Article 1Note: This article is based on the final draft from the ESAs and is not yet adopted. Information to be provided by ICT third-party service provider in the application for a voluntary request to be designated as critical
-
For the purpose of Article 31(11) of Regulation (EU) 2022/2554, the information to be provided by an ICT third-party service provideran undertaking providing ICT services in the reasoned application for a voluntary request to be designated as critical in accordance with Article 31(1), point (a), of Regulation (EU) 2022/2554 shall include all of the following:
-
name of the legal entity;
-
legal entity identification code;
-
country where the legal entity has registered office;
-
description of the corporate structure including at least the following information on its parent company and other related undertakings to the applicant ICT third-party service providersan undertaking providing ICT services providing ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services to Union financial entitiesas defined in Article 2, points (a) to (t), where applicable;
-
name of the legal entities;
-
legal entity identification code,;
-
country where the legal entity has registered office;
-
-
an estimation of the market share of the ICT third-party service provideran undertaking providing ICT services in the Union financial sector and estimation of market share per type of financial entity as referred to in Article 2(1) of Regulation (EU) 2022/2554 as of the year of application and the year before application;
-
a clear description of each ICT service provided by the ICT third-party service provideran undertaking providing ICT services to Union financial entitiesas defined in Article 2, points (a) to (t) including:
-
a description of the nature of business and the type of ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services provided to financial entitiesas defined in Article 2, points (a) to (t);
-
a list of the functions of financial entitiesas defined in Article 2, points (a) to (t) supported by the ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services provided, where available;
-
information whether the ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services provided to financial entitiesas defined in Article 2, points (a) to (t) support critical or important functionsa function the disruption of which would materially impair the financial performance of a financial entity, or the soundness or continuity of its services and activities, or the discontinued, defective or failed performance of that function would materially impair the continuing compliance of a financial entity with the conditions and obligations of its authorisation, or with its other obligations under applicable financial services law, where available;
-
-
a list of financial entitiesas defined in Article 2, points (a) to (t) that make use of the ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services provided by the ICT third-party service provideran undertaking providing ICT services, including the following information for each of the financial entity serviced, where available:
-
name of the legal entity;
-
legal entity identification code, where known to the ICT third-party service provideran undertaking providing ICT services;
-
type of financial entity as specified in Article 2(1) of Regulation 2022/2554;
-
the geographic location of the legal entity, from which ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services are provided, where available;
-
-
a list of the critical ICT third-party service providersan ICT third-party service provider designated as critical in accordance with Article 31 included in the latest available list of such providers published by the ESAsEuropean Supervisory Authority pursuant to Article 31(9) of Regulation (EU) 2022/2554 that rely on the services provided by the applicant ICT third-party service provideran undertaking providing ICT services, where available;
-
a self-assessment by the ICT third-party service provideran undertaking providing ICT services including the following:
-
the degree of substitutability for each ICT service provided by the ICT third-party service provideran undertaking providing ICT services considering:
-
the market share of the ICT third-party service provideran undertaking providing ICT services in the Union financial sector;
-
the number of known relevant competitors per type of ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services, or groupa group as defined in Article 2, point (11), of Directive 2013/34/EU of ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services;
-
description of specificities relating to the ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services offered, including in relation to any proprietary technology, or the specific features of the ICT third-party service provider’s organisation or activity;
-
-
knowledge about the availability of the alternative ICT third-party service providersan undertaking providing ICT services to provide the same ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services as the ICT third-party service provideran undertaking providing ICT services submitting the application;
-
-
information on future strategy and investment plans in relation to the provision of ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services and infrastructure to financial entitiesas defined in Article 2, points (a) to (t) in the Union, including any planned changes in the groupa group as defined in Article 2, point (11), of Directive 2013/34/EU or management structure, entry into new markets or activities;
-
information on subcontractors which have been designated as critical ICT third-party service providersan ICT third-party service provider designated as critical in accordance with Article 31 pursuant to Article 31(1), point (a), of Regulation (EU) 2022/2554;
-
other reasons relevant for the ICT third-party service provider’s application to be designated as critical.
-
-
Where the ICT third-party service provideran undertaking providing ICT services belongs to a groupa group as defined in Article 2, point (11), of Directive 2013/34/EU, the information referred to in paragraph 1 shall be provided in relation to the ICT servicesdigital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services provided by the groupa group as defined in Article 2, point (11), of Directive 2013/34/EU as a whole.
-
As part of their review of the application received from the ICT third-party service provideran undertaking providing ICT services, the ESAsEuropean Supervisory Authority may request clarifications of the information submitted.