Question ID: DORA 203 - 3272
Regulation Reference: (EU) 2022/2554 - Digital Operational Resilience Act (DORA)
Topic: Register of Information (DORA)
Article: N/A
Status: Rejected
Date of submission: 27 Feb 2025
Question
Expression for the validation rule v8821_m: with{tB_05.01, default:0, interval: false}: if({c0020} = [eba_qCO:qx2000]) then ( (match({c0030}, "^[A-Z0-9]{18}[0-9]{2}$"))) endif Question: The check on ‘Additional’ identification code (c0030) based on the type of the original identifier (c0020) looks incorrect because they correspond to two different identifiers. The check on ‘Identification code of ICT third-party service provider’ (c0010) based on c0020 will be appropriate. Can this be looked at and fixed?
Background of the question
Interpretation of this validation rule: if the value of 'Type of code to identify the ICT third-party service provider' is equal to 'LEI', then 'Additional identification code of the ICT third-party service provider' must be a string that consists of exactly 18 uppercase letters or digits followed by exactly 2 digits. If 'LEI of the entity making use of the ICT service(s)' is not equal to 'LEI', the condition does not apply, and there is no requirement for 'Additional identification code of ICT third-party service provider'
EIOPA answer
This question has been rejected because it does not relate to the consistent and effective application of the legal framework covered by this Q&A process. Validation rules have been developed as part of the preparations for the reporting of DORA registers of information. They are subject to change when a change is introduced, following the dedicated process, in the DPM. The specific rule referred to in the question was deactivated in March 2025 following the update of the DPM for the first reporting.