Beta

Source: OJ L, 2025/301, 20.2.2025

EN

Recital 1 Reporting time limits

To ensure the harmonisation and simplication of the notification and reporting requirements for major ICT-related incidents means an ICT-related incident that has a high adverse impact on the network and information systems that support critical or important functions of the financial entity; referred to in Article 19(4) of Regulation (EU) 2022/2554, the time limits for reporting major ICT-related incidents means an ICT-related incident that has a high adverse impact on the network and information systems that support critical or important functions of the financial entity; should follow a consistent approach for all types of financial entitiesas defined in Article 2, points (a) to (t). For these reasons, the time limits should also, to the greatest extent possible, follow a consistent approach with, and at least be equivalent in effect to, the requirements set out in Directive (EU) 2022/2555 of the European Parliament and of the Council(2)Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) (OJ L 333, 27.12.2022, p. 80, ELI: http://data.europa.eu/eli/dir/2022/2555/oj)..

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod