NOMOX

ESMA_QA_2160

ESMA_QA_2160

Status: ✅ Answer Published

Link to ESMA Q&A tool: https://www.esma.europa.eu/publications-data/questions-answers/2160

Regulatory Context

Regulation : DORA

Level 1 Regulation: Regulation (EU) 2022/2554 - The Digital Operational Resilience Act (DORA)

Level 2 Regulation: No information available

Level 3 Regulation: No information available

Topic: Register of information

Subject Matter: DORA compliance contractual template to be provided by the ESA’s for FE’s / ICT providers

Question

Submission Date: 18 April 2024

Contractual agreements need to be updated to ensure that they are DORA compliant, yet Financial Entities (FE’s) do not know when standard contractual clauses will be provided by the relevant public authorities following the Article 30.4. of Regulation(EU) 2022/2554 We understand that if standard contractual clauses are not provided by the relevant public authorities’ in due time, then the legal departments of FE’s and ICT providers will potentially need to develop their own contractual clauses and templates, which will not only create a huge amount of work, duplicated by the different parties, and potentially mis-interpretation of the regulation, but will lead to protracted contractual negotiations between the FE’s and the ICT providers over which template should be used to cover the services provided, i.e. the template designed by the FE, or, the template designed by the ICT provider, and which will undoubtedly lead to a situation whereby the FE’s and ICT providers are required to manage multiple different contractual arrangements (which in turn will generate a tremendous additional supervisory efforts regarding the different provisions implemented). Could you please kindly confirm the expected date when the relevant public authorities will release a first draft of the DORA compliant standard contractual clauses and template to be used by the FE’s and ICT providers? Notwithstanding the fact that the abovementioned article refers to standard clauses for certain specific services, the financial sector has claimed the publication of standard contractual clauses under DORA. This will not only ease negotiations between FE´s and ICT providers but will also enforce the contractual security framework, as less misinterpretations of DORA will take place. Additionally, critical ITC providers are still to be designated by the ESAs and, therefore, negotiations between FE´s and ICT providers have not started yet in most of the cases. Therefore, we strongly request that consideration be given to the possibility of establishing a transitional period to adapt the contracts to the framework established by DORA.

ESMA Answer

Answer Date: 18-04-2024

The question is out of the scope of the Q&A process: ESAs are not mandated to provide standard clauses to financial entities.

This document was automatically extracted from the ESMA EMIR Q&A database.

Backlinks