Beta

Source: OJ L 333, 27.12.2022, p. 1–79

EN

Recital 53 Materiality thresholds and reporting timelines

While all financial entitiesas defined in Article 2, points (a) to (t) should be required to carry out incident reporting, that requirement is not expected to affect all of them in the same manner. Indeed, relevant materiality thresholds, as well as reporting timelines, should be duly adjusted, in the context of delegated acts based on the regulatory technical standards to be developed by the ESAsEuropean Supervisory Authority, with a view to covering only major ICT-related incidents means an ICT-related incident that has a high adverse impact on the network and information systems that support critical or important functions of the financial entity;. In addition, the specificities of financial entitiesas defined in Article 2, points (a) to (t) should be taken into account when setting timelines for reporting obligations.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod