DORA RTS on Incident Reporting

Browse Articles Full Text and PDF

Article 1 General information to be provided in initial notifications and intermediate and final reports on major ICT-related incidents

Financial entities shall include in the initial notification, the intermediate report, and the final report, as referred to in Article 19(4) of Regulation (EU) 2022/2554, the following general information:

  1. (a)
    the type of submission (initial notification, intermediate report, or final report);
  2. (b)
    the name of the financial entity, its LEI code, and the type of financial entity, as referred to in Article 2(1) of Regulation (EU) 2022/2554;
  3. (c)
    the name and identification code of the entity that submits the initial notification, or intermediate or final report, for the financial entity;
  4. (d)
    where applicable, the names and LEI codes of all financial entities covered in the aggregated initial notification or intermediate or final report;
  5. (e)
    the contact details of the persons responsible for communicating with the competent authority on the major ICT-related incident;
  6. (f)
    where applicable, the identification of the parent undertaking of the group to which the financial entity belongs;
  7. (g)
    where there is monetary impact, the currency the amounts are based on.