DORA

Data & Privacy
- Data Act
- Data Governance Act
- ePrivacy Directive
- GDPR
AI & Trust
- Artificial Intelligence Act
Cybersecurity
- Cybersecurity Act
- DORA
- NIS2
Digital Services & Media
- Digital Markets Act
- Digital Services Act
- European Media Freedom Act

DORA

DORA Article 21. Centralisation of reporting of major ICT-related incidents

1.
The ESAs, through the Joint Committee, and in consultation with the ECB and ENISA, shall prepare a joint report assessing the feasibility of further centralisation of incident reporting through the establishment of a single EU Hub for major ICT-related incident reporting by financial entities. The joint report shall explore ways to facilitate the flow of ICT-related incident reporting, reduce associated costs and underpin thematic analyses with a view to enhancing supervisory convergence.
2.
The joint report referred to in paragraph 1 shall comprise at least the following elements:
- (a)
  prerequisites for the establishment of a single EU Hub;
- (b)
  benefits, limitations and risks, including risks associated with the high concentration of sensitive information;
- (c)
  the necessary capability to ensure interoperability with regard to other relevant reporting schemes;
- (d)
  elements of operational management;
- (e)
  conditions of membership;
- (f)
  technical arrangements for financial entities and national competent authorities to access the single EU Hub;
- (g)
  a preliminary assessment of financial costs incurred by setting-up the operational platform supporting the single EU Hub, including the requisite expertise.
3.
The ESAs shall submit the report referred to in paragraph 1 to the European Parliament, to the Council and to the Commission by 17 January 2025.

Relevant Recitals for this Article