EU DORA Del Reg – CTPP designation criteria – Global Relay Intelligence & Practice

EU DORA Del Reg - CTPP designation criteria

Sets out the critera to be used to assess whether an ICT third-party service provider is critical for financial entities. Utilizes a two-step test to identify those providers who are most critical.

Rule Overview

Jurisdiction: European Union

Regulator: ESMA

Topic: Resilience

Overview

Notable

Latest News

The assessment is to be targeted at the individual or group level as appropriate with subcontractors also evaluated.

The assessment criteria include:

Systemic impact on stability, continuity or qualify of the provision of financial services
Systemic character and importance of the ICT services
Criticality or importance of the functions
Degree of substitutability

Notable

Technology

DORA regulation outlining process for identifying critical ICT third-parties published

June 10, 2024

It implements the specific assessment approach to be used by supervisory authorities and outlines fees payable by vendors designated as critical.

Thomas Hyrkiel2 min read

Technology

Your DORA questions answered – CIFs

March 25, 2024

This third of a series of six articles covering a practical session organised by Ashurst focuses on critical or important functions.

Thomas Hyrkiel4 min read

Technology

Managing vendors supporting critical or important functions - from zero to full compliance with DORA

April 30, 2024

A summary of key practical steps based on the draft technical standard.

Thomas Hyrkiel, Katarzyna Parchimowicz5 min read

Technology

DORA regulation outlining process for identifying critical ICT third-parties published

Technology

Your DORA questions answered – CIFs

Technology

Managing vendors supporting critical or important functions - from zero to full compliance with DORA

Latest News More on DORA

ESMA

Infringement procedures launched over delayed DORA transposition

April 1, 2025

Full implementation is vital for strengthening the EU's financial sector against increasing digital risks.

Jean Hurley1 min read
GRIP Extra

GRIP Extra: CFPB drops Zelle suit, Barclays suffers 3-day IT outage

March 7, 2025

Other news includes assistance from the SEC for filers using EDGAR, a probe into Nvidia shipments to Malaysia and another bank reviewing its approach to DEI.

GRIP1 min read
Conferences and events

Privacy experts give advice on complying with DORA and NIS2

March 7, 2025

Adequate preparation, identifying what and who is critical, and, above all, "practice, practice, practice" highlighted.

Martina Lindberg, Jean Hurley3 min read
Podcasts

Podcast: Practice and procedure with GRIP – DORA implementation

March 3, 2025

DORA is a response to persistently elevated cyber threat levels, Jean and Thomas discuss how firms can achieve operational resilience.

Jean Hurley, Thomas Hyrkiel23 min listen
ESMA

ESAs make progress on critical ICT third-party oversight framework

February 24, 2025

ICT providers designated critical under DORA will get six weeks to challenge the designation.

Jean Hurley1 min read
Regulation

EBA narrows existing ICT guidelines

February 17, 2025

DORA ICT risk management requirements apply to financial entities in their place.

Thomas Hyrkiel1 min read
Security

Why tech, process and people are top of mind for CISO Laurence Lafond

January 28, 2025

In this second part of our discussion with Lafond, he refers to internal threats, side-channel attacks, vendor risks and having a well-equipped incident response plan and team.

Julie DiMauro10 min read
ESMA

DORA: Navigating the path ahead

January 27, 2025

With DORA now in effect, the EU’s financial sector is entering a new phase of operational resilience obligations, where firms must shift from preparation to action.

Nathaniel Lalone | Katten, Ciara McBrien | Katten5 min read

Topics

Latest News

Federal court orders Bank of America to pay FDIC $540m

Attorneys Kudman and Posner on strategies to detect and deter healthcare fraud

16 firms rebuffed by SEC in bid to revisit off-channel comms settlements

Topics

Latest News

Updated UK Modern Slavery Act guidance published

The CAT is in danger, says Barron’s

Pharma watch: Delayed vaccine decisions, insulin price lawsuit, drug cap win

Topics

Latest News

Second SEC roundtable explores regulatory pathways for crypto trading

Home Office consults on measures to tackle ransomware

US regulators shift stance in turning point for crypto policy

Topics

Latest News

Podcast: LSEG's Anna Rosenberg contemplates the regulatory road ahead

GRIP Extra: DHS investigates ex-CISA director Krebs, Atkins in as SEC chair

SIFMA C&L 2025 Recap: The future of US state regulation

Infringement procedures launched over delayed DORA transposition

GRIP Extra: CFPB drops Zelle suit, Barclays suffers 3-day IT outage

Privacy experts give advice on complying with DORA and NIS2

Podcast: Practice and procedure with GRIP – DORA implementation

ESAs make progress on critical ICT third-party oversight framework

EBA narrows existing ICT guidelines

Why tech, process and people are top of mind for CISO Laurence Lafond

DORA: Navigating the path ahead