Introduction and scope
Regulation (EU) 2022/2554 [Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011, OJ L 333, 27.12.2022, p. 1.] ("DORA") introduces a pan-European oversight framework of ICT third-party service providers designated as critical (CTPPs). As part of this oversight framework, the ESAs and competent authorities (CAs) have received new roles and responsibilities.
In this context, the ESAs have been mandated under Article 41(1) to develop draft regulatory technical standards (RTS) to harmonise the conditions enabling the conduct of oversight activities.
According to the mandate, the draft RTS shall specify:
a) the information to be provided by an ICT third-party service provider in the application for a voluntary request to be designated as critical;
b) the inf
…