The European Supervisory Authorities, including the European Securities and Markets Authority, have signed a Memorandum of Understanding with the Bank of England, the Prudential Regulation Authority and the Financial Conduct Authority to strengthen cooperation on the oversight of critical ICT third-party service providers under the Digital Operational Resilience Act. The agreement sets principles and procedures for cooperation, information sharing and coordination of oversight activity between EU and UK authorities responsible for oversight of EU critical ICT third-party providers and UK critical third parties, with the stated aim of enhancing third-party risk management and operational resilience across both jurisdictions. The MoU was prepared under Digital Operational Resilience Act Articles 36, 44 and 49, and follows an assessment by the European Supervisory Authorities that the UK confidentiality and professional secrecy regime is equivalent to the European Union regime required for information exchange under the act.
European Securities and Markets Authority 2026-01-14
European Securities and Markets Authority joins EU supervisory authorities in signing MoU with the Bank of England, the Prudential Regulation Authority and the Financial Conduct Authority on DORA oversight of critical ICT third parties
The European Supervisory Authorities, including the European Securities and Markets Authority, have signed a Memorandum of Understanding with UK regulators to enhance cooperation on overseeing critical ICT third-party service providers under the Digital Operational Resilience Act. This agreement establishes principles for cooperation and information sharing to improve third-party risk management and operational resilience across the EU and UK.