The Cyber Resilience Act (CRA), NIS2, DORA and the AI Act are reshaping the expectations placed on software engineering across Europe. While many organisations initially associate these regulations with compliance, we see something else: they reinforce the value of good engineering practices and reward companies that have invested in software quality from the outset.
Making Software Quality Visible
The new regulatory framework places greater emphasis on transparency, traceable development processes and systematic security practices. For many Swiss software companies, these expectations build on principles that have long been part of professional software engineering.
In our day-to-day work, we see that Security by Design, long-term maintainability and sound architectural decisions are essential for building reliable and trustworthy software. The new regulations do not redefine quality – they make it measurable and easier to demonstrate.
This creates new opportunities for Swiss software companies. Organisations that can prove the quality of their engineering practices will be well positioned to stand out in an increasingly competitive market.
Digital Sovereignty Starts with Good Software
From our perspective, digital sovereignty and regulatory compliance go hand in hand. Both ultimately aim to give organisations greater control over their software, their data and their digital supply chains.
Transparent development processes, well-documented architectural decisions and open standards do more than support compliance. They also reduce dependency on individual vendors and strengthen an organisation's ability to adapt and innovate over the long term.
For Switzerland, a country recognised for innovation, quality and independence, this is particularly relevant. In a digital world, Swissness is not only about where software is developed, but also about trust, reliability and engineering excellence.
Looking Ahead
DORA already applies, the main obligations of the CRA will take effect by the end of 2027, and the AI Act is being introduced in phases. Organisations that continue to strengthen their engineering practices today will not only be better prepared for future regulatory requirements but also improve their long-term competitiveness.
From our perspective, these developments reinforce Switzerland's position as a leading software hub. More and more organisations are looking for partners who understand regulatory requirements while delivering high-quality software. We see this as one of the defining strengths of Swiss software companies – and a clear competitive advantage in the international market.
Further Reading
The full, more detailed original article is available on the Karakun website: https://karakun.com/en/regulation-as-an-opportunity/