DORA Compliance in Milan
Milan is Italy's financial capital and the eurozone's fourth-largest financial centre, home to UniCredit (Italy's largest bank, €1.3T in assets, operating in 13 European countries) and Intesa Sanpaolo (€1.1T in assets, Europe's largest bank by market cap at certain periods). Mediobanca, the historic investment bank, and Generali (the world's third-largest insurer) are also headquartered here. Borsa Italiana — part of Euronext since 2021 — hosts the MIB index. Banca d'Italia (headquartered in Rome but with major operations in Milan) and CONSOB (Commissione Nazionale per le Società e la Borsa) provide banking and securities supervision.
Request a demoWhy DORA matters in Milan
The Digital Operational Resilience Act (DORA) requires financial entities to implement comprehensive ICT risk management frameworks, including incident reporting, resilience testing, and third-party oversight. Mandatory since January 17, 2025, it applies to over 22,000 financial entities across the EU.
UniCredit, as one of only four G-SIBs headquartered in the eurozone and operating across 13 countries, must implement DORA at a scale that makes automation unavoidable — manual compliance would require hundreds of FTEs. Intesa Sanpaolo's acquisition of UBI Banca created one of Europe's most complex IT integration challenges, where DORA's ICT risk management requirements apply across legacy and modern systems simultaneously. Italy transposed NIS2 through Legislative Decree 138/2024, with ACN (Agenzia per la Cybersicurezza Nazionale) as the designated authority — adding a national layer on top of DORA. The Garante Privacy (Italy's DPA) has been one of Europe's most active GDPR enforcers, issuing €45M+ in fines. Milan's Fintech District, with 200+ member companies, makes it Italy's hub for compliance innovation.
Supervisory Bodies
Banca d'Italia, CONSOB, IVASS, ACN
Key Industries
- Universal Banking & G-SIBs
- Insurance & Reinsurance
- Asset Management
- FinTech & Payments