1. The Commission shall adopt delegated acts in accordance with Article 301a to further specify the following:
(a)the elements of the systems referred to in Articles 41, Article 44, in particular the areas listed in Article 44(2), and Articles 46 and 47, other than the elements concerning information and communication technology risk management;
(b)the functions referred to in Articles 44, 46, 47 and 48, other than functions related to information and communication technology risk management.
2. In order to ensure consistent harmonisation in relation to this Section, EIOPA shall, subject to Article 301b, develop draft regulatory technical standards to further specify the following:
(a) the requirements set out in Article 42 and the functions subject thereto;
(b) the conditions for outsourcing, in particular to service providers located in third countries.
Power is delegated to the Commission to adopt the regulatory technical standards referred to in the first subparagraph in accordance