DORA's grace period is over and your cloud provider is a Critical ICT Third Party: does on-premise AI become the safer bet?
On-premise AI is one of the cleanest ways to cut your exposure to the cloud providers now designated Critical ICT Third-Party Providers under DORA, because it removes a dependency supervisors treat as systemic risk.
Is on-premise AI the safer bet now that DORA's grace period is over?
Yes, on-premise AI is one of the cleanest ways for a financial firm to cut its exposure to Critical ICT Third-Party Providers under DORA, because AI that runs inside your own walls removes a cloud dependency that supervisors now treat as systemic risk. It is not a full exemption. DORA still holds you to resilience testing, incident reporting and register duties whether the AI sits in your data centre or someone else's. What changes is how many external single points of failure you carry, and who holds the audit trail when a supervisor asks.
The context matters. The European Supervisory Authorities named the first Critical ICT Third-Party Providers, including AWS, Google Cloud, Microsoft, Oracle and SAP, placing them under direct EU oversight. Through 2026 supervisors moved from dialogue to demanding live resilience evidence, and the second Register of Information cycle closed in 2026. The grace period, in practice, is over. Firms that treated DORA as a documentation exercise are now being asked to prove it.
What does a Critical ICT Third-Party Provider actually mean for you?
Under DORA, a handful of providers are designated as critical because so much of the financial system depends on them. Once designated, they answer to EU supervisors directly. That is good news in one sense: the biggest cloud platforms now face oversight designed to keep them resilient. But it also confirms the underlying problem the regulation is worried about. When five providers underpin the payments, trading and record-keeping of an entire continent, a single outage or compromise stops being one firm's incident and becomes everyone's.
For a regulated firm, designation does not move the obligation off your plate. You still have to map every ICT dependency, test that you can keep operating through a provider failure, and show the supervisor your evidence. Designation simply confirms that the concentration is real and that regulators are watching it closely.
How does cloud concentration become systemic risk?
Concentration risk is the heart of DORA's concern. If most of the sector runs its critical workloads on the same two or three platforms, a fault in one of them can cascade across banks, insurers and market infrastructure at the same moment. The firms did nothing individually wrong, yet they all fall over together. Regulators cannot supervise their way out of that with paperwork alone, which is why they now ask for lived resilience evidence: exit plans that work, substitutability that is real, and recovery that has actually been tested.
Every workload you can bring inside your own walls is one fewer strand tying you to that shared point of failure. AI workloads are a growing part of the picture. If your fraud scoring, document analysis or decision support runs as a call to an external model, that model provider is now part of your critical dependency map, part of your register, and part of what a supervisor can probe.
Where does on-premise AI genuinely reduce your DORA exposure?
On-premise AI helps in three concrete ways. First, it removes a third-party dependency: an AI system running on hardware you control is not an external provider whose outage or contract change can stop your operations. Second, it keeps the audit trail in your hands. Mickai seals every consequential action into a post-quantum signed audit ledger using ML-DSA-65 under FIPS 204, so the evidence a supervisor asks for lives inside the firm rather than in a vendor's logging system you cannot fully reach. Third, it works offline, which means the AI keeps functioning through exactly the connectivity or provider failure that DORA testing is designed to expose.
That is the honest benefit. On-premise AI reduces cloud concentration risk and gives you a cleaner, firm-held record. It does not make you immune. You still have other third parties, you still owe resilience testing, and you still report incidents. Anyone who tells you self-hosting deletes your DORA obligations is selling you something.
What does on-premise AI not fix?
It does not remove every third-party relationship. Hardware, connectivity, model updates and support can still involve suppliers, and each may need mapping and testing. It does not exempt you from the Register of Information, from threat-led penetration testing where that applies, or from incident reporting timelines. It does not remove your duty to prove you can operate through disruption. What it does is shrink the surface: fewer external critical dependencies to concentrate, and an audit trail you own rather than one you have to request.
There is also a governance point worth being blunt about. Bringing AI in-house shifts responsibility onto your own operations. You take on the resilience of that system yourself. For a regulated firm with proper controls, that is usually the point. Ownership is the thing DORA keeps pushing you toward.
How should a firm act on this in 2026?
Start by finding your AI in the dependency map. If a model call is buried inside a fraud tool or a customer process, it belongs in your register and your testing scope, whether you put it there or not. Then ask, for each AI workload, whether it must sit with an external provider or could run inside your walls. Where it can come in-house, you cut a critical dependency and you gain a firm-held audit trail. Where it cannot, document the substitutability and exit plan the supervisor will want to see. This is not about ripping out the cloud overnight. It is about being deliberate over which critical workloads you are willing to concentrate on providers now under direct EU oversight.
What Mickai does about it
We build the sovereign, on-device alternative to cloud AI for regulated sectors. Mickai runs inside the firm's own walls, offline, on hardware the firm controls, with every consequential action sealed into a post-quantum signed audit ledger. It is built and live, backed by 104 filed UK patent applications and 2,340 formal claims, not a slide. For a financial firm working through DORA, that removes one more Critical ICT Third-Party dependency and keeps the evidence in your hands. We are an ally to the people scoring vendors and mapping concentration risk, not a claim that the rules stop applying. On-premise AI is a lever you can pull on concentration risk. We make that lever real, and we are honest about where it ends.
“The European Supervisory Authorities named the first Critical ICT Third-Party Providers, including AWS, Google Cloud, Microsoft, Oracle and SAP, under direct EU oversight.”
Frequently asked questions
Does running AI on-premise make my firm exempt from DORA?
No. On-premise AI reduces your cloud concentration risk and keeps the audit trail in your hands, but you still owe resilience testing, incident reporting and Register of Information duties. It shrinks the surface, it does not remove the regime.
Who are the Critical ICT Third-Party Providers under DORA?
The European Supervisory Authorities named the first designated providers, including AWS, Google Cloud, Microsoft, Oracle and SAP. Designation places them under direct EU oversight and confirms the sector's concentration on a handful of platforms is treated as systemic risk.
Why does DORA treat cloud concentration as a systemic problem?
When most of the financial system runs critical workloads on the same few providers, a single outage or compromise can cascade across many firms at once. Each firm did nothing wrong individually, yet they can fail together, which is why supervisors now demand live resilience evidence.
Does my AI provider count as an ICT third party?
If your fraud scoring, document analysis or decision support calls an external model, that provider is part of your dependency map, your register and what a supervisor can examine. Bringing that workload in-house removes it as an external critical dependency.
What changed in 2026 for DORA supervision?
Supervisors moved from dialogue to demanding live resilience evidence, and the second Register of Information cycle closed in 2026. In practice the grace period is over, and firms that treated DORA as paperwork are being asked to prove their resilience works.
How does Mickai help with DORA concentration risk?
Mickai runs AI inside the firm's own walls, offline, on hardware the firm controls, with every consequential action sealed into a post-quantum signed audit ledger. That removes one more critical third-party dependency and keeps the evidence firm-held, though it does not remove your other resilience obligations.




