The three European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) published today a report on the feasibility of further centralisation in the reporting of major ICT-related incidents by financial entities according to Article 21 of the Digital Operational Resilience Act (DORA).
In line with the DORA mandate, the ESAs’ joint report explores the potential for further centralisation regarding financial entities’ reporting of major ICT-related incidents to competent authorities.
The report assesses the feasibility of three different models: the baseline model, a model with enhanced data sharing arrangements and a fully centralised model. It considers the potential burden and cost reductions, as well as the efficiency and effectiveness gains that each model would bring for cross-sector supervisory practices.