DORA | RTS on ICT Incident Classification based on EBF’s Position
Brussels, 15 January 2024 – On June 19th, 2023, the European Supervisory Authorities (ESAs), EBA, EIOPA, and ESMA, published the first batch of Consultation Papers for the technical standards mandated by the Digital Operational Resilience Act (DORA) which aims at collecting market participants’ feedback on their development.
The European Banking Federation (EBF) and Deloitte have held a joint workshop to gather feedback from the EBF’s members, specifically around the Consultation Paper for the RTS “on specifying the criteria for the classification of ICT-related incidents, materiality thresholds for major incidents and significant cyber threats under Regulation (EU) 2022/2554” that will be submitted to the European Commission on January 17th, 2024.
Below are reported the main key attention points raised by the EBF members during the consultation of the Draft RTS:
- Unclear definition of Critical Services
- Sound Application of Proportionality Principle and Risk-based Approach
- The Challenges in the Notification of Significant Threats
A full overview of the discussion can be found here.
For more information
Alexandra Maniati, Senior Director of Innovation & Cybersecurity, firstname.lastname@example.org
Dimos Karalis, Policy Adviser – Innovation & Cybersecurity, email@example.com
About the EBF:
The European Banking Federation is the voice of the European banking sector, bringing together national banking associations from across Europe. The federation is committed to a thriving European economy that is underpinned by a stable, secure and inclusive financial ecosystem, and to a flourishing society where financing is available to fund the dreams of citizens, businesses, and innovators everywhere.