We have service providers (Market Axess), who classify themselves as DORA-relevant because they offer regulated financial services (ARM and APA). However, they do not see themselves obligated to make contractual adjustments according to Article 30. This is because "financial services" would not fall under the definition of "ICT service" as per Article 3(21) of DORA. Additionally, this requirement would only apply to non-regulated companies. Is this understanding correct?

Does a European crowdfunding service provider (“ECSP”) have the right to link the individual portfolio management of loans to the bulletin board functionality by not only allocating investors funds to one or multiple crowdfunding projects on ECSP's crowdfunding platform but also by allowing investor a possibility of automatically investing in the loans published on the bulletin board?

Which licensed activity has to be selected for the licensed activity dropdown in the Register of Information if the entity is a legal protection insurance? According to the Annex of Solvency II it is the class 17, but class 17 is not available in the choices for the drop down field.

Can you set out how UCITS Management Companies fall in scope for DORA and if there are any exemptions.

The scope of DORA includes (Article 2(1)(k) “managers of alternative investment funds”. Such an entity is defined in Article 3(44) as “… a manager of alternative investment funds as defined in Article 4(1), point (b), of Directive 2011/61/EU”. It is noted that the definition does not extend to the need to be authorised or registered under Directive 2011/61/EU. As such this can be read as meaning that all managers (regardless of their jurisdiction) of alternative investment funds could potentially fall within scope of DORA.

ESMA_QA_2107 clarifies that a financial entity in the EU is subject DORA and that DORA does not directly apply to a non-EU entity providing services to an EU financial entity – although DORA may apply indirectly to the non-EU entity given that the “EU financial entity is expected to validate that the non-EU third-party provider does not prevent it to be compliant with DORA”.

Does the same principle apply to non-EU AIFMs that manage AIFs (regardless of where those AIFs are established) which have investors based in the EU i.e. DORA will not directly apply to such non-EU AIFMs, but may apply indirectly if such investors are financial entities in the EU who are directly subject to DORA?