DORA regulation outlining process for identifying critical ICT third-parties published
It implements the specific assessment approach to be used by supervisory authorities and outlines fees payable by vendors designated as critical.
EU DORA Del Reg - CTPP designation criteria
Sets out the critera to be used to assess whether an ICT third-party service provider is critical for financial entities. Utilizes a two-step test to identify those providers who are most critical.
Overview
Notable
Latest News
Notable
Your DORA questions answered – CIFs
This third of a series of six articles covering a practical session organised by Ashurst focuses on critical or important functions.
Managing vendors supporting critical or important functions - from zero to full compliance with DORA
A summary of key practical steps based on the draft technical standard.
Latest News
More on DORA
-
Demystifying the debate on the US CLOUD Act vs European/UK Data Sovereignty
Practical advice and steps for organizations to understand and comply with sovereignty and localization rules.
-
Lietuvos Bankas sets out agenda for dialogue with financial sector
The central bank intends to hold 17 events tied to compliance-central topics such as DORA, AML, and third-party risk management.
-
Iceland's Central Bank publishes priorities for financial market supervision
Cybersecurity, responsible business practices, and combating money laundering are among the 2026-2028 focus areas.
-
Ashurst Data Bytes 2026: Ready or not, increased cyber scrutiny is here
An Ashurst panel, together with guest speaker Will Barlow of Crowdstrike, discussed what steps you should be taking to prepare for a cybersecurity incident.
-
The EU's DORA: Strategic implications for third-party financial service providers
Many global organizations have learned that without appropriate oversight, third parties can become liabilities. Max Veve says DORA is the stand out regulation.
-
Building a resilient human firewall in UK financial services
The stark reality of modern cyber defence is that technology, however sophisticated, is easily bypassed by human error.
-
Europol issues critical roadmap for "quantum-proofing" global finance
Risk-based framework to help FIs identify which of their systems must be upgraded first to defend against the future threat of quantum computers.
-
EU designates critical ICT third-party providers under DORA
European supervisors carried out a systematic assessment of the importance of each service provider to the financial sector, before deciding on designation.