Source: OJ L, 2025/302, 20.2.2025Current language: SV
- Digital operational resilience in the financial sector
ICT-related incidents
- ITS on templates for incident reporting
Artikel 4 Användning av säkra elektroniska kanaler
Summary What does Article 4 of the ITS on templates for incident reporting say?
This short, procedural article sets out the channel requirements for submitting major ICT-related incident notifications and reports.
The default rule is straightforward: financial entities must use the secure electronic channels provided by their competent authority.
It also provides a contingency arrangement for situations where those channels are unavailable, ensuring reporting obligations can still be met without disruption.
Important points:
- Submit all initial notifications and intermediate and final reports through the secure electronic channels provided by your competent authority.
- If those channels are unavailable, notify the competent authority of the major ICT-related incident through other secure means agreed with that authority.
- Competent authorities may require financial entities to resubmit reports through the official secure electronic channel once access is restored.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
Finansiella entiteter ska använda säkra elektroniska kanaler som har gjorts tillgängliga av deras behöriga myndighet för att lämna in den första anmälan samt delrapporten och slutrapporten.
Finansiella entiteter som inte kan använda de säkra elektroniska kanaler som tillhandahålls av deras behöriga myndighet ska informera sin behöriga myndighet om en allvarlig IKT-relaterad incident på ett annat säkert sätt i samförstånd med den behöriga myndigheten. Om den behöriga myndigheten så kräver ska de finansiella entiteterna lämna in den första anmälan eller del- eller slutrapporten på nytt, via den säkra elektroniska kanal som gjorts tillgänglig av deras behöriga myndighet så snart de har möjlighet att göra detta.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Definition
IKT-relaterad incident
(En. ICT-related incident)
Definition
allvarlig IKT-relaterad incident
(En. major ICT-related incident)
Definition
nätverks- och informationssystem
(En. network and information system)
Definition
säkerhet i nätverks- och informationssystem
(En. security of network and information systems)