Search

​​​​​​​The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) today published their joint response to the European Commission’s Call for Advice on two EC delegated acts under the Digital Operational Resilience Act (DORA) specifying further criteria for critical ICT third-party service providers (CTPPs) and determining oversight fees levied on such providers.

The three European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) have today published an indicative overview of information and communication technology (ICT) third-party providers (TTP) as part of their preparations for the Digital Operational Resilience Act (DORA). The analysis aims to map the provision of ICT services by TPPs to financial entities in the European Union and to support the ESAs’ policy making process in light of the European Commission’s call for advice to further specify the criteria for critical ICT TPPs and to determine oversight fees.

The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) launched today a public consultation on the first batch of policy products under the Digital Operational Resilience Act (DORA). This includes four draft regulatory technical standards (RTS) and one set of draft implementing technical standards (ITS). These technical standards aim to ensure a consistent and harmonised legal framework in the areas of ICT risk management, major ICT-related incident reporting and ICT third-party risk management. The consultation runs until 11 September 2023.

The European Supervisory Authorities (EBA, EIOPA and ESMA - ESAs) today published a joint Discussion Paper seeking stakeholders’ input on aspects of the Digital Operational Resilience Act (DORA). This Discussion Paper follows the European Commission’s request for technical advice on the criteria for critical ICT third-party providers (CTPPs) and the oversight fees to be levied on them. Interested stakeholders are invited to provide their input by 23 June 2023.