Art. 54 Publication of administrative penalties | DORA regulation | DORA

This article governs the public disclosure of administrative penalties by competent authorities, building directly on the sanctioning powers established in Article 50.

The core principle is transparency: final, unappealed penalty decisions must be published on official websites.

However, the article carves out exceptions where publication could cause harm, granting competent authorities discretion to defer, anonymise, or withhold publication in specific circumstances.

The article also addresses what happens when a published penalty is subsequently appealed or annulled by a court.

Important points:

Competent authorities are required to publish final administrative penalty decisions on their official websites, including details on the breach, the persons responsible, and the penalties imposed.
Competent authorities may defer, anonymise, or refrain from publishing a penalty decision where publication would be disproportionate, risk personal data protection, jeopardise financial market stability, or interfere with an ongoing criminal investigation.
Competent authorities must ensure that published decisions remain on their website only for as long as necessary, with a maximum period of five years.

1. Competent authorities shall publish on their official websites, without undue delay, any decision imposing an administrative penalty against which there is no appeal after the addressee of the penalty has been notified of that decision.
1. The publication referred to in paragraph 1 shall include information on the type and nature of the breach, the identity of the persons responsible and the penalties imposed.
1. Where the competent authority, following a case-by-case assessment, considers that the publication of the identity, in the case of legal persons, or of the identity and personal data, in the case of natural persons, would be disproportionate, including risks in relation to the protection of personal data, jeopardise the stability of financial markets or the pursuit of an ongoing criminal investigation, or cause, insofar as these can be determined, disproportionate damages to the person involved, it shall adopt one of the following solutions in respect of the decision imposing an administrative penalty:
  1. defer its publication until all reasons for non-publication cease to exist;
  2. publish it on an anonymous basis, in accordance with national law; or
  3. refrain from publishing it, where the options set out in points (a) and (b) are deemed either insufficient to guarantee a lack of any danger for the stability of financial markets, or where such a publication would not be proportionate to the leniency of the imposed penalty.
1. In the case of a decision to publish an administrative penalty on an anonymous basis in accordance with paragraph 3, point (b), the publication of the relevant data may be postponed.
1. Where a competent authority publishes a decision imposing an administrative penalty against which there is an appeal before the relevant judicial authorities, competent authorities shall immediately add on their official website that information and, at later stages, any subsequent related information on the outcome of such appeal. Any judicial decision annulling a decision imposing an administrative penalty shall also be published.
1. Competent authorities shall ensure that any publication referred to in paragraphs 1 to 4 shall remain on their official website only for the period which is necessary to bring forth this Article. This period shall not exceed five years after its publication.