The European Banking Authority has authorised in-depth examinations at thirteen technology suppliers deemed as providing critical services to the financial services community.
The technology suppliers have been designated as critical ICT third-party providers (CTPPs) under the Digital Operational Resilience Act (Dora).
The designated CTPPs provide a range of ICT services - from core infrastructure to business and data services - to financial entities of all types and sizes across the European Union, reflecting their pivotal role within the financial ecosystem.
The objective of the Dora Oversight Framework is to promote the sound management of ICT risk by the critical providers. Through direct oversight engagement, European Supervisory Authorities will assess whether CTPPs have appropriate risk management and governance frameworks in place to ensure the resilience of the services they deliver.
"This serves to mitigate risks that could impact the operational resilience of the financial sector of the EU," sates the EBA.
The thirteen firms singled out for examination include
- Accenture plc
− Amazon web Services EMEA Sarl
− Bloomberg L.P.
− Capgemini SE
− Colt Technology Services
− Deutsche Telekom AG
− Equinix (EMEA) B.V.
− Fidelity National Information Services, Inc.
− Google Cloud EMEA Limited
− International Business Machine Corporation
− InterXion HeadQuarters B.V.
− Kyndryl Inc.
− LSEG Data and Risk Limited
− Microsoft Ireland Operations Limited
− NTT DATA Inc.
− Oracle Nederland B.V.
− Orange SA
− SAP SE
− Tata Consultancy Services Limited