Vantage Councils
×
Browse by industry
×
×
Our purpose
Find out more about what motivates us and what we hope to achieve
Sustainability
We recognize that all firms and individuals have an important role to play in reducing negative environmental impacts and specifically tackling climate change. You can find out more about our own approach to sustainable business here.

Sustainability Policy
ESG & Sustainability Report 2024
Our people
Meet our team and find out more about what makes our culture unique.

Explore our open roles and find out more about what’s it like to work at Verdantix

Our team
Career opportunities
Careers
We’re always on the look out for talented people to join our team. Explore our open roles and find out more about what’s it like to work at Verdantix
Queen's Award
The Queen’s Awards for Enterprise are the most prestigious business awards in the United Kingdom. Verdantix won the Queen’s Award due to its sustained growth in international trade over the last three years – including through the pandemic
Partnerships
We are honoured to be an active partner to some of the world's leading organizations. These relationships allow us to contribute our skills and expertise to global initiatives that make the world a safer, more sustainable and more responsible place
Contact us
We’d love to hear from you.
Through our research we help corporate executives, investors, technology executives and services firm leaders to make robust, fact-based decisions. You can reach us by email, online form or requesting a briefing

Contact form
Request a briefing

[email protected]
Vantage Vantage Research portal

High Stakes Ahead: Navigating The Post-DORA Era

Elizabeth Babalola

  • Blog
  • Risk Management
10, February 2025

High Stakes Ahead: Navigating The Post-DORA Era

The long-awaited EU Digital Operational Resilience Act (DORA) regulation officially came into effect on January 17, 2025, after a 2-year preparatory period. Financial services and technology institutions across the world began the race toward DORA compliance in December 2022, following the EU's finalization and publication of the regulation. The legislation also covers non-EU based financial institutions and ICT service providers that operate within or provide services to the EU market. DORA’s implementation has prompted organizations globally to strengthen their ICT risk management frameworks, incident response strategies and third-party risk management practices. Furthermore, it has influenced international regulatory approaches to cyber security and operational resilience. For instance, the Basel Committee on Banking Supervision has proposed principles for operational resilience and the management of outsourcing risks, reflecting concerns similar to those addressed by DORA. This alignment indicates a broader global movement towards more robust regulatory frameworks governing ICT risks in the financial sector.

Firms have implemented extensive measures to comply with DORA, including comprehensive assessments of ICT systems to identify critical assets and vulnerabilities. Risk management frameworks have been refined to include regular vulnerability assessments, penetration testing and continuous monitoring. Many organizations have adopted new software solutions, created specialized compliance teams and enhanced third-party risk management by cataloguing ICT service providers, assessing risks, and establishing clear exit strategies for critical services. These initiatives have come at a significant cost, with some firms spending over €1 million on compliance efforts in the last two years.

Despite these efforts and investments, 43% of UK financial services firms are still unprepared for compliance with DORA, according to a survey by Orange Cyberdefense. While senior professionals recognize the value of the regulation, compliance has proven challenging due to its prescriptive nature, which demands thorough documentation and cost-intensive governance structures, as well as the achievement of resilience outcomes.

Regulators have emphasized the severe consequences of non-compliance. Organizations face fines of up to 2% of their global annual turnover or €10 million ($10.2 million), whichever is higher. Critical third-party ICT providers may incur penalties as high as €5 million – or up to 1% of their average daily global turnover for up to six months – for prolonged non-compliance. Additionally, regulatory authorities may limit or suspend non-compliant firms’ business activities by imposing administrative penalties, such as licence suspension or revocation, and mandate corrective actions to address deficiencies until full compliance is achieved. Business leaders also face individual accountability, with penalties reaching €1 million ($1.02 million) for compliance failures under their watch.

To stay informed on further regulatory updates, subscribe to the Verdantix risk management newsletter. Also, watch out for our upcoming market insight report on how DORA will influence expectations of operational resilience.

Discover more Risk Management content

Elizabeth Babalola

Industry Analyst

Elizabeth is an Industry Analyst in the Verdantix Risk Management practice. Her current research agenda focuses on enterprise risk management, risk management information systems, organizational and strategic resilience, and global risk management trends. Prior to joining Verdantix, Elizabeth worked in corporate risk management roles across the financial and tech industries, where she gained hands-on experience of executing risk management strategies. She holds an MBA degree with a specialty in finance from the University of Lagos.

The Curiosity Applied podcast

Dedicated to exploring the scale, shape and velocity of change in the business world as our economic system adapts to sustainability changes and climate risk.



Listen now
  • blog
  • Risk Management

Verdantix ERM Services Green Quadrant Highlights Tech-Driven Growth, ESG Pressures – And A Battle For Risk Resilience

14, March 2025
  • blog
  • Risk Management

Making Big Claims: Key Innovations Shaping The RMIS Market

14, March 2025
  • blog
  • Risk Management

Bordering On Risk: How Trump's Executive Order On Cartels Creates New Challenges For Cross-Border Firms

14, March 2025