Source: OJ L 333, 27.12.2022, pp. 153–163Current language: EN
- Digital operational resilience in the financial sector
Basic legislative acts
- DORA directive
Article 3 Amendment to Directive 2011/61/EU
Summary What does Article 3 of the DORA directive say?
This article replaces Article 18 of Directive 2011/61/EU (the AIFMD), which sets out the general operational principles for Alternative Investment Fund Managers (AIFMs).
The amendment integrates DORA (Regulation (EU) 2022/2554) directly into the AIFMD framework, meaning that AIFMs must now set up and manage their network and information systems in accordance with DORA.
Alongside this digital resilience requirement, AIFMs must maintain sound administrative and accounting procedures and internal control mechanisms, including rules governing personal transactions by employees.
The article also clarifies that the Commission retains the power to adopt delegated acts specifying further procedural requirements, but explicitly carves out network and information systems from the scope of those delegated acts, since those are now governed by DORA.
Important points:
- As an AIFM, ensure your network and information systems are set up and managed in accordance with DORA.
- Maintain adequate internal controls capable of fully reconstructing each AIF transaction and ensuring assets are invested in line with applicable rules.
- The Commission's delegated act-making powers for procedures and arrangements under this article explicitly exclude anything related to network and information systems.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
Article 18 of Directive 2011/61/EU is replaced by the following:
‘Article 18
General principles
Member States shall require that AIFMs use, at all times, adequate and appropriate human and technical resources that are necessary for the proper management of AIFs.
In particular, the competent authorities of the home Member State of the AIFM, having regard also to the nature of the AIFs managed by the AIFM, shall require that the AIFM has sound administrative and accounting procedures, control and safeguard arrangements for electronic data processing, including with regard to network and information systems that are set up and managed in accordance with Regulation (EU) 2022/2554 of the European Parliament and of the Council(17), as well as adequate internal control mechanisms, including, in particular, rules for personal transactions by its employees or for the holding or management of investments in order to invest on its own account and ensuring, at least, that each transaction involving the AIFs may be reconstructed according to its origin, the parties to it, its nature, and the time and place at which it was effected and that the assets of the AIFs managed by the AIFM are invested in accordance with the AIF rules or instruments of incorporation and the legal provisions in force.
The Commission shall, by means of delegated acts in accordance with Article 56 and subject to the conditions of Articles 57 and 58, adopt measures specifying the procedures and arrangements referred to in paragraph 1 of this Article, other than the procedures and arrangements concerning network and information systems.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Definition
network and information system
Footnote 17