ESMA_QA_2226
Status: ✅ Answer Published
Link to ESMA Q&A tool: https://www.esma.europa.eu/publications-data/questions-answers/2226
Regulatory Context
Regulation : DORA
Level 1 Regulation: Regulation (EU) 2022/2554 - The Digital Operational Resilience Act (DORA)
Level 2 Regulation: No information available
Level 3 Regulation: No information available
Topic: Other DORA topics
Subject Matter: Scope of the definition of ICT services
Question
Submission Date: 02 July 2024
As the manager of an Alternative Investment Fund (AIF), we provide specialized investment opportunities to professional investors such as pension funds, insurers, and banks within the EU. Consequently, both our firm and our investors fall within the scope of DORA.
Our investors can access their portfolios through an online portal operated by a third-party service provider (an ICT third-party service provider). We intend to establish a DORA addendum with this ICT third-party service provider to address this specific ICT service.
Several of our investors have inquired about DORA compliance in relation to their contractual relationship with us. While we are committed to ensuring the portal itself is compliant, we believe our core service – providing investment opportunities – does not constitute an ICT service under DORA. The online portal is merely a supplementary tool for accessing reports, not a fundamental part of our contractual obligations. This view is further supported by the fact that our agreements with investors only stipulate that we provide them with reports, without specifying the method of delivery.
Given these considerations, do you agree with our assessment that our services to investors do not fall under the definition of an ICT service as per DORA and that we, in respect of our investors, cannot be considered an ICT third-party service provider?
ESMA Answer
Answer Date: 02-07-2024
No answer has been published yet for this question.
This document was automatically extracted from the ESMA EMIR Q&A database.