IBM officially named critical third‑party provider under EU’s DORA

IBM has been officially designated by the European Banking Authority (EBA), European Insurance and Occupational Pensions Authority (EIOPA), and European Securities and Markets Authority (ESMA) — collectively the European Supervisory Authorities (ESAs) — as a “critical ICT third‑party provider” under the Digital Operational Resilience Act (DORA). DORA is an EU regulation aimed at ensuring that financial entities — such as banks, insurers, and investment firms — and their third‑party ICT providers are resilient to technology disruptions, including cyberattacks or system failures. Being added to the official list of critical providers means IBM is now subject to direct supervision by the ESAs. For IBM, this acknowledges its long‑standing role supporting financial institutions worldwide and underscores its importance in maintaining the stability and security of Europe’s financial infrastructure. For clients — financial firms relying on IBM’s services — the new status signals that IBM will work closely with regulators to ensure compliance, operational resilience, and robust cybersecurity. IBM has committed to supporting its clients in meeting their own DORA obligations, while continuing to invest in security, governance, and infrastructure resilience globally. #EURegulation #DORA #IBMSecurity #FinancialResilience #SlimScan #GrowthStocks #CANSLIM