Dora ‘critical tech vendor’ designation could cast a wide net

Experts think cloud services, data providers and software firms are all in regulators’ sights.

Credit: montage

A European Union consultation setting out the criteria for identifying a critical third-party tech vendor under the Digital Operational Resilience Act (Dora) could catch cloud services, data vendors and software providers, according to operational risk experts and lawyers.

“Lots of companies might be ensnared by this, especially in the IT space. How far will it go?” says the head of risk at a European bank. “The list of maybes is long.”

Bradley Rice, partner at law firm Ashurst, says Dora

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact or view our subscription options here:

You are currently unable to copy this content. Please contact to find out more.

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to Waterstechnology? View our subscription options

Waters Wrap: T+1 and too many proposals

Anthony believes that there’s a growing chasm emerging between regulators, senior business execs, and technologists—which is especially evident when it comes to the T+1 debate.

You need to sign in to use this feature. If you don’t have a WatersTechnology account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here