Structure and format of information provided by critical ICT third-party service providers


  1. The critical ICT third-party service provideran ICT third-party service provider designated as critical in accordance with Article 31 shall provide the requested information to the Lead Overseerthe European Supervisory Authority appointed in accordance with Article 31(1), point (b) of this Regulation through the dedicated secure electronic channels indicated by the Lead Overseerthe European Supervisory Authority appointed in accordance with Article 31(1), point (b) of this Regulation in its request.

  2. When providing information to the Lead Overseerthe European Supervisory Authority appointed in accordance with Article 31(1), point (b) of this Regulation, the critical ICT third-party providers shall:

    1. follow the structure indicated by the Lead Overseerthe European Supervisory Authority appointed in accordance with Article 31(1), point (b) of this Regulation in its information request;

    2. clearly locate the relevant piece of information in the submitted documentation.

  3. Information submitted, disclosed or reported to the Lead Overseerthe European Supervisory Authority appointed in accordance with Article 31(1), point (b) of this Regulation by the critical ICT third-party service provideran ICT third-party service provider designated as critical in accordance with Article 31 shall be in English.