European Union: Closed consultation on Implementing Technical Standard to establish the template register of information for all contractual arrangements concerning ICT services provided by third-parties under DORA

On 11 September 2023, the three European Supervisory Authorities (EBA, EIOPA and ESMA) closed their consultation on a draft Implementing Technical Standard (ITS) to establish the template register of information for all contractual arrangements concerning ICT services provided by third parties under DORA. The register would include information on all contractual arrangements for ICT services provided by third-party providers to financial entities and set out general requirements for maintaining and updating the register, including using valid legal entity identifiers (LEIs) to identify providers to enable effective oversight. The draft for consultation proposed a set of minimum harmonised templates while allowing financial entities flexibility to supplement based on internal risk management needs. The templates would capture information such as general details on the financial entity and entities in its scope of consolidation, details on contractual arrangements like parties involved, dates and jurisdictions, identification of functions supported by ICT services, and risk assessments for services supporting critical/important functions. The templates are structured as a relational database using keys like contractual reference numbers and LEIs to link relevant data, with the aim of ensuring accuracy, consistency, completeness, and quality of data in the register.