Beta

Source: OJ L, 2025/302, 20.2.2025

EN

Recital 6 Outsourcing of incident reporting obligations

Where financial entitiesas defined in Article 2, points (a) to (t) outsource the major ICT-related incident means an ICT-related incident that has a high adverse impact on the network and information systems that support critical or important functions of the financial entity; reporting obligations to a third party, competent authoritiesas defined in Article 46 should be aware of the identity of the third-party reporting on behalf of the financial entity means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; prior to the submission of the first notification or reporting, in order to verify the legitimacy of the reporting third party.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod