The European Banking Authority (EBA), the European Securities and Markets Authority (ESMA), and the European Insurance and Occupational Pensions Authority (EIOPA) have classified 19 third-party providers of information and communications technologies as critical for the European financial sector. This classification is an important milestone in implementing the supervisory framework under the Digital Operational Resilience Act (DORA). The selection was made following comprehensive analysis of systemic importance, significance for critical functions as well as the substitutability of services. The DORA framework’s objective is to strengthen the financial sector’s resilience regarding ICT risks.
The complete list of critical providers can be found here.
More detailed information about DORA can be found on the FMA website.