The European Supervisory Authorities, comprising the European Banking Authority, the European Insurance and Occupational Pensions Authority and the European Securities and Markets Authority, have published a guide on oversight activities under the EU Digital Operational Resilience Act (DORA). It outlines how the ESAs will use Joint Examination Teams (JET) to oversee critical information and communication technology third-party service providers. The guide provides a high-level explanation of the oversight framework, including its governance structure, oversight processes, founding principles and the tools available to overseers. It is not legally binding and does not replace applicable EU law, but is intended to help financial entities, third-party providers and other stakeholders prepare for the implementation of the DORA oversight framework.
European Banking Authority 2025-07-15
European Banking Authority and other European Supervisory Authorities publish guide on DORA oversight of critical ICT third-party providers
The European Supervisory Authorities, including the European Banking Authority, have released a guide on oversight activities under the EU Digital Operational Resilience Act (DORA). It details the use of Joint Examination Teams to oversee critical ICT third-party service providers and explains the oversight framework's governance, processes, and tools. It is non-binding and aims to assist stakeholders in preparing for DORA's implementation.