The European Supervisory Authorities, including the European Banking Authority, signed a memorandum of understanding with the Bank of England, the Prudential Regulation Authority and the Financial Conduct Authority to enhance cooperation on the oversight of critical information and communication technology third-party service providers as required by the Digital Operational Resilience Act (DORA). The MoU sets out principles and procedures for cooperation, information sharing and coordination of oversight activities between authorities responsible for oversight of EU critical ICT third-party service providers and UK critical ICT third-party service providers, aiming to strengthen third-party risk management and operational resilience in both jurisdictions. It was prepared under DORA Articles 36, 44 and 49 and follows an assessment confirming that the UK confidentiality and professional secrecy regime is equivalent to the regime under DORA, a precondition for exchanging information with a third-country authority; the MoU and the targeted equivalence assessment were published alongside the announcement.
European Banking Authority 2026-01-14
European Banking Authority and other European Supervisory Authorities sign MoU with UK regulators on DORA oversight of critical ICT third-party providers
The European Supervisory Authorities, including the European Banking Authority, signed a memorandum with the Bank of England, the Prudential Regulation Authority, and the Financial Conduct Authority to enhance cooperation on oversight of critical ICT third-party service providers under the Digital Operational Resilience Act. This agreement outlines principles for cooperation and information sharing, following an assessment confirming the UK's confidentiality regime is equivalent to DORA's requirements.