Source: OJ L, 2024/1505, 30.5.2024

Current language: EN

Article 4 Oversight fees in year of designation and opt-in requests


Summary What does Article 4 of the Oversight fees say?

This article sets out transitional and special fee arrangements that operate as exceptions to the standard fee calculation method established in Article 3.

It covers three distinct scenarios: how fees are split when the very first list of critical ICT third-party service providers is published, how fees are calculated for a provider newly designated as critical mid-year, and what happens when a provider voluntarily opts in to be designated as critical.

In each case, the normal turnover-based formula is set aside in favour of simpler, fixed approaches.

Important points:

  • For the first published list of critical ICT third-party service providers, fees are split equally among all designated providers, rather than being calculated on the basis of individual turnover.
  • If you are newly designated as critical part-way through a year, your fee is pro-rated based on the number of calendar days remaining from your designation until the end of that year.
  • If you voluntarily request designation as critical, pay a fixed opt-in fee of EUR 50,000 — this fee is non-refundable, even if the request is rejected or withdrawn.

Springlex's summary of the article, a reading aid, not a substitute for the legal text.

    1. By way of derogation from Article 3, for the first published list of designated critical ICT third-party service providers as per Article 31(9) of Regulation (EU) 2022/2554, the oversight fees shall be equally split among the designated critical ICT third-party service providers. The fee to be charged to each critical ICT third-party service provider shall be calculated by dividing the overall estimated expenditure of the Lead Overseers with the number of designated critical ICT third-party service providers.

    1. By way of derogation from Article 3 and paragraph 1 above, for the first year in which an ICT third-party service provider is designated as critical, it shall pay a fixed oversight fee which is equal to the amount paid by each ICT third party service provider under paragraph 1. Where the period of the oversight activities of such critical ICT third-party service provider does not correspond to a full year, that oversight fee shall be equal to the amount paid by each ICT third-party service provider under paragraph 1, multiplied by the number of calendar days from the designation of the ICT third-party service provider as critical until the end of that year and divided by the total number of days in that year.

    1. Where an ICT third-party service provider requests to be designated as critical in accordance with Article 31(11) of Regulation (EU) 2022/2554, it shall pay a fixed opt-in fee of EUR 50 000. The recipient ESA shall not reimburse that fixed opt-in fee where the request to be designated as critical is rejected or withdrawn by the ICT third-party service provider.

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod