In 2999 - DORA030 - EIOPA, clarifications were provided on what types of services should be considered ICT services under DORA. It indicates that “In the case that financial entities provide ICT services to other financial entities in connection to their financial services, the receiving financial entities should assess whether i) the services constitute an ICT service under DORA, and ii) whether the providing financial entities and the financial services they provide are regulated under Union law or any national legislation of a Member State or of a third country.” We would appreciate further clarifications regarding the following: • Could you please confirm whether “financial entities” in the context of the provided answer is referring to financial entities within the meaning of article 2, paragraph 2 of the DORA Regulation? Such an interpretation seems consistent with recital 63 of the DORA Regulation. However, as the financial entities are by definition established in the Union, it is unclear to us in which hypothesis they might be regulated under the legislation of a third country. • Could you please confirm whether, for a financial entity to not be considered an ICT third party service provider of an ICT service within the meaning of articles 3(19) and 3(21) DORA, it would suffice that a Member State or a third country regulates a financial service that is related to the ICT service it provides, even if such legislation would not be equivalent to Union law (e.g. DORA regulation)?