The Digital Operational Resilience Act (EU Regulation 2022/2554, "DORA" for short) does not affect signotec GmbH as it is not an operator of critical infrastructure and does not supply or offer products for the operation of such infrastructure. The services of signotec GmbH include the pure procurement of hardware, standard software and software maintenance and are therefore not considered ICT services in the sense of DORA, regardless of whether they are purchased, rented, leased or subscribed.
In particular, the products of signotec have no influence on the security of the network and information systems and no detrimental effects on the availability, authenticity, integrity or confidentiality of data or on the services of a financial institution (DORA Art. 3 Para. 1 No. 8). In the signature processes digitised with signotec, it is possible to revert to the conventional paper process at any time, e.g. if the signature pads or the signature software fail. The operational business of the bank is therefore neither dependent on nor endangered by the availability of signotec GmbH or the functionality of the hardware and software. Therefore, no specific measures need to be taken by signotec, as signotec does not provide ICT services in the sense of the DORA and the DORA is therefore not applicable.
If in doubt, please consult a lawyer, as signotec is not authorised to provide legal advice.
If you are nevertheless of the opinion that signotec products fall under DORA, please contact [email protected] to obtain a standardised supplementary agreement. We ask for your understanding that we are unable to conclude or negotiate individual agreements due to the large number of enquiries. For more in-depth information, we offer optional workshops for a fee.