CELEX:32024R1348R(03)

This is a corrigendum to the Digital Operational Resilience Act (DORA) Delegated Regulation 2024/1348, published on 6 May 2026. It corrects technical errors in the original text, specifically in Annex I, which details the template for the register of information and contractual arrangements related to ICT third-party service providers. The corrections ensure the template aligns with the legal requirements of DORA, fixing inconsistencies in data fields and formatting.

The corrigendum affects all financial entities within the DORA scope, including banks, investment firms, payment institutions, insurance companies, and critical ICT third-party service providers. These organizations must update their existing registers to reflect the corrected template, as the original version may have led to non-compliant submissions.

Compliance teams should immediately review the corrected Annex I against their current ICT third-party register. They must update internal templates, data collection processes, and any automated reporting tools to match the revised fields. A gap analysis should be conducted to identify any discrepancies, and training for relevant staff on the corrected requirements should be prioritized. Timely action is essential to avoid regulatory scrutiny during the next reporting cycle.