Source: OJ L, 2025/301, 20.2.2025Current language: SV
- Digital operational resilience in the financial sector
ICT-related incidents
- RTS on incident reporting
Artikel 2 Särskild information som ska lämnas i en första anmälan
Summary What does Article 2 of the RTS on incident reporting say?
This article specifies the minimum content requirements for the initial notification that financial entities must submit when a major ICT-related incident occurs.
It builds directly on the general information requirements established in Article 1, adding the incident-specific detail that competent authorities need at the earliest stage of reporting.
The article covers the essential facts of the incident — what happened, when it was detected, why it was classified as major, where it has impact, and how it was discovered — while also touching on response actions already taken.
Important points:
- Include the classification criteria from Delegated Regulation (EU) 2024/1772 that justify designating the incident as major — this is a mandatory element of the initial notification.
- State whether a business continuity plan has been activated, as this is a required disclosure from the outset.
- Where applicable, report any reclassification of the incident from major to non-major as part of this initial notification.
Springlex's summary of the article, a reading aid, not a substitute for the legal text.
En första anmälan enligt artikel 19.4 a i förordning (EU) 2022/2554 ska innehålla åtminstone följande specifika uppgifter:
Den referenskod för incidenten som tilldelats av den finansiella entiteten.
Datum och klockslag för upptäckt samt klassificering av incidenten i enlighet med artikel 8 i kommissionens delegerade förordning (EU) 2024/1772(7).
En beskrivning av den IKT-relaterade incidenten.
De kriterier i artiklarna 1–8 i delegerad förordning (EU) 2024/1772 på grundval av vilka den finansiella entiteten klassificerade den IKT-relaterade incidenten som allvarlig.
De medlemsstater som påverkas av den IKT-relaterade incidenten.
Information om hur den IKT-relaterade incidenten upptäcktes.
Om tillgänglig, information om ursprunget till den IKT-relaterade incidenten.
Information om huruvida den finansiella entiteten har aktiverat en kontinuitetsplan.
I tillämpliga fall, information om att den IKT-relaterade incidenten omklassificerats från allvarlig till inte allvarlig.
Om tillgänglig, annan relevant information.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.
Footnote 7