Regulatory Technical Standards on the policy on ICT services supporting critical or important functions provided by ICT third-party service providers

Status: Adopted and published in the Official Journal of the EU

These Regulatory Technical Standards specify parts of the governance arrangements, risk management and internal control framework that financial entities should have in place regarding the use of ICT third-party service providers. They aim to ensure financial entities remain in control of their operational risks, information security and business continuity throughout the life cycle of contractual arrangements with such ICT third-party service providers.

Summary of document history

Previous versions Current version Ongoing versions

Draft Regulatory Technical Standards on the policy on ICT services supporting critical or important functions provided by ICT third-party service providers

Status: In force
Application date: 15/07/2024
Compliance deadline:

Documents

Draft RTS to specify the policy on ICT services supporting critical or important functions

(754.99 KB - PDF)

Download

Press contacts

Franca Rosa Congiu

Organisation and governance

Legal and policy framework

Careers

Supervisory convergence

Direct supervision and oversight

Information for consumers

Ad hoc activities

Risk analysis

Reporting frameworks

Data

Publications

Media centre