Joint Statement on DORA & definition of ICT Services

Published:

FESE together with AFME, EACH, ECSDA and FIA (the Associations) have issued a joint statement urging the Commission and the ESAs to reinstate the guidance confirming that regulated financial services should not be treated as ICT services for the purpose of DORA and clarify that regulated financial services include any services and activities subject to the supervision of a financial services regulator including any ancillary or delegated services.

In light of the upcoming DORA application deadline on the 17th of January 2025, the Associations welcome the intention of the Commission and ESAs to provide Q&A clarifications on the definition of ICT services. This should reinforce the widely held understanding that regulated financial services, such as those provided by FMIs, credit institutions and investment firms in their capacity as such, should not be deemed ICT services in the scope of DORA. These financial institutions are subject to separate financial services legislation and regulation, as well as supervision by financial services regulators so that many of their services are not ICT services under DORA but rather regulated financial services.