The European Supervisory Authorities (EBA, EIOPA and ESMA - ESAs) today published three vacancy notices in the context of the Digital Operational Resilience Act (DORA).
This announcement comes as part of the establishment of a fully integrated team within the 3 ESAs (“joint oversight team”) to carry out the oversight of critical third-party providers (CTPPs) required by DORA. The team will include a Director, Legal Experts and ICT Risk Experts.
Recruitment
The joint oversight team will be led by 30 staff across the ESAs and will be complemented by experts from competent authorities.
Apply by 13 May to the first positions advertised today:
- Director ;
- Legal Expert – Legal and Compliance;
- ICT Risk Expert – ICT audit or supervision/ ICT risk management / Information Security
Process
The DORA framework introduces an oversight framework for critical ICT third party service providers.
In practice, one of the three European Supervisory Authorities will act as a Lead Overseer and will coordinate the oversight work. Its role encompasses requesting information from CTPPs, conducting off-site investigations and onsite inspections, imposing penalties and issuing recommendations.
Background
The Digital Operational Resilience Act (Regulation 2023/2554, or “DORA”) applicable from January 2025 establishes a comprehensive framework for fostering the digital operational resilience of all EU financial entities. It foresees that ICT third-party service providers who provide ICT services to financial entities and are identified as critical (critical third-party providers – CTPPs) will be subject to an oversight at the EU level.
Details
- Publication date
- 9 April 2024