This is a pre-recorded webinar that is now available to view on demand. Click here to access the recording of the Operational Resilience webinar held by James Borley, John Burns, Arie van den Bergen and Andrey Zabulonov.
We have previously written articles and presented webinars about Operational Resilience. As we approach the final deadline of 31 March 2025 for full implementation and readiness by payments firms, we take this opportunity to revisit the expectations on firms, and direct you to what else you might need to do during this ‘final countdown’.
There is also the potential impact of the Digital Operational Resilience Act (DORA) in January to consider. Whilst an EU regulation, aimed at EU firms, UK firms may nevertheless be ‘caught’ if also operating in the EU.
We are pleased to have partnered with Finnick Legal and Remora for this webinar. Finnick advises payments firms in the EU as to their obligations across the various applicable financial laws, including DORA. Remora is a cyber security specialist, delivering complete cyber security by managing firms’ cyber and data risks, such as operational resilience and DORA testing solutions.
Agenda
- UK Operational Resilience – a recap and focus on 31 March deadline;
- DORA – what is it, and how might it impact you;
- Overlapping legislation – testing the resilience of your critical or important business functions;
- Q&A
Speakers
James Borley
Managing Director, Payment Services, Cosegic
James, our Managing Director for Payment Services, is a highly qualified financial services expert and a familiar name to many in the payments and e-money community. James leads our Payment Services Practice and provides technical support to our clients, specialising in payment services regulation and new firm authorisations. James represents Cosegic as a member of ‘Project Regulator’ at the Payments Association; The Association of Foreign Exchange and Payment Companies (AFEP); and as a Director of The Association of Professional Compliance Consultants (APCC), where he chairs the FCA Authorisations Liaison Group.
John Burns
Senior Advisor, Payment Services, Cosegic
John is one of the UK’s foremost compliance experts in payment services, and he is Senior Advisor in our Payment Services Practice. He was the first editor of the FSA’s PSR Approach Document and assisted with the development of PERG 15 in the Handbook, as well as assisting HM Treasury with the drafting of the UK legislation. At EU level he was a member of the European Commission’s Payments Committee, the ECB’s Forum on the Security of Retail Payments and the EBA’s Standing Committee on Consumer Protection and Financial Innovation.
Arie van den Bergen
Attorney, Finnick Legal
Arie is a Dutch lawyer at Finnick Legal. He makes a ‘license to operate’ for FinTech companies easy by providing practical and result-driven legal and regulatory advice. He assists FinTech companies in all aspects of their legal business, including licence applications, legal advice on compliance with financial laws and regulations, financing transactions and contract negotiations. He has an entrepreneurial approach with attention for the specific business needs of the FinTech company and can make things easy with clear and simple communication / documentation.
Arie has 20+ years of experience as a lawyer and legal counsel at various financial institutions (Deutsche Bank, ING and Aegon Bank/Knab). He worked for 7 years at Knab, a start-up online bank which he helped with setting up a product portfolio with payment, savings, investments and crowdfunding products. This included legal and regulatory advice on products and services (e.g. implementation of PSD 2 and MiFID 2) and close involvement in discussions with Dutch regulators (AFM and DNB).
Arie is currently assisting three electronic money institutions (two UK headquartered) in a Dutch EMI licence application, in addition to providing Dutch legal and regulatory advice on different matters to FinTech companies.
Andrey Zabulonov
Data Governance and Data Security Expert, Remora
With over 12 years of dedicated experience in cyber security, Andrey Zabulonov is a recognised authority in Data Governance and Data Security. Throughout his career, Andrey has consulted with more than 50 hedge funds, helping them safeguard sensitive data, achieve regulatory compliance, and enhance their overall security posture. His deep expertise in the financial sector is underscored by his ability to align robust cybersecurity practices with complex business objectives.
This year, Andrey became a Certified DORA Practitioner, solidifying his reputation as a leader in operational resilience and regulatory adherence. His qualifications further include:
- ISO27001 Certified Lead Auditor, demonstrating his mastery in implementing and auditing internationally recognised information security management systems.
- Certified Data Protection Officer (C-DPO), highlighting his proficiency in privacy laws, data protection strategies, and compliance with regulations such as the UK Data Protection Act 2018.
- Certified IASME Governance Assessor and Cyber Essentials Assessor, showcasing his commitment to helping organisations achieve foundational and advanced cybersecurity certifications.
Andrey’s strategic approach blends technical depth with practical solutions. Whether assessing risk, guiding the development of security frameworks, or navigating regulatory landscapes, his insights have consistently driven tangible results. His specialisation in frameworks like DORA and ISO27001 ensures organisations can thrive in a secure and compliant environment.
A trusted advisor to the alternative investment community, Andrey Zabulonov is passionate about empowering businesses to protect their most valuable asset—data. His dedication to excellence, paired with a pragmatic understanding of cyber security challenges, makes him a sought-after expert in the ever-evolving world of data governance and security.