(1)

The oversight framework established by Regulation (EU) 2022/2554 should be built on a structured and continuous cooperation between the European Supervisory Authorities (ESAs) and the competent authorities through the Oversight Forum and the joint examination teams.

(2)

The authorities referred to in Article 40(2) of Regulation (EU) 2022/2554 should ensure that their staff members that are to be appointed as members of the joint examination team referred to in Article 40(1) of that Regulation has the technical expertise required in the profiles needed in the joint examination teams. The demonstration that an authority does not have staff meeting the specific technical expertise needed in the joint examination teams should be considered by the Lead Overseer as a justification to discharge, at that point in time, the authorities of their obligation to nominate staff members to the joint examination teams. In that case, the authority should nevertheless commit on the best effort basis to address that shortfall of expertise and try to reinforce its capabilities to contribute to the joint examination teams in the context of the next exercise.

(3)

Staff members of the authorities referred to in Article 40(2) of Regulation (EU) 2022/2554 that are designated as members of a joint examination team as referred to in Article 40(1) of that Regulation should continue to be employees of the nominating authority and therefore subject to working hours and permanent location of work as included in their employment contracts.

(4)

To ensure the most effective use of resources in the execution of oversight activities, members of joint examination teams should be able to be part of several joint examination teams and to oversee multiple critical ICT third-party service providers. The number of the critical ICT third-party service providers to be assigned to a specific member of joint examination team, and overall staffing needs of the joint examination teams, should take into account the risk profile of the critical ICT third-party service providers and the envisaged level of intensity of oversight activities. That possibility to oversee multiple critical ICT third-party service providers is taken into account in the strategic multi-annual oversight plan, updated annually by the Lead Overseers to the extent necessary, and reflected into the individual annual oversight plan. To ensure the reliability of the planned and ongoing commitment of resource staffing of the joint examination teams by the nominating authorities, the Lead Overseer should consult both the Joint Oversight Network and the Oversight Forum on the strategic multi-annual oversight plan.

(5)

The Lead Overseer should apply a combination of criteria and principles when identifying the number of staff members in each joint examination team and the resulting composition. Given the diverse technological and geographical footprint and the use made by various financial entities of critical ICT third-party service providers, those criteria and principles should take into account the technical nature of the oversight tasks, the different grade of dependency of financial entities on the services provided by the critical ICT third-party service providers, the geographical distribution, the size and the number of financial entities relying on those services and, where possible, a proportionate cross-sectoral representation. In performing that task, the Lead Overseer should rely on the information provided by the competent authorities in the context of the designation of the critical ICT third-party service providers, including information needed for all the sub-criteria as laid down in Commission Delegated Regulation (EU) 2024/1502 (2) and consider the criticality of the critical ICT third-party service providers for the provisioning of specific financial services both at Member State and Union level.

(6)

To ensure that the structure and the composition of the joint examination teams are fit for purpose and to ensure the efficiency and effectiveness of the Oversight Framework continuously, the Lead Overseer and the members of the joint examination teams should periodically assess the achievements of the joint examination teams. The Lead Overseer and the nominating authorities should use those assessments to verify whether the members of the joint examination teams are still fit for performing their tasks and make changes to the membership of the joint examination teams, where appropriate.

(7)

In order to ensure that the members of the joint examination teams work as a single team and oversight activities are conducted in a consistent manner, the ESAs should specify the oversight procedures to be followed by the members of the joint examination teams and the Lead Overseer coordinator in the performance of their duties.

(8)

Since the oversight tasks involve the processing of confidential information, the Lead Overseer should grant members of the joint examination team access to such information and to the relating IT (including tools, applications and datasets) and non-IT (including policy, procedures and documentation) resources on a need-to-know basis and within the specified scope of their assignments if that is necessary for members of the joint examination team to assist the Lead Overseer in the fulfilment of its statutory functions or tasks. When laying down arrangements between the Lead Overseer and the competent authorities to implement this Regulation, consistent with Commission Delegated Regulation (EU) 2024/1505 (3), to ensure the proper financing of the costs associated to the resources provided by the nominating authorities, the Lead Overseer should include in such arrangements a section detailing the procedure of reimbursement of the direct and indirect costs of all nominating authorities involved in the joint examination teams. Furthermore, to ensure a transparent and trustworthy execution of the oversight activities, those arrangements should also ensure that the members of the joint examination teams are free from any conflict of interests while performing their duties.

(9)

This Regulation is based on the draft regulatory technical standards submitted to the European Commission by the European Banking Authority, the European Insurance and Occupational Pensions Authority, and the European Securities and Markets Authority.

(10)

The Joint Committee of the European Supervisory Authorities referred to in Article 54 of Regulation (EU) No 1093/2010 of the European Parliament and of the Council (4), in Article 54 of Regulation (EU) No 1094/2010 of the European Parliament and of the Council (5) and in Article 54 of Regulation (EU) No 1095/2010 of the European Parliament and of the Council (6) has conducted open public consultations on the draft regulatory technical standards on which this Regulation is based, analysed the potential costs and benefits of the proposed standards and requested advice of the Banking Stakeholder Group established in accordance with Article 37 of Regulation (EU) No 1093/2010, the Insurance and Reinsurance Stakeholder Group and the Occupational Pensions Stakeholder Group established in accordance with Article 37 of Regulation (EU) No 1094/2010, and the Securities and Markets Stakeholder Group established in accordance with Article 37 of Regulation (EU) No 1095/2010,