The European Banking Authority (EBA) has initiated comprehensive evaluations of thirteen technology providers identified as critical contributors to the financial services sector.
These technology suppliers have been classified as Critical ICT Third-Party Providers (CTPPs) under the Digital Operational Resilience Act (DORA). They offer a wide array of ICT services, ranging from essential infrastructure to business and data services, to various financial institutions across the European Union, highlighting their vital role in the financial ecosystem.
The DORA Oversight Framework aims to enhance the effective management of ICT risks by these critical providers. Through direct oversight, European Supervisory Authorities will evaluate whether CTPPs possess adequate risk management and governance structures to ensure the resilience of their services. The EBA emphasizes that this approach is designed to mitigate risks that could jeopardize the operational stability of the EU financial sector.
The thirteen firms selected for scrutiny include:
– Accenture plc
– Amazon Web Services EMEA Sarl
– Bloomberg L.P.
– Capgemini SE
– Colt Technology Services
– Deutsche Telekom AG
– Equinix (EMEA) B.V.
– Fidelity National Information Services, Inc.
– Google Cloud EMEA Limited
– International Business Machine Corporation
– InterXion Headquarters B.V.
– Kyndryl Inc.
– LSEG Data and Risk Limited
– Microsoft Ireland Operations Limited
– NTT DATA Inc.
– Oracle Nederland B.V.
– Orange SA
– SAP SE
– Tata Consultancy Services Limited