DORA for FinTech companies not under Supervisory Authority

If DORA doesn’t directly apply to your company but you are a FinTech provider and your customers falls under DORA and you are an important service for your customers, they will be responsible for managing potential risk to the services you provide. They need to both handle the risk proactively and be prepared to report incidents in a quick, comprehensive and correct manner in case your service has interruptions or issues that affect their operations. Therefore, we strongly recommend that you proactively help your customers, by:

• understand which parts of DORA apply to you

• make sure to meet the requirements imposed on your product and organization

• proactively reach out to your customers and show them that you are on top of DORA and help them by providing data about your company and product that they will need to their third-party provider information register