Source: OJ L 333, 27.12.2022, p. 1–79
ENRecital 3 Systemic vulnerabilities
The European Systemic Risk means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; Board (ESRB) reaffirmed in a 2020 report addressing systemic cyber risk means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; how the existing high level of interconnectedness across financial entitiesas defined in Article 2, points (a) to (t), financial markets and financial market infrastructures, and particularly the interdependencies of their ICT systems, could constitute a systemic vulnerability means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; because localised cyber incidents means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; could quickly spread from any of the approximately22 000Union financial entitiesas defined in Article 2, points (a) to (t) to the entire financial system, unhindered by geographical boundaries. Serious ICT breaches that occur in the financial sector do not merely affect financial entitiesas defined in Article 2, points (a) to (t) taken in isolation. They also smooth the way for the propagation of localised vulnerabilities means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; across the financial transmission channels and potentially trigger adverse consequences for the stability of the Union’s financial system, such as generating liquidity runs and an overall loss of confidence and trust in financial markets.