European and British regulators sign agreement on digital resilience
European Supervisory Authorities and their counterparts in the United Kingdom have signed a memorandum of understanding, aiming to enhance the oversight of critical ICT third-party service providers.
The agreement involves the EBA, EIOPA and ESMA along with the Bank of England, the Prudential Regulation Authority, and the Financial Conduct Authority.
This specific agreement enhances the cooperation between the authorities to oversee critical ICT third-party service providers as required by the Digital Operational Resilience Act.
The Memorandum of Understanding establishes clear principles and procedures for cooperation, information sharing and coordination of oversight activities between the relevant authorities responsible for European Union and United Kingdom oversight.
The agreement aims at enhancing third-party risk management and contributing to the overall operational resilience of the financial sector in the European Union and United Kingdom through strong cross-border cooperation.
The legal basis for the document shows it has been prepared in accordance with DORA Articles 36, 44, and 49, which cover the oversight powers of the authorities.
These specific articles also address international cooperation and financial cross-sector exercises, communication and cooperation.
To exchange information with a third-country authority, the authorities must ensure that the confidentiality and professional secrecy regime in the third country is equivalent to that in the European Union.
The European authorities conducted an assessment that confirmed the United Kingdom confidentiality and professional secrecy regime’s equivalence with that in the act before signing the agreement.
“The MoU establishes clear principles and procedures for cooperation, information sharing and coordination of oversight activities between the relevant authorities responsible for EU CTPPs/UK CTPs oversight” the organisations stated.
“The MoU aims at enhancing third-party risk management and contributing to the overall operational resilience of the financial sector in the EU and UK through strong cross-border cooperation” the authorities added.
“To exchange information with a third-country authority, the ESAs must ensure that the confidentiality and professional secrecy regime in the third country is equivalent to that in the EU” the regulators noted.
“Therefore, before signing this MoU, the ESAs conducted an assessment that confirmed the UK confidentiality and professional secrecy regime’s equivalence with that in DORA” the official announcement confirmed.