Commission Implementing Regulation (EU) 2025/302 of 23 October 2024 laying down implementing technical standards for the application of Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to the standard forms, templates, and procedures for financial entities to report a major ICT-related incident and to notify a significant cyber threat (Text with EEA relevance)

Annex III TEMPLATES FOR NOTIFICATION OF SIGNIFICANT CYBER THREATS

LEU2025302EN110120241023EN0001.0003401401

Number of field	Data field
1	Name of the entity submitting the notification
2	Identification code of the entity submitting the notification
3	Type of the financial entity submitting the notification
4	Name of the financial entity
5	LEI code of the financial entity
6	Primary contact person name
7	Primary contact person email
8	Primary contact person telephone
9	Second contact person name
10	Second contact person email
11	Second contact person telephone
12	Date and time of detection of the cyber threat
13	Description of the significant cyber threat
14	Information about potential impact
15	Potential incident classification criteria
16	Status of the cyber threat
17	Actions taken to prevent materialisation
18	Notification to other stakeholders
19	Indicators of compromise
20	Other relevant information