Page 47 - 期貨和衍生品行業(yè)監(jiān)管動態(tài)(2024年7月刊)
P. 47
期貨和衍生品行業(yè)監(jiān)管動態(tài)
Standards (RTS) specifying how to determine and assess the conditions for
subcontracting information and communication technology (ICT) services that
support critical or important functions under the Digital Operational Resilience Act
(DORA). These RTS aim at enhancing the digital operational resilience of the EU
financial sector by strengthening the financial entities’ ICT risk management over the
use of subcontracting.
These RTS focus on ICT services provided by ICT subcontractors that support
critical or important functions, or material parts of them. In addition, they specify the
requirements throughout the lifecycle of contractual arrangements between financial
entities and ICT third-party service providers. In particular, they require financial
entities to assess the risks associated with subcontracting during the precontractual
phase, including the due diligence process.
Requirements for the implementation and management of contractual
arrangements on subcontracting conditions are defined with these RTS, to ensure that
financial entities monitor the subcontractors effectively underpinning the ICT services
that support critical or important functions and remain in control of their risks.
Today’s RTS finalise the publication of the ESAs’ second batch of regulatory
products under DORA.
https://www.esma.europa.eu/press-news/esma-news/esas-published-joint-final-report-
draft-technical-standards-subcontracting
31