The Digital Operational Resilience Act (EU Regulation 2022/2554, "DORA" for short) does not affect signotec GmbH as it is not an operator of critical infrastructure and does not supply or offer products for the operation of such infrastructure. The services of signotec GmbH include the pure procurement of hardware, standard software and software maintenance and are therefore not considered ICT services in the sense of DORA, regardless of whether they are purchased, rented, leased or subscribed.
In particular, the products of signotec have no influence on the security of the network and information systems and no detrimental effects on the availability, authenticity, integrity or confidentiality of data or on the services of a financial institution (DORA Art. 3 Para. 1 No. 8). In the signature processes digitised with signotec, it is possible to revert to the conventional paper process at any time, e.g. if the signature pads or the signature software fail. The operational business of the bank is therefore neither dependent on nor endangered by the availability of signotec GmbH or the functionality of the hardware and software. Therefore, no specific measures need to be taken by signotec, as signotec does not provide ICT services in the sense of the DORA and the DORA is therefore not applicable.
If you disagree, please describe in detail which critical processes and functions are affected by signotec's solutions, why in your opinion signotec is to be defined as an ICT service provider in the sense of the DORA in this context and which requirements have to be fulfilled in detail. If in doubt, please contact your local financial services regulator or a lawyer, as signotec is not authorised to give legal advice. If you have any questions, please contact info@signotec.de.