RTS on harmonisation of conditions for oversight conduct

Commission Delegated Regulation (EU) 2025/295 of 24 October 2024 supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to regulatory technical standards on harmonisation of conditions enabling the conduct of the oversight activities

This delegated regulation defines oversight requirements for ICT third-party service providers under DORA. It mandates critical providers to submit detailed information on their operations, market impact, and security frameworks. It also addresses subcontracting, risk management, and compliance monitoring by competent authorities to support resilience across the financial sector.