A cornerstone of this regulation is the Legal Entity Identifier (LEI), required for ICT service providers to ensure transparency, traceability, and compliance.
The Role of LEIs in DORA
Under DORA, financial institutions must register critical operations and outsourced providers using the LEI. This unique identifier supports efficient monitoring and compliance, as highlighted by the European Securities and Markets Authority (ESMA):
“Financial entities shall use a valid and active legal entity identifier (LEI) to identify all of their ICT third-party service providers that are legal persons, except for individuals acting in a business capacity who chose not to obtain an LEI.”
For critical functions, the regulation further stipulates:
“Financial entities shall ensure […] that all the subcontractors included in the register […] obtain and maintain a valid and active LEI, except if these are individuals acting in a business capacity who chose not to obtain an LEI.”
These requirements highlight the critical role of LEIs in compliance and operational transparency. (Source: ESMA Final Report on Draft ITS)
LEI compliance in 3 Steps
To meet the DORA requirements for ITC identification:
- Identify LEIs: Use our tools like LEI Look Up and Watchlist to track existing or missing LEIs.
- Register Missing LEIs: Apply for new LEIs via NordLEI for a fast and efficient process. You can also reach out to your relevant counterparties and inform them about the need for an LEI.
- Maintain Active Records: Regularly renew LEIs to ensure compliance.
Why NordLEI?
NordLEI simplifies LEI administration with:
- LEI Registration and Renewal: Easy applications and updates.
- LEI Tools: Bulk search, export reports, and monitor LEI status.
- Support: Seamless guidance to ensure your ICT providers are fully compliant.