The European Data Centre Association (EUDCA), the organisation representing the voice of data centres in Europe, is committed to offering highly secure and reliable ICT service support for financial institutions. It is essential that financial actors consider not just cloud but also underlying data centre infrastructure security, which is an essential part of the digital ecosystem. Therefore, we welcome the intention of the EBA’s guidelines and, in reference to mentions of data centres on pages 16 and 21 of the Consultation document (sections ‘4.2.3. Use of third party providers’ and ‘4.4.4. Physical security’), recommend defining data centre security requirements in more detail.