Article 4 Criticité ou importance des fonctions

Summary What does Article 4 of the Criteria for designating critical service providers say?

This brief article addresses one specific criterion from the broader two-step designation framework established across this regulation.

Notably, as explained in Article 1, criterion (c) of Article 31(2) of DORA has no standalone "step 1" assessment — instead, it relies on the step 1 findings from the other criteria.

Article 4 therefore deals exclusively with the "step 2" assessment for that criterion, focusing on whether the ICT services provided by the third-party provider are of a critical nature to the activities of the financial entities they serve.

Important points:

The ESAs are required to assess whether the ICT services supporting critical or important functions of financial entities are themselves of a critical nature to those financial entities' activities.
This article applies only at step 2, with no independent step 1 threshold to meet — making it unique within this regulation's assessment framework.
The ESAs carry the obligation here, not the financial entities themselves.

Springlex's summary of the article, a reading aid, not a substitute for the legal text.

Lorsqu’elles appliquent le critère visé à l’article 31, paragraphe 2, point c), du règlement (UE) 2022/2554, les AES effectuent leur évaluation à l’aune du sous-critère «étape 2» suivant:

sous-critère 3.1: le service TIC fourni en définitive par le même prestataire tiers de services TIC à l’appui de fonctions critiques ou importantes d’entités financières est de nature critique pour les activités de ces entités.

Table of contents

Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.