Source: OJ L 333, 27.12.2022, p. 1–79
ENRecital 23 DORA consumes PSD2 major incident reporting
To reduce the administrative burden and potentially duplicative reporting obligations for certain financial entitiesas defined in Article 2, points (a) to (t), the requirement for the incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; reporting pursuant to Directive (EU) 2015/2366 of the European Parliament and of the Council(12)Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, p. 35). should cease to apply to payment service providers that fall within the scope of this Regulation. Consequently, credit institutions means a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013 of the European Parliament and of the Council (^32^); Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and amending Regulation (EU) No 648/2012 (OJ L 176, 27.6.2013, p. 1)., e-money institutions, payment institutions means a payment institution as defined in Article 4, point (4), of Directive (EU) 2015/2366; and account information service providers means an account information service provider as referred to in Article 33(1) of Directive (EU) 2015/2366;, as referred to in Article 33(1) of that Directive, should, from the date of application of this Regulation, report pursuant to this Regulation, all operational or security payment-related incidents means a single event or a series of linked events unplanned by the financial entities referred to in Article 2(1), points (a) to (d), whether ICT-related or not, that has an adverse impact on the availability, authenticity, integrity or confidentiality of payment-related data, or on the payment-related services provided by the financial entity; which have been previously reported pursuant to that Directive, irrespective of whether such incidents means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; are ICT-related.