UK and EU Regulators Sign MoU on Critical Third-Party Oversight
UK regulators, including the Bank of England, have signed a Memorandum of Understanding with European Supervisory Authorities to enhance cooperation and oversight of critical third parties. This framework coordinates information sharing on CTPs under the UK regime and CTPPs under the EU's DORA, particularly during incidents.
Coordinating Cross-Border Resilience
The Memorandum of Understanding establishes a framework for coordinating and sharing information on the oversight of Critical Third Parties (CTPs) under the UK regime and Critical Third Party Providers (CTPPs) under the EU's Digital Operational Resilience Act (DORA).
This cooperation extends to incidents such as power outages or cyber-attacks, aiming to manage financial stability risks and strengthen international collaboration while reducing regulatory burden.
Bolstering UK Resilience Framework
The UK's CTP regime, which became effective on January 1, 2025, introduced new rules to bolster the resilience of critical third parties providing key services to the financial sector.
HM Treasury is responsible for designating CTPs, which are then required to provide regular assurance, undertake resilience testing, and report major incidents.
This regime complements existing firm responsibilities for operational resilience.