1. Taking into account the technical criteria set out in Article 98, the competent authorities shall review the arrangements, strategies, processes and mechanisms implemented by the institutions to comply with this Directive and Regulation (EU) No 575/2013 and evaluate:
(a) risks to which the institutions are or might be exposed;
(b) [deleted]
(c) risks revealed by stress testing taking into account the nature, scale and complexity of an institution's activities;
(d) risks revealed by digital operational resilience testing in accordance with Chapter IV of Regulation (EU) 2022/ 2554.
2. The scope of the review and evaluation referred to in paragraph 1 shall cover all requirements of this Directive and of Regulation (EU) No 575/2013.
3. On the basis of the review and evaluation referred to in paragraph 1, the competent authorities shall determine whether the arrangements, strategies, processes and mechanisms implemented by institutions and the own funds and liquidity held by them ensure
…