How Regulations Are Raising the Bar for Technology

January 19, 2026

Regulation
Interviews
Operations

Paul Foley

CTO

Paul Foley, CTO of qashqade, has spent years guiding technology and risk teams through fast-changing regulatory and security landscapes. His view is clear: regulation doesn’t invent new responsibilities, it crystallizes what clients already expect. Here’s our full interview with Paul:

As frameworks like the Digital Operational Resilience Act (DORA) come into focus, I see an inflection point in how vendors and technology partners in private markets will be evaluated. We shouldn’t view DORA as a hoop to jump through. It’s a mirror. It reflects what clients already need from us: resilience, accountability, and proof.

Regulation Is Raising the Bar, And That’s a Good Thing

Too often, compliance has been treated as a once-a-year checklist activity. I believe DORA changes that:

  • It requires defined and measurable RTO and RPO metrics, backed by live testing not just policies on paper
  • It introduces rigorous third-party oversight, forcing vendors to prove they can deliver resilience under pressure
  • It demands evidence-based security and continuity strategies, verified by independent audit

Clients don’t want vague assurances, they want to know that we can restore service in minutes, not days, and that we’ve already tested it.

Regulation as Alignment Not Bureaucracy

Good regulation, in my view, serves as a forcing function to do what you should already be doing:

  • Ensuring recovery capabilities are regularly tested
  • Aligning internal controls with real-world operational impact
  • Communicating clearly what thresholds (e.g., downtime, data loss) your organization is prepared to absorb and why

Leadership’s Role in Making Regulation Work

For executives and tech leaders, the job isn’t to memorize regulation, it’s to translate it into internal commitments that actually mean something:

  • How quickly can we recover from a major outage?
  • What level of data loss is acceptable and to whom?
  • Who owns each link in the recovery chain?

When leaders treat regulation as a strategy lens, not a compliance burden, they build operational discipline that delivers lasting trust.

Take the Next Step Toward Operational Resilience

Want to explore how regulatory readiness ties into broader resilience strategy?

Download our free eBook: Operational Resilience in Private Markets, featuring Paul Foley’s in-depth expert insights.

See how qashqade can help you, speak to our team today
BOOK A DEMO
Want to learn more about qashqade?
BOOK A CALL
BETTER OUTPUTS,
BETTER OUTCOMES_
BOOK A DEMO
Solutions
Fund Managers & GPs
Fund Administrators
Investors & LPs
Advisors & Law Firms
Why qashqade?
Modules
Waterfall Calculation
LPA Validation
GP Incentives Allocation
Cap Table
Reporting
Stakeholder Portal
KPI Targeting
Data Exchange
Services
SPM Team
Advisory

Insights
Blog
White Papers
PE Glossary
Summer Survey
Company
About us
Contact Us
News
Press Coverage
Partners
Baseball Sponsorship ⚾
Careers
FAQs
Follow Us
Reviews of qashqade on Capterra
Swiss Fintech
BAI
SWICO
SOC 2
Privacy Policy | Imprint | © 2025 qashqade AG