The European Insurance and Occupational Pensions Authority, alongside the European Banking Authority and the European Securities and Markets Authority, has signed a Memorandum of Understanding with the Bank of England, the Prudential Regulation Authority and the Financial Conduct Authority to enhance cooperation on the oversight of critical ICT third-party service providers as required by the Digital Operational Resilience Act (DORA). The MoU sets principles and procedures for cooperation, information sharing and coordination of oversight activities between the authorities responsible for oversight of EU critical ICT third-party service providers and UK critical third parties, with the aim of strengthening third-party risk management and operational resilience across the EU and UK financial sectors. It was prepared under DORA Articles 36, 44 and 49, and was preceded by an ESAs assessment confirming equivalence between the UK confidentiality and professional secrecy regime and the DORA standard as a condition for information exchange with a third-country authority.
European Insurance and Occupational Pensions Authority 2026-01-14
European Insurance and Occupational Pensions Authority joins European Supervisory Authorities in signing MoU with UK authorities on DORA oversight of critical ICT third-party providers
The European Insurance and Occupational Pensions Authority, European Banking Authority, and European Securities and Markets Authority signed a Memorandum of Understanding with the Bank of England, Prudential Regulation Authority, and Financial Conduct Authority to enhance cooperation on oversight of critical ICT third-party service providers under the Digital Operational Resilience Act (DORA). The MoU establishes principles for cooperation, information sharing, and coordination to strengthen third-party risk management and operational resilience in the EU and UK financial sectors.