Dora ‘critical tech vendor’ designation could cast a wide net
Experts think cloud services, data providers and software firms are all in regulators’ sights.
A European Union consultation setting out the criteria for identifying a critical third-party tech vendor under the Digital Operational Resilience Act (Dora) could catch cloud services, data vendors and software providers, according to operational risk experts and lawyers.
“Lots of companies might be ensnared by this, especially in the IT space. How far will it go?” says the head of risk at a European bank. “The list of maybes is long.”
Bradley Rice, partner at law firm Ashurst, says Dora
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: https://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Regulation
Why UPIs could spell goodbye for OTC-Isins
Critics warn UK will miss opportunity to simplify transaction reporting if it spurns UPI.
Re-examining Big Tech’s influence over the capital markets
Waters Wrap: A few years ago, it seemed the big cloud providers were positioning themselves to dominate the capital markets tech scene. And then came ChatGPT.
Pressure mounts on Asia to fall in line for T+1
With the US already on a T+1 settlement cycle, and the UK and EU preparing for the shift in 2027, there’s pressure for Asia to follow suit. But moving may involve more risks than expected.
Brokers must shift HFT servers after China colocation ban
New exchange guidance drives rush for “proximity colo” in nearby datacenters.
Banks split over AI risk management
Model teams hold the reins, but some argue AI is an enterprise risk.
New EBA taxonomy could help banks track AI risk
Extra loss flags will allow banks to track transversal risks like geopolitics and AI, say experts.
Risk managers question US reach of Dora third-party list
Some EU subsidiaries included, but regulator control over cloud providers could still be limited.
Where have four years of Cusip legal drama gone?
The IMD Wrap: The antitrust case against Cusip Global Services has been a long, winding road. Reb recaps what you might have missed.
