An EU regulation establishing uniform requirements for the security of network and information systems of financial entities, including CASPs. DORA requires entities to implement comprehensive ICT risk management frameworks, conduct regular testing, and report ICT-related incidents. It complements MiCA’s operational requirements.