What's Happening?
The European Supervisory Authorities (ESAs) have released their first joint report on major ICT-related incidents under the Digital Operational Resilience Act (DORA). The report, covering incidents from 2025, provides an overview of 3,383 major incidents reported
by financial entities across the EU. It highlights that incident volumes are not indicative of systemic weaknesses but rather reflect the maturity of reporting practices. The report notes that most incidents had limited impact on clients and transactions, with two-thirds causing no or minor disruptions. System failures and third-party dependencies were identified as primary drivers of incidents, while cybersecurity incidents were less frequent. The ESAs emphasize the need for improved data quality in reporting and plan to introduce a new IT tool in 2026 to enhance data collection and processing.
Why It's Important?
The report underscores the importance of operational resilience in the financial sector, particularly as digitalization and interconnectivity increase. It highlights the need for robust third-party risk management and effective incident response protocols. The findings suggest that while the financial sector is becoming more resilient, there is still a need for continuous improvement in reporting practices and data quality. The introduction of a new IT tool by the ESAs is expected to enhance the ability of financial entities to manage and report incidents more effectively, ultimately contributing to greater stability in the financial system.
What's Next?
The ESAs plan to implement a new IT tool in 2026 to improve the quality of incident reporting. Financial entities are encouraged to invest in detection, response, and recovery capabilities, and to strengthen third-party risk management frameworks. The ESAs will continue to monitor the implementation of DORA and expect financial entities to maintain high cybersecurity standards to address emerging threats. The focus will remain on ensuring that financial entities can demonstrate effective operational resilience in the face of inevitable operational disruptions.
