Source: OJ L, 2025/301, 20.2.2025

Current language: EN

Article 4 Article Specific information to be provided in final reports

Final reports as referred to in Article 19(4), point (c), of Regulation (EU) 2022/2554 shall contain all of the following specific information:

  1. information about the root causes of the ICT-related incident;

  2. dates and times when the ICT-related incident was resolved and the root cause(s) addressed;

  3. information on the resolution of the ICT-related incident;

  4. where applicable, information relevant for resolution authorities;

  5. information about direct and indirect costs and losses stemming from the ICT-related incident and information about financial recoveries;

  6. where applicable, information about recurring ICT-related incidents.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod