Search a question

From

Question ID

Workflow status

Topic

Legislative Act

Keywords

View PDF

ESMA_QA_2457

Topic

Other DORA topics

07/03/2025

Subject Matter

Clarification on DORA Audits for Non-European ICT Service Providers

Question

The DORA law states that ICT third-party service providers must fully cooperate during onsite inspections and audits conducted by competent authorities, the Lead Overseer, the financial entity, or an appointed third party.
Will these audits be conducted the same way if the provider is located outside Europe,

Level 1 Regulation

Regulation (EU) 2022/2554 - The Digital Operational Resilience Act (DORA)

ESMA_QA_2456

Topic

ICT third-party risk management

07/03/2025

Subject Matter

Clarification on DORA Compliance for Intra-Group providers

Question

Can you confirm our understanding of the DORA law: an intra-group entity providing services to a financial entity is subject to the same obligations as a non-critical third-party provider. This includes requirements related to contractual arrangements, provisions for critical functions, exit strategies and termination conditions, information registry, reporting to competent authorities, and pre-contractual assessments. Additionally, if the services involve critical or important functions, further requirements apply, such as TLPT tests and audits by competent authorities.

Level 1 Regulation

Regulation (EU) 2022/2554 - The Digital Operational Resilience Act (DORA)

ESMA_QA_2447

Topic

ICT third-party risk management

26/02/2025

Subject Matter

direct agreements between AIF and ICT service provider

Question

According to article 2 par 1 of DORA AIFM is in scope of DORA, AIF is not defined as financial entity. There are situations when agreement is concluded directly between AIF and ICT service provider. It is obvious that the agreement in such situation should contain elements listed in article 30 of DORA and the risk assessment should be performed by AIFM. But shall such agreement also be:
- included in the register of information in relation to all contractual arrangements on the use of ICT services provided by ICT third-party service providers according to article 28 par 3 and
- notified to competent authority in a timely manner prior of the conclusion of the agreement if the agreement supports critical or important functions?

Level 1 Regulation

Regulation (EU) 2022/2554 - The Digital Operational Resilience Act (DORA)

ESMA_QA_2435

Topic

10/02/2025

Subject Matter

Question

A Group contains within it both insurance entities and banking entities; for the purposes of preparing the Register at a consolidated level, must it consider both types of Entity? To which Authority is the Register sent at a consolidated level?

Level 1 Regulation

Regulation (EU) 2022/2554 - The Digital Operational Resilience Act (DORA)

ESMA_QA_2431

Topic

04/02/2025

Subject Matter

Non-EU ICT service providers without a LEI - conflicting validation rules

Question

When an ICT service provider reported under schedule 05.01 is a legal person outside of the EU, the absence of a EUID and LEI will result in a report validation error rendering the submission of the ROI impossible. Should such service provider be left out of the register or should a dummy EUID be used (preferably issued by ESA to adequately consolidate missing positions)

Level 1 Regulation

Regulation (EU) 2022/2554 - The Digital Operational Resilience Act (DORA)

48-hour rule
Application to operate in the Union
Complaints handling and reasoned concerns
Digital operational resilience testing
Disclosures to the public
Disclosures to users of ESG ratings, rated items and issuers of rated items
Environmentally sustainable and sustainability-linked bonds
External reviewers - Analysts and other persons involved in assessment activities
External reviewers - Assessment methodologies and errors
External reviewers - Compliance
External reviewers - Conflicts of interest and provision of other services
External reviewers - Outsourcing
External reviewers - Record-keeping
External reviewers - Registration and material changes
External reviewers - Senior management and board
External reviewers - Systems, resources and procedures
External reviewers - Third-country regimes
External reviewers – Accounting, internal control and control arrangements for information systems
Fair reasonable and non-discriminatory
Financial Instruments
Independence and avoidance of conflicts of interest
Issuer disclosures
Methodologies
Non-profit organisations
Outsourcing
Oversight function
Rating analysts, employees and other persons involved in the provision of ESG ratings
Record-keeping
Scope (including exemptions)
Separation of business and activities
Temporary regime for small providers
Third-country regimes
ICT risk management
ICT-related incident
ICT third-party risk management
Oversight framework of CTPPs
Other DORA topics
Asset-Referenced Token (ART)
Blockchain
Blockchain
Bonds marketed as environmentally sustainable or sustainability-linked bonds
CCP Recovery
CCP Resolution
Compensatory measures for DLT market infrastructures
Consensus mechanism
Crypto assets
Crypto-Asset Service Provider (CASP)
Cryptocurrency
Decentralised Finance (DeFi)
Decentralized autonomous organization (DAO)
Distributed Ledger Technology (DLT)
DLT financial instruments
DLT market infrastructure
DLT multilateral trading facility (DLT MTF)
DLT Pilot Regime
DLT settlement system (DLT SS)
DLT trading and settlement system (DLT TSS)
Electronic money token (EMT)
EU-CCPs
Exemptions for DLT market infrastructures
External reviewers
Funds’ names
Issuer of crypto assets
Market abuse in crypto-asset market
MiFID services under Article 6(4) of the AIFMD
Mining
Node
Non-Fungible Tokens (NFT)
Other issues (CCP)
Prospectus
Register of information
Requirements for DLT market infrastructures
Sandbox
Securitisation
Smart contract
Stablecoin
Third country CCPs
Third-country external reviewers
Token
Tokenisation
Use of proceeds
Wallet
White paper
* EMIR Reporting
Benchmark
Best Execution
Credit rating agencies
Equity transparency
General questions - Book-entry form
General questions - Counterparty
Public offer
Scope
Scope
Securitisation
UCITS eligible assets and investment restrictions
* EMIR Art.9 reporting
Benchmarks
CRA Regulation
Definitions
Definitions
General questions - Other topics
General questions - Settlement periods
Initial Public Offer/IPO
Non-equity transparency
Securitisation Regulation
Suitability
UCITS global exposure
AIFMD scope
Appropriateness
Benchmarks Regulation
Credit rating disclosures
Determination of net short position
Equity
Exemption for monetary and public debt management activities
General questions - Other topics
OTC derivatives
OTC Derivatives questions - Definition of OTC derivatives
Pre-trade transparency waivers
Securitisation Repositories
AIFMD reporting
BMR
Credit rating press release
CSD questions - Authorisation of CSDs
Double volume cap
ESMA70-1861941480-52 Questions and Answers Implementation of the Regulation (EU) No 648/2012 on OTC derivatives, central counterparties and trade repositories (EMIR)
Financial reporting
Inside information, public disclosure and delayed disclosure of inside information
OTC Derivatives questions - Clearing thresholds
Recording of telephone conversations and electronic communications
STS Securitisations
Transparency of net short positions
Climate Benchmarks
CSD questions - Supervision of CSDs
EMIR Intragroup exemption
Insider dealing and legitimate behaviour, including market soundings
MMF
Non-Equity
OTC Derivatives questions - Clearing obligation
Preliminary ratings
Record keeping
STS Notifications
Systematic internaliser regime
Uncovered short sales
Contribution
CSD questions - CSD core and ancillary services (other than banking-type ancillary services)
Data reporting services providers
ESG ratings
EuVECA
Exemptions: third-country shares
Investment advice on an independent basis
Market manipulation, including buy-back programmes and stabilisations
OTC Derivatives questions - Bilateral margining
Passporting
reporting of exposures
Securitisation Disclosure Templates
Accepted market practices and liquidity contracts for SMEs
Critical Benchmarks
CSD questions - Provision of banking-type ancillary services, including cash settlement
EuSEF
Exemptions: market makers and primary operations
OTC Derivatives questions - Intragroup exemption
Reducing Reliance on Ratings
Registration Document
reporting of notional amounts
Third country issues
Third-Party Verifiers
Underwriting and placing
CSD questions - Provision of services in another Member State
ECAI Mapping
ELTIF
EURIBOR
frequency of derivatives reports
Inducements (research)
OTC Derivatives questions - Risk mitigation techniques (other than bilateral margining)
Position limits
Powers of NCAs and ESMA: short-selling bans and other emergency measures
Prevention and detection of market abuse, including STORs
Securities Note
Structured Finance Instruments
Ancillary activity
Cleared derivatives
CSD questions - Third-country CSDs
IBORs
Information to clients on costs and charges
Insider lists
Leverage
OTC Derivatives questions - Indirect clearing
Other SSR-related topics
Prospectus Register
Sovereign Bond Backed Securities (SBBS)
Sovereign Ratings
Capital requirements
CSD questions - Organisational requirements (governance arrangements, record keeping, outsourcing, user committee)
EU Growth Prospectus
Information to clients on topics other than costs and charges
IOSCO C6
LIBOR
Managers' transactions
OTC Derivatives questions - Other
Position reporting
REFIT
Client categorisation
CSD questions - Conduct of business rules (participation criteria, transparency, communication procedures)
Delegation
Investment recommendations and statistics and disclosure of information on the media
Mandatory Contribution / Administration
Mandatory delegation of reporting
MiFIR questions - Indirect clearing
Position management controls
Risk factors
Third country CRA
Allocation of responsibility
CSD questions - Requirements for CSD services (reconciliation measures, asset segregation, settlement finality, participant default rules and procedures)
Direct Electronic Access and algorithmic trading
Endorsement and equivalence
Inducements
Methodology
MiFIR questions - Straight through processing (timing of acceptance for clearing)
NCAs powers under MAR and cooperation with ESMA and other authorities, including annual report on MAR sanctions
Remuneration
Universal Registration Document/URD
Base Prospectus/Final terms
CSD questions - Prudential requirements (risk-management framework)
Inducements
Mechanistic reliance
MiFIR Questions - Other
Other MAR-related topics
Provision of investment services and activities by third country firms
Registration/Authorisation
Tick size regime
Validation rules
Costs and fees
CSD questions - Requirements for CSD links
Multilateral and bilateral systems
Product governance
Secondary issuance prospectus
Significant Benchmarks
TRACE
* Trade Repositories
Access to CCPs and trading venues
Content of prospectus
CSD questions - Access to CSDs
Disclosures
Product intervention
Third-Country Regimes
CSDR questions - Other topics
Fall Back Provisions
inter TR Reconciliation process
Publication of prospectus
Remuneration
Risk management
Liquidity stress testing
Prospectus Summary
reporting of counterparty side
Reporting to clients
Settlement discipline - Measures to prevent settlement fails
Efficient portfolio management (EPM) techniques
NCAs' onboarding
Notifications of major shareholdings
Safeguarding of client assets
Settlement discipline - Monitoring settlement fails
Outsourcing
Reporting at position level
Settlement discipline - Cash penalties: scope
Share classes
Transparency
Alternative Performance Measures (APM)
Control functions (Compliance, Risk and Audit)
Depositaries
Settlement discipline - Cash penalties: process
Variation margin
Conflicts of interests
Entity Responsible for Reporting
ETFs
Settlement discipline - Buy-in: scope
* SFTR (Securities Financing Transactions)
Cross-border distribution of funds
Settlement discipline - Buy-in: process
* SFTR Art. 4
Settlement discipline - Buy-in: cash compensation, buy-in costs and price difference
Settlement discipline - Other topics
SFTR LEI statement
Internalised settlement - Scope
SFTR Covid-19 statement
Internalised settlement - Reporting parameters
Securities lending and borrowing (SLB)
Internalised settlement - Other topics
Sell buy back/ buy sell back (SBB/BSB)
reuse of collateral
Repo
Margin lending
frequency of SFT reporting
Settlement fails
Net exposure collateral
Lombard loans
* Market Data Reporting
ISO20022/XML schemas
* UTI (Unique Trade Identifier)
* ETD (Exchange Traded Derivative)
* UPI (Unique product Identifier)
* LEI (Legal Entity Identifier)
ANNA
DSB
GLEIF
ISIN
Underlying instrument
Record keeping
CLC
Back-reporting
MAR Article 4
CONCAT
ESMA70-1861941480-56 Questions and Answers on MiFIR reporting
* ARM (approved Reporting Mechanism)
APA
CTP
DRSP
* Transaction reporting
Admission to trade
RCA determination
ToTV
TVTIC
MIC
Instrument Reference data
FIRDS
National client identifier
* Reference data
* Market Monitoring
Decision maker
Buyer/Seller
Portfolio management
Corporate actions
CFI validations
Clock syncronisation

ESGR - Regulation (EU) 2024/3005 (6)
EU Green Bond Regulation (EU) 2023/2361 (0)
MiCA (43)
Regulation (EU) 2019/2088 - Sustainable Finance Disclosure Regulation (SFDR) (8)
Regulation (EU) 2022/2554 - The Digital Operational Resilience Act (DORA) (41)
Regulation (EU) 2022/858 - DLT Pilot Regime Regulation (DLTR) (35)
Alternative Investment Fund Managers Directive (AIFMD) Directive 2011/61/EU (41)
Benchmarks Regulation (BMR) - Regulation 2016/1011 (55)
Central Securities Depositories Regulation (CSDR) Regulation (EU) No 909/2014- PTR- CSDR (31)
Consolidated Admissions and Reporting Directive (CARD) Directive 2001/34/EC (0)
Credit Rating Agencies Regulation (CRAR) Regulation (EC) No 1060/2009 (17)
Cross-border distribution of funds - Regulation (EU) 2019/1156 (0)
Directive 2014/65/EU - Markets in Financial Instruments Directive (MiFID II) (15)
ESG Disclosures - Regulation (EU) 2019/2088 (0)
European Long-Term Investment Funds Regulation (ELTIF) Regulation (EU) 2015/760 (19)
European Market Infrastructure Regulation (EMIR) Regulation (EU) No 648/2012- MDP (13)
European Market Infrastructure Regulation (EMIR) Regulation (EU) No 648/2012- PTR- Derivatives (1)
European Market Infrastructure Regulation EMIR (Refit) - Regulation (EU) 2019/834- PTR- Derivatives (0)
European Social Entrepreneurship Funds Regulation (EuSEF) Regulation (EU) No 346/2013 (6)
European Venture Capital Regulation (EuVECA) Regulation (EU) No 345/2013 (1)
Investor Compensation Scheme Directive (ICSD) Directive 97/9/EC (0)
Market Abuse Directive II (MAD II) Directive 2014/57/EU - Market Intergrity (0)
Market Abuse Regulation (MAR) Regulation (EU) No 596/2014 - MDP (0)
Market Abuse Regulation (MAR) Regulation (EU) No 596/2014 - Market Intergrity (47)
Markets in Financial Instruments Directive II (MiFID II) Directive 2014/65/EU- Investor Protection and Intermediaries (136)
Markets in Financial Instruments Directive II (MiFID II) Directive 2014/65/EU- MDP (3)
Markets in Financial Instruments Directive II (MiFID II) Directive 2014/65/EU- Secondary Markets (141)
Markets in Financial Instruments Regulation (MiFIR) Regulation (EU) No 600/2014 - Investor Protection and Intermediaries (41)
Markets in Financial Instruments Regulation (MiFIR) Regulation (EU) No 600/2014- MDP (59)
Markets in Financial Instruments Regulation (MiFIR) Regulation (EU) No 600/2014- PTR- Derivatives (0)
Markets in Financial Instruments Regulation (MiFIR) Regulation (EU) No 600/2014- Secondary Markets (64)
Money Market Fund (MMF) Regulation (EU) 2017/1131 (0)
Packaged Retail and Insurance-based Investment Products Regulation (PRIIPS) Regulation (EU) No 1286/2014 (1)
Prospectus Regulation 2017/1129 (93)
Regulation 2020/1503 - European crowdfunding service providers for business (63)
Regulation 2021/23 - recovery and resolution of central counterparties (CCPRRR) (5)
Regulation 600/2014 - Markets in Financial Instruments Regulation (MiFIR) (0)
Regulation 648/2012 - OTC derivatives, central counterparties and trade repositories (EMIR) - CCPs (51)
Securities Financing Transactions Regulation (SFTR) Regulation (EU) 2015/2365- MDP (19)
Securitisation Regulation (EU) 2017/2402 (221)
Settlement Finality Directive (SFD) Directive 98/26/EC - PTR- CSDR (0)
Short Selling Regulation (SSR) Regulation (EU) No 236/2012 (72)
Transparency Directive (TD) Directive 2004/109/EC (43)
Undertakings for Collective Investment in Transferable Securities Directive (UCITS) Directive 2009/65/EC (140)