ESAs Opinion on RoI ITS Rejection (JC 2024 75)

Abstract

Opinion issued by the ESAs Joint Committee following the European Commission’s rejection of the draft ITS on standard templates for the DORA register of information (Article 28(9)). The Opinion addresses the Commission’s proposal to allow EU-registered ICT third-party service providers to be identified using either the LEI or the EUID (instead of mandatory LEI), explains impacts on implementation and reporting burden, and proposes related technical and editorial amendments to operationalise a dual-identifier approach while recommending prioritisation of LEI where available.

Key Takeaways

• ✓
  Explains the legal and supervisory role of the DORA register of information (Article 28(3)) and its objectives, including supporting third-party ICT risk supervision and critical ICT third-party provider designation.
• ✓
  Responds to the European Commission’s rejection of the draft ITS based on mandatory LEI use for EU-registered ICT third-party service providers, with the Commission proposing an LEI/EUID choice for EU entities.
• ✓
  Argues that introducing EUID alongside LEI increases implementation complexity and reporting burden for financial entities and competent authorities, and reduces synergies with other supervisory reporting regimes.
• ✓
  Recommends maintaining simplicity and efficiency by using LEI as the common identifier; if EUID is introduced, proposes additional data fields (e.g., provider name in Latin alphabet and additional identification code/type) and prioritising LEI when both exist.
• ✓
  Includes further technical/editorial changes informed by the ESAs’ 2024 ‘dry run’ exercise to improve reporting instructions and consistency with sectoral prudential reporting.

Keywords