Structure of the Oversight Framework

Article 32 establishes the institutional architecture for overseeing critical ICT third-party service providers. The Lead Overseer model ensures that each designated provider has a single primary supervisory counterpart, avoiding the fragmentation that would result from multiple national authorities independently overseeing the same global provider.

The Lead Overseer is supported by a Joint Examination Team comprising experts from the relevant ESAs and national competent authorities. This team provides the technical expertise and capacity needed for effective oversight of large, complex technology providers whose operations span multiple jurisdictions and serve diverse financial sectors.

The framework includes detailed cooperation arrangements between the Lead Overseer and national competent authorities, ensuring that local supervisory knowledge and concerns are incorporated into the oversight approach while maintaining the benefits of centralized coordination.

Importantly, the oversight framework is funded through fees charged to designated critical providers, ensuring that the cost of oversight falls on the entities creating the systemic risk rather than on public budgets or the financial entities that depend on these providers.