SINGAPORE, January 17, 2024 – Java specialist Azul has reinforced its commitment to supporting financial institutions in meeting the Digital Operational Resilience Act (DORA) compliance requirements, with the EU’s enforcement deadline set for 17 January 2025. The company has outlined five critical steps to help businesses ensure their Java-based applications and infrastructure meet the stringent new regulations.
DORA aims to enhance digital resilience in the financial sector by mitigating risks associated with Information and Communications Technology (ICT), ensuring institutions can withstand, respond to, and recover from disruptions. The regulation applies to EU-based financial entities, global organisations operating in the EU, and third-party ICT service providers. Non-compliance could lead to corporate fines of up to 2% of annual turnover and individual penalties reaching €1 million.
Java’s Role in Financial Services and Compliance
Java remains the programming language of choice for the financial sector, with 51% of financial services code written in Java, according to the 2022 FINOS State of Open Source in Financial Services report. Azul’s long-term support (LTS) Java solutions ensure security, stability, and operational resilience, helping financial institutions meet DORA’s requirements.
According to an independent assessment by information security consultancy Crucyble, Azul has implemented robust governance frameworks, risk management protocols, and incident response strategies to align with DORA. The company’s continuous monitoring, rigorous testing, and ICT resilience plans position it as a reliable partner for financial institutions navigating the new regulatory landscape.
Five Key Steps to Java Compliance Under DORA
Azul has identified five essential steps to support financial institutions in their compliance efforts:
- Implement an ICT Risk Management Framework – Avoid risks from unsupported OpenJDK distributions by ensuring stabilised, security-only patches.
- Establish Incident Reporting Mechanisms – Leverage Azul Intelligence Cloud for continuous vulnerability monitoring and faster remediation.
- Conduct Rigorous ICT System Testing – Maintain current and tested Java versions, including legacy versions like Java 6 and 7, to ensure reliable test environments.
- Strengthen Third-Party Risk Management – Ensure Java-based applications and services meet the highest security and performance standards.
- Facilitate Cyber Threat Information Sharing – Maintain timely vulnerability updates to prevent security gaps.
“With Java powering most critical financial systems, unsupported or vulnerable Java infrastructure puts DORA compliance at risk,” said James Johnston, Vice President of EMEA at Azul. “Our solutions enable companies to accelerate their compliance efforts while reducing costs and complexity—critical factors given the rapidly approaching deadline.”
As financial institutions prepare for DORA enforcement, Azul’s secure, scalable, and compliant Java solutions offer a trusted path to resilience in an evolving regulatory environment.