Reset to Today

To access the FCA Handbook Archive choose a date between 1 January 2001 and 31 December 2004.

Content Options:

Content Options

View Options:


You are viewing the version of the document as on 2025-04-01.

Timeline guidance

Alternative versions

  1. Point in time
    2025-04-01

CTPS 4.4 Requirement 3: Dependency and supply chain risk management

CTPS 4.4.1R

1A critical third party must (as part of its obligation under CTPS 4.3.1R (Requirement 2: Risk management)) identify and manage any risks to its supply chain that could affect its ability to deliver a systemic third party service.

CTPS 4.4.2R

1A critical third party must take reasonable steps to ensure that its key nth-party providers and persons connected with a critical third party that are part of its supply chain:

  1. (1)

    are informed of the CTP duties that apply to the critical third party;

  2. (2)

    cooperate with the critical third party in meeting those CTP duties; and

  3. (3)

    provide the regulators with access to any information relevant to the exercise of their oversight functions.