From www.claytonutz.com: DORA, effective from January 17, 2025, focuses on ICT risk management across the EU’s financial sector, impacting both EU and non-EU entities involved with covered financial services.

CPS 230, enforced from July 1, 2025, aims to enhance operational risk management for APRA-regulated entities in Australia, requiring robust frameworks and effective control of operational risks.