EU-DORA-31-13
Registration
31 — Designation of critical ICT third-party service providers
Submit reasoned application for critical designation
Description
Full Analysis & Evidence Requirements
Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.
Sign In to ViewRelated Obligations
EU-DORA-31-01
Registration
Designate critical ICT third-party service providers
EU-DORA-31-02
Registration
Appoint Lead Overseer for critical ICT third-party service providers
EU-DORA-31-03
Requirement
Designate coordination point for group critical ICT service providers
EU-DORA-31-04
Transparency
Notify ICT third-party service provider of assessment outcome
EU-DORA-31-05
Transparency
Submit reasoned statement within 6 weeks
EU-DORA-31-06
Requirement
Consider reasoned statement and may request additional information
EU-DORA-31-07
Transparency
Notify ICT third-party service provider of critical designation
EU-DORA-31-08
Transparency
Notify financial entities of critical designation
EU-DORA-31-09
Requirement
Adopt delegated act specifying criteria by July 17, 2024
EU-DORA-31-10
Transparency
Establish, publish and update yearly list of critical ICT third-party service providers
Map this obligation to your AI systems
ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.
Get Started