Regulatory Technical Standards on criteria for the classification of ICT-related incidents

Status: Final draft RTS/ITS adopted by the EBA and submitted to the European Commission

These Regulatory Technical Standards specify the criteria for the classification of major ICT-related incidents, the approach for the classification of major incidents, the materiality thresholds of each classification criterion, the criteria and materiality thresholds for determining significant cyber threats, the criteria for competent authorities to assess the relevance of incidents to competent authorities in other Member States and the details of the incidents to be shared in this regard. The RTS ensure a harmonised and simple process of classifying incident reports throughout the financial sector.

Summary of document history

Previous versions Current version Ongoing versions

Draft Regulatory Technical Standards on criteria for the classification of ICT-related incidents

Status: Not yet applicable
Application date:
Compliance deadline:

Documents

Draft RTS on classification of major incidents and significant cyber threats

(1.02 MB - PDF)

Download

Press contacts

Franca Rosa Congiu

Organisation and governance

Legal and policy framework

Supervisory convergence

Direct supervision and oversight

Information for consumers

Ad hoc activities

Risk analysis

Reporting frameworks

Data

Publications

Media centre