Article 3 | Implementing Regulation 2025/302

Updated 09/05/2025

Metadata

In force

Initial Legal Act

Amendments

Article 3 - Implementing Regulation 2025/302

Article 3

Recurring ICT-related incidents

Financial entities that provide information on non-major recurring ICT-related incidents that cumulatively meet the conditions for one major ICT-related incident as set out in Article 8(2) of Delegated Regulation (EU) 2024/1772, shall provide that information in an aggregated form.

Recitals Article 1 - Template for reporting ICT-related major incidents Article 2 - Joint submission of initial notification, intermediate and final reports Article 3 - Recurring ICT-related incidents Article 4 - Use of secure electronic channels Article 5 - Reclassification of major ICT-related incidents Article 6 - Notification of outsourcing of the reporting obligations Article 7 - Aggregated reporting Article 8 - Notification of significant cyber threats Article 9 - Entry into force ANNEX I - TEMPLATES FOR THE REPORTING OF MAJOR INCIDENTS ANNEX II - DATA GLOSSARY AND INSTRUCTIONS FOR THE REPORTING OF MAJOR INCIDENTS ANNEX III - TEMPLATES FOR NOTIFICATION OF SIGNIFICANT CYBER THREATS ANNEX IV - DATA GLOSSARY AND INSTRUCTIONS FOR NOTIFICATION OF SIGNIFICANT CYBER THREATS

Metadata

Related documents

Article 3 - Implementing Regulation 2025/302

Table of contents