According to Article 2 par 1 of DORA AIFM is in scope of DORA, AIF is not defined as financial entity. There are situations when agreement is concluded directly between AIF and ICT service provider. It is obvious that the agreement in such situation should contain elements listed in Article 30 of DORA and the risk assessment should be performed by AIFM. But shall such agreement also be:
- included in the register of information in relation to all contractual arrangements on the use of ICT services provided by ICT third-party service providers according to Article 28 par 3 and
- notified to competent authority in a timely manner prior of the conclusion of the agreement if the agreement supports critical or important functions?