Introduction and scope
Regulation (EU) 2022/2554 ("DORA") introduces a pan-European oversight framework of ICT third- party service providers designated as critical (CTPPs). As part of this oversight framework, the ESAs and competent authorities (CAs) have received new roles and responsibilities. For example, on the one hand, the ESA, as Lead Overseer (LO), will be responsible to exercise oversight activities on the CTPPs, issue recommendations and follow up with the CTPPs on these recommendations. On the other hand, CAs, for example, will participate in the LO's oversight of the CTPP as part of the Joint Examination Team (JET) and follow up with financial entities concerning the risks identified in the recommendations.
In order to ensure a consistent and convergent supervisory approach and a level playing field where financial entities are using the ICT services provided by a CTPP across Member States, it is important to have close cooperation between CAs and ESAs through a mutual exc
…