Article 35: Powers of the Lead Overseer
Last updated: 1 authoritative sourceDORA Auditor Editorial Team
Article 35 grants the Lead Overseer powers over critical ICT third-party providers, including requesting information, conducting investigations and inspections, issuing recommendations, and imposing periodic penalty payments of up to 1% of average daily worldwide turnover.
Chapter V, Managing of ICT third-party risk · Pillar: ICT Third-Party Risk
Key points
- Grants information, investigation, and inspection powers
- Allows recommendations to critical providers
- Periodic penalties up to 1% of average daily worldwide turnover
How this fits DORA
Article 35 sits within the ICT Third-Party Risk pillar. For the full set of obligations and how they interlock, see the DORA requirements overview.
Read the official text
This is an editorial summary. Read the binding text of Article 35 in the consolidated regulation on EUR-Lex.