Austria Financial Market Authority publishes Digital Financial Landscape analysis flagging DORA third-party risk management gaps and rising cloud and AI use

The Austria Financial Market Authority (FMA) published its Austrian Digital Financial Landscape analysis, based on a 2024 survey of supervised entities, to map firms’ digital risk profiles and ICT interdependencies and to inform supervisory priorities for 2025, including preparedness for the EU Digital Operational Resilience Act (DORA). Cloud services have become almost universal across all financial sectors and robotic process automation is widely used, while blockchain remains infrequently deployed and has in some cases declined due to a lack of use cases. AI adoption is a growth area, with more than a quarter of supervised entities already using machine learning in operational activities such as rating systems and fraud prevention, alongside expected expansion in machine learning and natural language processing. Digital distribution platforms and comparison portals are increasingly used as pre-sales channels, though contracts are not yet concluded directly through them. On ICT resilience, more than three quarters of major ICT-related incidents are attributed to system errors rather than external attacks, and third-party providers account for a notable share; the FMA’s DORA gap analysis finds overall progress but uneven maturity, with ICT third-party risk management the largest remaining area of work, including contract updates and establishment of a register of information on ICT service providers. The FMA invited comments on the analysis until 31 March 2025.