Bridging DORA Gaps 2025

The latest JWG survey results and insights reveal why collaboration between vendors and firms is critical to operational resilience. Contact us  Introduction The Digital Operational Resilience Act (DORA) is more than a looming regulatory deadline: it is a call to action for the entire financial ecosystem to rethink how our digital supply chain is managed,


Supplier countdown DORA: T-40

As the clock ticks down to the EU’s 17 January 2025 Digital Operational Resilience Act (DORA) deadline, suppliers face a unique opportunity to redefine their role. This isn’t just about compliance—it’s about fostering transparency, breaking silos, and becoming true partners in resilience. Far from being too late, now is the perfect time to get started.


The financial sector is facing increasing regulatory demands, and firms need new approaches to maintain compliance while driving operational efficiency. Industry experts shared their perspectives at FINOS’ October 2024 OSSF event  in NYC and demonstrated how traditional methods of regulatory reporting, often disjointed and expensive, are being revolutionized by the use of open source technologies


DeFi RegTech Opportunities: 2025

As the Digital Operational Resilience Act (DORA) prepares to reshape the regulatory landscape for digital asset providers by 2025, businesses are under increasing pressure to implement robust operational resilience strategies. As JWG and Memery Crystal’s ‘Decoding DORA’s Digital Asset Impact’ roundtable, held under Chatham House rule with industry experts revealed this month, the distinct challenges


Despite various regulatory initiatives, the road to robust operational resilience is far from clear. We are still very much in the “foothills” of creating effective, adaptable resilience frameworks. Firms and their suppliers should view the Digital Operational Resilience Act (DORA) as the foothills of the Operational Resilience (OpRes) mountain, not the gold standard. By the


Navigating OpRes Storms in 2025

This week, ten leading financial institutions gathered at JWG’s Winning the OpRes Marathon roundtable in London to debate the evolving challenges of the Digital Operational Resilience Act (DORA) and other global Operational Resilience (OpRes) regulations. Hosted by First Derivative and facilitated by JWG under the Chatham House Rule, the discussions underscored the urgency for financial


In a landmark third SteerCo meeting, industry leaders from FINOS’  Open RegTech Council, supported by industry think-tank, JWG delved into the groundbreaking results from the open-source regulatory reporting (ORR) initiative last month. Digital Regulatory Reporting (DRR) and the Common Domain Model (CDM) are poised to revolutionize regulatory compliance and leaders are getting ahead of the


Navigating OpRes with RegTech

In today’s interconnected world, operational resilience has become a top priority for financial institutions. With the implementation of the EU’s Digital Operational Resilience Act (DORA), organizations are being urged not only to get ready for storms, but to strengthen their overall infrastructure and how their fate is tied to the fleets they sail with. Captains


EU vs. UK OpRes: Ready, Set, Resilient!

In the global race for Operational Resilience (OpRes), climbing the DORA hill is the ultimate test for financial entities in Q125. JWG’s analysis reveals that DORA standards equips institutions for the UK’s requirements but the gap between UK obligations and DORA will trip some runners up. The reality is becoming clear: financial entities and their


Background: The EU digital asset agenda is not all about MiCA. To offer digital assets in Europe and the UK, firms and their suppliers will need to adhere to the EU Digital Operational Resilience Act (DORA) and corresponding UK regime in Q1 2025. Key insight: JWG, the industry’s regulatory think-tank has used its AI-natural language


Winning the OpRes marathon

This summer, EU regulators delivered final Digital Operational Resilience Act (DORA) standards and the FS sector now has a little under 100 days for a ‘great repapering’ of policies, contracts, procedures, control logs, regulatory reports and supplier databases. Billions are being spent as lawyers and consultants prepare for board room panics in September over this


The first King’s Speech of the new Labour government has signalled some significant changes which will have an impact on financial services firms. These include changes to pensions, bank resolution, a boost to digital ID and reforms to the Information Commissioner’s Office (ICO). “We will continue to work with industry to enhance the UK’s international


Taming the DORA dragon

The EU’s Digital Operational Resilience Act (DORA) dragon is getting ready for flight in 150 days. Leave your castle walls in disrepair over the summer holidays at your peril. This regulation has taken a far deeper, broader and more prescriptive approach to derisking the ‘end to end’ Information Communication and Technology (ICT) risk than ever


Firms required to report under the European Market Infrastructure Regime’s (EMIR) Refit, face a looming deadline of April 29 to implement several vital changes. Those operating in the European Union and the UK will run a two-speed reporting regime until the UK’s EMIR revamp goes live on Sept. 30. “Many firms will have an obligation


To discuss Digital Surveillance Rule (DSR) programme objectives and determine next steps.


RegTech-dependent obligations are being baked into policy which presents firms an opportunity to comply with these new rules in better, faster and cheaper ways. Cloud, data and AI technology are moving fast and offer opportunities for RegTech innovation.


Europe took a big step towards Digital Operational Resilience last week by issuing half of its new final technical standards one year from its implementation deadline. JWG has analysed the new, final standards and the second batch of DORA  consultations with other technology efforts underway across the globe. We find that while some welcome clarity


RegTech-dependent obligations are being baked into policy which presents firms an opportunity to comply with these new rules in better, faster and cheaper ways. Cloud, data and AI technology are moving fast and offer opportunities for RegTech innovation.


Accountability for GenAI

Generative AI (GenAI) continues to evolve quickly and shows great promise for financial institutions. But here’s the catch: senior management regimes, like SM&CR and SEAR, hold ‘Senior Executives’ accountable for compliance, not machines. So, how do SMFs/SEFs tick all the boxes which (in the EU) are written into the new EU AI Act or (in


We are pleased to announce the first wave of confirmed firms, regulators and trade associations are participating in JWG’s 8th annual RegTech conference, ‘Getting real about RegTech 2024. Don’t miss this opportunity to join this premier global event which articulates the key challenges which RegTech can help overcome in 2024. Register here RegTech year 8 Regulators


UK RegRadar Update – 7 Feb 24

The UK Financial Services Regulatory Initiatives Forum released its second major Regulatory Initiatives Grid update of the year and the 7th edition of the Grid overall. Over three dozen new initiatives have been added to last year’s plan (JWG Grid 6 analysis here) taking into account the summer update which flagged the significance of Financial


The UK’s Digital Securities Sandbox (DSS), which will test a new approach to rulemaking for digital securities trading and settlement infrastructure, should launch at the end of the first quarter 2024. “This is not our traditional Innovate sandbox. It is being specifically set up to allow infrastructure to test a new rule set that would


JWG’s eighth annual conference will be the premier, global event for setting the 2024 RegTech agenda on 7 February in London. Join us to help shape the debate today. Register for 7 February 2024  About the JWG RegTech agenda Long recognised as the first, biggest and most professional public/private sector agenda debate, JWG is continuing


New, exacting BCBS 239 data quality expectations are coming into force just as EMIR Refit and JFSA derivative reporting is put into production 200 days from now. Businesses will be under pressure to deliver lineage for their data or risk fines and reputational damage. JWG’s DRR RegDelta is a RegTech solution that helps companies maintain


US Regulators fired a $555m shot across Wall Street’s bow last week by holding them accountable for their employees’  pervasive use of unauthorized communication methods, like private texts and in some cases WhatsApp. This is the second batch of ‘market moving’ fines in the US within a year , yet no other country has followed


The Financial Conduct Authority (FCA) has asked firms to provide granular information to identify investment and execution decision makers more accurately in Markets in Financial Instruments Regulation (MiFIR) transaction reports. The MiFIR reporting regime went live in 2018. The FCA uses MiFIR transaction reports, in part, to conduct market surveillance for market abuse and insider


The Financial Conduct Authority (FCA) opened “around 600” supervisory cases looking at financial crime between April 2022 and March 2023. That represents a threefold increase in its overall proactive work from the previous year and covers roughly 1% of the authorised population (21,500) subject to Money Laundering Regulations (MLR 2017), a FCA spokesperson said. “It


On June 20, 2023, PJ Di Giammarino, CEO and founder of JWG and Matt Caine, Director of EMEA Financial Markets Communication Compliance at NICE held a discussion on ‘Navigating the Winding Regulatory Road of Communication Compliance’ with a group of Financial Services Compliance and IT experts at the NICE Interactions 2023 conference in London. During


The next five years are shaping up to be the most strategic period of regulatory engagement on industry data since the financial crisis. ESMA’s new 5 year data strategy illuminates a well thought through path to achieving real transparency though technology-enabled data hubs that cover the full scope of current and new capital markets activity.


The recent allegations made against Coinbase and Binance by the US Securities and Exchange Commission (SEC) have cast a spotlight on the compliance challenges faced by the cryptocurrency industry. However, it is not just the US that is grappling with regulatory issues pertaining to digital assets – a high degree of correlation has been noted


Firms should re-engineer their anti-money laundering (AML) systems and controls to refocus on know-your-customer (KYC) processes to prevent the inevitable pile-up of transaction monitoring alerts. Firms’ pivot to digital onboarding has prioritised speed over collecting enough information to determine whether transactions are suspicious. It has created an inefficient, expensive process where AML analysts are sifting


In response to mounting global concerns about generative Artificial Intelligence (AI), legislators and stakeholders have been listening hard to technologists while finalizing tough new rules for digital non-financial risk. Will AI be a wake-up call for firms to define ‘what good looks like’ for infrastructure standards before massive fines start to land? To avoid a


Consumer trading in unbacked crypto-assets is akin to gambling and should be regulated as such, a committee of influential UK lawmakers said today. Technology underpinning crypto may have some benefits for financial services, but those are unclear, the Treasury Committee’s crypto-asset report said. Large parts of the crypto-asset industry remain a “wild west”, said Harriett


Over the past three months, regulatory developments in the digital asset space have continued to create choppy waters for industry players and market participants alike. Lawsuits have been filed, new initiatives have been launched, and guidelines are being introduced as governments attempt to keep up with the ever-evolving market. Who would have thought a pop


The UK Financial Conduct Authority (FCA) will this month publish its Markets in Financial Instruments Directive (MiFID II) trade reporting policy statement for equity trade data. The policy statement will also cover a new designated reporter regime for post-trade transparency, an FCA official told the JWG Trading Compliance RegTech Seminar. Separately, the FCA confirmed in


As the deadlines for compliance with new, complex derivatives rules approach, many firms are at risk of facing hefty fines from regulators if they are found wanting. JWG is calling on all firms to join their next global virtual seminar on 29 June to discuss strategies for deploying proven DRR RegTech to manage their regulatory


Reporting Radars primed for 29 June

Regulators and regulated have come together to improve the current transparency value equation by introducing granular guidance in the form of code. JWG research efforts are pushing forward to explore RegTech reporting opportunities with a global, virtual SupTech and RegTech seminar on 29 June. We are inviting global SMEs to help shape the agenda and


JWG’s 22 March 2023 Trading Compliance Seminar brought together an all-star cast of over 20 experts who discussed plans for the latest MiFID Review, Market Data changes, CTP, MAR, ESG data demands, MiCA and UK digital asset efforts. These experts did an outstanding job in putting regulatory demands into context and provide delegates with valuable


Winning the ESG data Marathon in 2023

Winning the ESG data Marathon in 2023 With the ever-increasing focus on ESG transparency from regulators and clients, firms are racing to meet the requirements needed to make their mark in the global marketplace. This race requires tens of thousands of market participants to produce data according to different standards. However, with a proper plan


UK RegRadar Flash Update

UK Regulators have finally disclosed their plans for 2023 which are 29% bigger than last year with the FCA owning the lion’s share of the 143 initiatives. Practitioners should update their firm’s radars with this version but beware: further updates are expected over the course of 2023. JWG RegRadars are primed and ready. Join us


New UK Asset Management RegTech Drive

The UK’s second discussion paper of 2023 on the benefit of modern technology presents a great chance for the industry to engage on the future of TradFI and DeFi RegTech standards. Successful reference models can help shape the path for asset management. However, this is an enormous cultural and technical shift which will require broad


UK crypto-asset regulation should require firms to be authorised locally and establish a physical presence to help asset recovery efforts when customer funds are lost to fraud or theft, lawyers said. HM Treasury’s crypto-asset regulation consultation paper, published this month, says crypto-asset activity provided in or to the UK must be authorised by UK authorities.


Navigating choppy digital asset waters

With new waves of regulation and enforcement coming fast, navigating cryptocurrency and digital assets rules has keeping middle and back offices hands on the tiller this quarter. JWG’s Crypto asset RegRadars are hot and this article provides three dozen links to contextualise choppiest waters in Q12023 in advance of JWG’s 22 March Trading Compliance seminar.


UK confirms Crypto needs RegTech

The UK Treasury’s fired a warning shot across the bow of digital assets businesses yesterday. The proposed regime will be a significant challenge for the current exchanges and digital asset firms who do not have access to institutional-grade RegTech solutions. With so much at stake, it is essential that those affected understand what impact these


The UK Treasury’s consultation on further crypto asset regulation signals a heavy compliance burden for crypto businesses and some vertically integrated firms may be required to restructure to gain authorisation. Crypto businesses operating in the UK must be registered with the Financial Conduct Authority (FCA) and compliant with the Money Laundering Regulation (MLR 2017). Around


Trading desks face unprecedented levels of regulatory change from the mechanics of the markets and how they monitor them, to how they interact with customers, the way they de-risk their technology suppliers and provide information to regulators. This article summarises the critical changes and lays out the context for our 22 March virtual trading seminar.


Many of the financial regulatory reforms announced in Edinburgh on Friday by Jeremy Hunt, Chancellor of the Exchequer, had a familiar ring to them. Banks, investment firms and anyone selling products to or into the UK market will need to engage with the detail of what was published. “The Edinburgh Reforms seize on our Brexit


Pumping up the DRR volume in 2023

Digital regulatory reporting (DRR) music has upped tempo in 2022: Internationally, the Financial Stability Board (FSB)has become the new home for reporting requirements and is poised to launch its 2023 workplan In the US, the derivatives sector is enjoying the benefits for CFTC rewrite reporting which start next month before deploying DRR code across the


Join us to set the 2023 RegTech agenda

An all-star cast of 40+ speakers will gather virtually on 9th & 10th November 2022 to set the 2023 RegTech agenda at JWG’s 7th annual premier RegTech conference. Markets have been rocked by turbulence unseen in over a decade and the regulatory agenda has shifted quickly. JWG research has defined 10 panels and worked with the industry to


RegTech, key to Stablecoin Stability

The regulatory spotlight on stablecoins has intensified this month with the Financial Stability Board (FSB) Crypto-asset paper noting[1] that many existing stablecoins still would not meet their recommendations. International risk management principles will be welcomed, but 2023 will be the year that the industry needs to define a better approach to managing compliance in a


The European Commission has pushed ahead with digital regulatory reporting — which it views as a central workstream in its overall agenda to make financial services fit for the digital age — while UK regulators have sidelined similar initiatives. The Commission is taking a deliberate approach to testing technology and frameworks for delivering machine-readable and executable


RegTech for clean controls

Regulators don’t just want firms to read what they put on their websites, they want them to prove their risk and control frameworks do what they say. RegTech now enables firms to interpret their requirements and provide businesses with an opportunity to bring costs down and avoid regulatory actions that can put the business ‘on


Are EU ready for accountability RegTech?

Accountability regimes will force board members and senior management on the Continent to rethink compliance for the Senior Executive Accountability Regime (SEAR) in 2024. The new regime will ‘gold plate’ current EU law and present international firms with major new hurdles. Irish bankers will be individually accountable for their responsibilities, with fines and even jail


New policy efforts in by Australian, US, UK, EU and International rule setters will widen the scope of regulatory oversight for financial institutions to include ‘how’ the business runs. As we have seen with US Federal reserve consultation released this week, boards are on the hook for a holistic approach to ensuring their digital infrastructure


Crypto market capitalization has receded by nearly 75% as $2 trillion were wiped off the market[1] leaving many crypto investors to reflect on the words Warren Buffet: “You only learn who has been swimming naked when the tide goes out”. Rulemaking continued to push the digital-asset agenda forward over the summer with over 3,000 pages published


Technology contracts in the age of DORA

New UK and EU regulations are forcing banks to demand new controls from their suppliers. Not only do they now need a comprehensive view of how each supplier fits in, but they also need to know how to swap them out. Senior managers across the bank should be working to establish plans now for these


Think-tank JWG urges Financial Services firms to collaborate with suppliers to close infrastructure gaps as fines loom London, UK – 13 September, 2022 – JWG, the trusted financial services regulatory intelligence company, has announced the publication of a ground-breaking research paper ‘Managing Digital Infrastructure Risk: a collaborative path to financial services safety’. New regulation will fundamentally


This report is a companion guide to a larger research report, ‘Managing Digital Infrastructure Risk: A collaborative path to financial services safety’ produced by JWG. It is intended to help IT managers understand the implication of new regulatory demands on the IT supply chain.


JWG, the trusted financial services regulatory intelligence company, has announced the publication of a ground-breaking research paper ‘Managing Digital Infrastructure Risk: a collaborative path to financial services safety’. New regulation will fundamentally change the landscape for the biggest tech companies–particularly cloud providers. By 2025, overlapping requirements to mitigate operational resilience threats (UK PS6/21,DORA); control third


Record temperatures are not the only challenge to global infrastructure this summer. New, onerous regulatory infrastructure obligations are warming the landscape for financial institutions and their technology providers. Europe has moved first to establish new operational resilience and cyber rules that will demand new controls from and portability between providers. Europe is moving fast with


10 Sanctions RegTech priorities

The political process by which sanctions are agreed is difficult but the process for implementing them is worse. As a result, sanctions are not nearly as effective a weapon as we would like to think they could be. Ten RegTech building blocks are on the table for discussion – how do we configure a case


The UK Treasury has moved to close a loophole in the Money Laundering Regulations (MLR 2017) that potentially allowed crypto asset firms to bypass the UK’s registration gateway, according to a government document published on June 15. Previously firms could notify the Financial Conduct Authority (FCA) after a change of ownership occurred. Now crypto asset


Hack-to-trade schemes and confidential information dealing on the dark web, combined with regulatory warnings about firms’ management of material non-public information (MNPI), are raising further concerns about markets’ ability to keep a lid on insider dealing and other forms of manipulation. The number of cases brought against individuals using stolen data or MNPI to trade,


DeFi and the AML car

Criminal networks have eluded Anti Money Laundering and Terrorist Financing (AML/TF) nets for decades. Digital assets have forced policy makers and RegTech providers to rethink the challenge and chart a course towards digitally-native compliance. If the sector engages now, it can reap enormous benefits for digital asset and TradFi compliance. Like a dog that has


Compliance teams can no longer assume that policies which mandate all communication channels are monitored safely behind the firm’s firewall are fit for purpose. Management teams must balance a three legged stool of surveillance policy: generation of alpha in the market, controlling conduct risk, and providing for employees’ wellbeing. In advance of JWG’s 23 June


Economic Crime & RegTech 2022

2022 is a tipping point for the next generation of economic crime RegTech. Decentralised services are presenting unquantified levels of risk to the system and rules are moving fast to keep up. The good news: after 5 years of laboratory experiments and forests of reports, RegTech can provide a migration path for compliance regimes. In


RegTech & Sanctions 2022

With sanctions freezing assets and restricting trade, digital compliance strategies are being reworked this year. In this article we explore the impact of putting digital trade barriers in place, which will also be discussed at our 23 June virtual seminar. Register Here 2022 sanctions policy Financial services have seen a significant increase in the number


I listened into a very interesting webinar presented by the UK’s Financial Conduct Authority (FCA) earlier this year about their usage of and experimentation with what all regulators seem to be calling ‘suptech’ these days. Now there was variance on the webinar among FCA speakers around the pronunciation of said moniker—’soup-tech’ was one variant, ‘supp-tech’


The UK Financial Conduct Authority (FCA) is seeking to improve its market surveillance technology and has tendered for a systems upgrade, a sentiment analysis tool and data sets. It is looking to update and develop the functionality, scope, or capabilities of its existing solution, according to the FCA’s procurement portal. The regulator collects trade information


Rulings by the Belgian and French data privacy authorities (DPAs) emphasise the risk posed by social media monitoring and scraping technology to firms and regulators such as the UK Financial Conduct Authority (FCA) that commonly use such tools for sentiment analysis, as well as to monitor individuals’ and organisations’ online activity. “The public nature of the personal data available


Yesterday, 22 digital asset regulators and market participants gathered virtually across 39 jurisdictions to debate the RegTech challenges presented by digital assets. Tracking this sector’s regulatory obligations is like playing a three dimensional game of chess and small details can make or break markets. In this article we recap where we took away, how you


The UK’s finance ministry yesterday announced its plans to regulate certain stablecoins within existing payments regulation and begin to formulate its regulatory framework for crypto assets. HM Treasury has commissioned the Royal Mint to create a non-fungible token (NFT) this summer to mark the UK’s ambition to become a crypto-asset hub. “We see enormous potential