DORA critical third-party oversight fee calculation rules published
Our plain English summary explains the annual fee will be calculated on the basis of oversight costs and third-party turnover connected to services provided to financial entities.
EU DORA Del Reg - CTPP oversight fees
Establishes an annual fee to be imposed on third-party providers who have been designated as critical to cover the regulator's oversight costs. Includes the mechanism by which the fee is to be calculated.
Notable
Latest News
Notable
Your DORA questions answered – CIFs
This third of a series of six articles covering a practical session organised by Ashurst focuses on critical or important functions.
DORA regulation outlining process for identifying critical ICT third-parties published
It implements the specific assessment approach to be used by supervisory authorities and outlines fees payable by vendors designated as critical.
Latest News
More on DORA
-
ECB issues new guidance on outsourcing cloud services
The guide sets out the central bank's expectations on the requirements of DORA, including good practices which add an additional layer of complexity.
-
What you need to know about ESMA's new Registration Guide
While not legally binding, the guide provides clarity on ESMA's assessment process for financial entities navigating the registration process.
-
BaFin publishes DORA document requirements cheat sheet
Comprehensive register of key documents is relevant to all organizations running digital systems and needing to ensure their security.
-
BaFIN to intensify third-party supervision in 2025
The regulator continues to be concerned about outsourcing dependency and concentration risk and wants to obtain clarity on technology interconnectedness in the financial sector.
-
Infringement procedures launched over delayed DORA transposition
Full implementation is vital for strengthening the EU's financial sector against increasing digital risks.
-
GRIP Extra: CFPB drops Zelle suit, Barclays suffers 3-day IT outage
Other news includes assistance from the SEC for filers using EDGAR, a probe into Nvidia shipments to Malaysia and another bank reviewing its approach to DEI.
-
Privacy experts give advice on complying with DORA and NIS2
Adequate preparation, identifying what and who is critical, and, above all, "practice, practice, practice" highlighted.
-
Podcast: Practice and procedure with GRIP – DORA implementation
DORA is a response to persistently elevated cyber threat levels, Jean and Thomas discuss how firms can achieve operational resilience.