The EU’s DORA regulation requires financial institutions to maintain a register of all their ICT providers. We have developed a solution, in collaboration with one of the largest financial institutions in the Nordics, to ensure this is done correctly and efficiently.
Banks, insurance companies, and other financial institutions must have full control over their ICT providers when the EU’s DORA regulations take effect on January 17, 2025. With 20 years of experience in contract management and supplier oversight, it’s only natural that House of Control now assists our clients in complying with the fourth pillar of DORA: Managing third-party risk. In partnership with one of the largest financial institutions in the Nordics, we are developing a solution to help you gain full control over your suppliers.
If you’re reading this, you probably already know that the Digital Operational Resilience Act (DORA) mandates that most financial institutions must now adhere to a common set of ICT security requirements. There are five pillars to these requirements:
Of the five pillars of DORA listed above, we will focus on the fourth – managing third-party risks related to financial institutions’ ICT providers. The regulation has specific rules regarding supplier management, including requirements for handling risks associated with using third-party services.
Before a financial institution enters into an agreement with an ICT provider, it must conduct a series of assessments and evaluations related to that provider. Agreements can only be made with providers that meet relevant information security standards.
Let’s take a closer look at the specific requirements for financial institutions' external ICT services. DORA mandates the following:
At House of Control, we excel at creating practical ICT solutions for compliance with complex regulations, according to our clients. We have partnered with one of the largest financial institutions in the Nordics to develop a solution tailored to the requirements of DORA’s fourth pillar – managing third-party risks related to external ICT providers.
Our system, Complete Control, will offer a solution for recording information related to contracts, suppliers, and subcontractors to manage third-party risk. The solution will also help our customers track and maintain visibility into their entire supply chain for all contracts, including those covered by DORA.
At House of Control, we have nearly 2,000 customers using our cloud-based solutions to professionalize contract management and supplier oversight. Among our specialized tools, you’ll also find solutions for IFRS 16 lease agreements, CSDDD supplier assessments, and the EBA register for outsourced fintech in banks.
In addition to supporting DORA compliance, we help you keep track of all your company’s contracts, obligations, and suppliers, all within one system. This brings a host of benefits:
DORA can lead to more than just regulatory compliance. Contract management and supplier oversight are simply of strategic importance – enabled by smart technology from House of Control, where our customers have been at the forefront of innovation for nearly 20 years.
Book a digital demo of our solution for DORA