Article 47, Cooperation With Structures And Authorities Established By Directive (EU) 2022/2555, Digital Operational Resilience Act (DORA)

Overview

1. To foster cooperation and enable supervisory exchanges between the competent authorities designated under this Regulation and the Cooperation Group established by Article 14 of Directive (EU) 2022/2555, the ESAs and the competent authorities may participate in the activities of the Cooperation Group for matters that concern their supervisory activities in relation to financial entities. The ESAs and the competent authorities may request to be invited to participate in the activities of the Cooperation Group for matters in relation to essential or important entities subject to Directive (EU) 2022/2555 that have also been designated as critical ICT third-party service providers pursuant to Article 31 of this Regulation.

2. Where appropriate, competent authorities may consult and share information with the single points of contact and the CSIRTs designated or established in accordance with Directive (EU) 2022/2555.

3. Where appropriate, competent authorities may request any relevant technical advice and assistance from the competent authorities designated or established in accordance with Directive (EU) 2022/2555 and establish cooperation arrangements to allow effective and fast-response coordination mechanisms to be set up.

4. The arrangements referred to in paragraph 3 of this Article may, inter alia, specify the procedures for the coordination of supervisory and oversight activities in relation to essential or important entities subject to Directive (EU) 2022/2555 that have been designated as critical ICT third-party service providers pursuant to Article 31 of this Regulation, including for the conduct, in accordance with national law, of investigations and on-site inspections, as well as for mechanisms for the exchange of information between the competent authorities under this Regulation and the competent authorities designated or established in accordance with that Directive which includes access to information requested by the latter authorities.

Summary Of Article 47

Article 47 of the Digital Operational Resilience Act (DORA) emphasizes the need for cooperation and collaboration among competent authorities, the Cooperation Group under Directive (EU) 2022/2555, and the European Supervisory Authorities (ESAs). This fosters efficient supervisory exchanges on matters relating to financial entities, particularly those designated as critical ICT third-party service providers. The article establishes mechanisms for sharing information, consulting on technical advice, and setting up fast-response coordination arrangements. It specifies the procedures for supervising and overseeing these entities, including investigations, inspections, and access to shared information. This cooperative framework aims to enhance resilience against cyber threats and ensure robust oversight of essential entities.