Source: OJ L, 2024/1773, 25.6.2024

Current language: EN

Article 2 Group application


Summary What does Article 2 of the RTS on ICT third-party service provider policy say?

This is a notably brief article that deals specifically with group-level application of the regulation.

It connects directly to Article 1, extending the policy requirements established there to situations where the regulation applies on a consolidated or sub-consolidated basis.

In essence, it assigns responsibility to the parent undertaking to ensure the policy is applied consistently across all financial entities within the group.

Important points:

  • Where this regulation applies at group level, ensure the policy is implemented consistently across all financial entities within the group.
  • The obligation falls on the parent undertaking responsible for providing the consolidated or sub-consolidated financial statements.
  • The policy must be adequate for effective application of this regulation at all relevant levels of the group.

Springlex's summary of the article, a reading aid, not a substitute for the legal text.

Where this Regulation applies on a sub-consolidated or consolidated basis, the parent undertaking that is responsible for providing the consolidated or sub-consolidated financial statements for the group shall ensure that the policy is implemented consistently in all financial entities that are part of the group and is adequate for the effective application of this Regulation at all relevant levels of the group.

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod