Logo
StreamLex Home
Logo
StreamLex Home
Laws
Laws
Recitals
Recitals
News
Trackers
Resources
Contact
About Us
News
Recitals
Trackers
Resources
Newsletter
Terms of Use
Privacy Notice
LinkedIn
undefined | StreamLex

RTS on reporting of major ICT-related incidents

Commission Delegated Regulation (EU) 2025/301 of 23 October 2024 supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to regulatory technical standards specifying the content and time limits for the initial notification of, and intermediate and final report on, major ICT-related incidents, and the content of the voluntary notification for significant cyber threats

This delegated regulation supplements DORA, specifying the content and timelines for financial entities in the EU to report major ICT-related incidents and cyber threats. It outlines mandatory details for initial, intermediate, and final reports, aiming to harmonize incident reporting for better oversight. It also includes flexibility provisions for smaller entities and national-level aggregate reporting under certain conditions.

Metadata

Author: European Commission

Status: Adopted / Published

Adoption date: 2024-10-23

Last updated: 08 Aug 2025

Category: Relevant legislation

Subcategory: Delegated Regulation

Relevant laws and articles:

DORA
19
20
Source URL:https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX:32025R0301

© 2026 StreamLex

NewsletterAbout UsTerms of UsePrivacy NoticeManage Cookies

© 2026 StreamLex