Introduction and scope
Regulation (EU) 2022/2554 ("DORA") introduces a pan-European oversight framework of ICT third- party service providers designated as critical (CTPPs). As part of this oversight framework, the European Supervisory Authorities (ESAs) and competent authorities (CAs) have received new roles and responsibilities. For example, on the one hand, the ESA, as Lead Overseer (LO), is responsible to exercise oversight activities on the CTPPs, issue recommendations and follow up with the CTPPs on these recommendations. On the other hand, competent authorities (CAs), for example, participate in the LO's oversight of the CTPP as part of the Joint Examination Team (JET) and follow up with financial entities concerning the risks identified in the recommendations.
In order to ensure a consistent and convergent supervisory approach and a level playing field where financial entities are using the ICT services provided by a CTPP across Member States, it is important to have close coop
…