| LDR | | | 00000cam a22000004 44500 |
| 001 | | | MAP20260034850 |
| 003 | | | MAP |
| 005 | | | 20260605105725.0 |
| 008 | | | 260603s2026 bel|||| ||| ||eng d |
| 040 | | | $bspa$aMAP$dMAP |
| 084 | | | $a861 |
| 110 | 2 | | $0MAPA20110000219$aEIOPA |
| 245 | 1 | 0 | $a2025 Report on major ICT-related incidents$bJoint-ESA report under Article 22 of DORA$cEIOPA |
| 260 | | | $aBrussels$bEIOPA$c2026 |
| 300 | | | $a21 p. |
| 505 | | | $aList of Figures -- Abbreviations -- Executive Summary -- Introduction -- Methodology -- Overview of major incidents in the EU -- Conclusions |
| 520 | | | $aThis joint ESAs report provides an anonymised, aggregated overview of major ICT-related incidents reported in 2025 under DORA Article 22. A total of 3,383 incidents were notified, mostly in the credit and payments sectors. One third had cross-border impact, reflecting strong interconnections, shared infrastructures and third-party dependencies. System failures and external events were the predominant drivers; about 29% originated at third-party providers. Cybersecurity incidents represented a smaller share, suggesting safeguards and detection measures are effective, though vigilance is needed. Most incidents had limited impact on clients, transactions and financial counterparties, pointing to timely detection and effective containment. The report discusses classification criteria, root causes, impacts, remedial actions, costs, and highlights selected cross-border events (e.g., TARGET services outage; Iberian Peninsula blackout). It also notes data quality and reporting divergences in this first DORA year and outlines steps to improve supervisory convergence and data collection. |
| 650 | | | $0MAPA20080567613$aUnión Europea |
| 650 | | | $0MAPA20240022341$aReglamento DORA |
| 650 | | | $0MAPA20080587581$aRiesgo informático |
| 650 | | | $0MAPA20080608811$aSupervisión financiera |
| 650 | | | $0MAPA20090000414$aExternalización de servicios |
| 651 | | | $0MAPA20080640255$aUnión Europea |
