Handelszeiten in Europa
-
-
ESAs publish the first report on DORA major ICT-related incidents
ESAs publish the first report on DORA major ICT-related incidents
Digital Finance and InnovationJoint CommitteeThe European Supervisory Authorities (EBA, EIOPA and ESMA) today published their first annual overview of major ICT-related incidents in the EU financial sector based on a reporting mechanism established by the Digital Operational Resilience Act (DORA). It shows that ICT risks are increasingly borderless and interconnected. The authorities also note that the recent evolution of highly capable AI-driven tools should encourage financial entities to strengthen cybersecurity measures to maintain their resilience going forward.
With the objective to harmonise and streamline the reporting regime of major ICT-related incidents, DORA introduces consistent requirements for financial entities on management, classification and reporting of ICT-related incidents. By ensuring major ICT-related incidents are properly notified to all Competent Authorities involved, this mechanism allows a faster and more coordinated response in case of borderless and interconnected major ICT-related incidents, ultimately contributing to the resilience of the European financial system.
The report indicates that around one third of the 3,383 major incidents reported by financial entities in the EU (i.e. 0.18 per entity subject to DORA) had a cross-border impact, underscoring the growing interconnectedness through shared infrastructures and services. On the other hand, the direct impact on clients and transactions was generally limited. System failures and external events were the main drivers, highlighting the need for robust third-party risk management, effective oversight of outsourced services and close coordination with service providers during incident response and remediation. While only 10% of the reported incidents were related to cybersecurity, it is key that financial entities uphold to the highest cybersecurity standards to be able to keep pace with the potential use of highly capable AI-driven tools.
These findings illustrate the growing systemic dimension of ICT risk as well as the importance of resilience and supervision in strengthening the financial sector’s ability to prevent, absorb and recover from future incidents.
Legal basis and background
Article 22(2) of the Digital Operational Resilience Act (DORA) mandates the European Supervisory Authorities (ESAs) to report yearly on major ICT-related incidents, setting out at least: (i) the number of major ICT-related incidents, (ii) their nature, (iii) their impact on the operations of financial entities or clients, (iv) remedial actions taken, and (v) the costs incurred.
Under the Digital Operational Resilience Act (DORA), an ICT-related incident is defined as a single event or a series of linked events unplanned by the financial entity that compromises the security of the network and information systems, and have an adverse impact on the availability, authenticity, integrity or confidentiality of data, or on the services provided by the financial entity’. A major ICT-related incident is an ICT-incident that has a high adverse impact on the network and information systems that support critical or important functions of a financial entity.
Further information:
Cristina Bonillo
Senior Communications Officer
press@esma.europa.euTayfun Yilmaz
Communications Officer
press@esma.europa.eu03/06/2026 JC 2026 16ESAs 2025 report on major ICT-related incidents The GMTF presents its findings on EU gas and gas derivative markets
The GMTF presents its findings on EU gas and gas derivative markets
TradingThe Gas Market Task Force (GMTF), has published today a report on the functioning of EU gas and gas derivatives markets, summarising the analytical work it has conducted in 2025.
The report also suggests further work in several areas to ensure that European gas and gas derivatives markets continue performing as expected and to the benefit of European competitiveness and consumers.
The GMTF was established in February 2025 under the Action Plan for Affordable Energy to scrutinise the functioning of EU gas and gas derivatives markets, identify potential shortcomings and propose actions to address them. The GMTF gathered the European Commission’s services, the Agency for the Cooperation of Energy Regulators (ACER) and the European Securities and Markets Authority (ESMA).
Further information:
Cristina Bonillo
Senior Communications Officer
press@esma.europa.euESMA publishes latest edition of its newsletter
ESMA publishes latest edition of its newsletter
ESMA newsletterThe European Securities and Markets Authority (ESMA), the EU’s financial markets regulator and supervisor, has published today the latest edition of its Spotlight on Markets newsletter, covering ESMA’s key activities and publications from April and May 2026.
This edition opens with key takeaways from ESMA’s conference “A New Era for EU Capital Markets”, marking ESMA’s 15th anniversary and focusing on the ambition to build more integrated, efficient and attractive capital markets, with the Savings and Investment Union at the heart of the discussions.
Top news highlights include ESMA’s work to advance the simplification of EU reporting frameworks for funds and transactions, the launch of its sixth stress test exercise for Central Counterparties (CCPs), and the publication of guidance on the effective use of resolution tools in CCP crisis planning.
Key publications featured in this edition include:
- a call for evidence on the structure of European equity markets;
- reporting templates and instructions for the Active Account Requirement under EMIR 3;
- the Joint Committee Annual Report for 2025, highlighting digitalisation, cyber resilience and sustainable finance as key priorities.
Other updates cover ESMA’s enforcement activities for corporate reporting across the EEA, progress on ESEF implementation with an updated taxonomy, and supervisory convergence in the funds sector. The newsletter also provides an overview of upcoming events and consultations.
The Spotlight on Markets newsletter is published regularly and is available on ESMA’s website. For regular updates, follow ESMA on LinkedIn, X and Instagram.
01/06/2026 ESMA newsletterNewsletter April and May 2026 ESMA’s annual data report shows increased quality, wider use and digital progress
ESMA’s annual data report shows increased quality, wider use and digital progress
Market dataThe European Securities and Markets Authority (ESMA), the EU’s financial markets regulator and supervisor, published today its annual report on the quality and use of regulatory data. It shows that improvements in data quality and data use reinforce each other in a virtuous cycle, supporting more effective supervision and market monitoring across the EU.
This year’s edition reflects an expansion in the scope of ESMA’s data quality and use activities, with measurable improvements in data quality across major regulatory datasets, including EMIR, SFTR, MiFIR, AIFMD and MMFR. These improvements are accompanied by extensive and growing supervisory use of the data by ESMA and national competent authorities (NCAs), underlining the central role of high-quality data in supporting investor protection, financial stability, orderly markets and market integrity.
In parallel, ESMA has advanced simplification and burden reduction efforts through a 2025 Call for Evidence gathering stakeholder input on streamlining reporting across EMIR, MiFIR and SFTR, including options to remove duplications or apply a “report once” approach [LINK]. It is also developing an integrated reporting framework for investment funds to harmonise requirements, reduce fragmentation, and support a more efficient and centralised EU data environment.
In addition to the datasets covered in previous editions, the report now includes further reporting regimes and registers, such as Prospectus reporting and ICT-related incident reporting under the Digital Operational Resilience Act (DORA).
The publication also underlines how ESMA is increasing automation and use of advanced analytical tools, as well as strengthening cooperation with NCAs through common tools, shared dashboards and coordinated data quality engagement. These developments are part of ESMA’s broader data strategy, aiming to modernise data-driven supervision across EU financial markets.
Next steps
ESMA will host on 18 June a webinar to present the main findings of the report.
Further information:
Cristina Bonillo
Senior Communications Officer
press@esma.europa.eu29/05/2026 ESMA92-2024897840-14578Report on quality and use of data 2025 New Q&As available
New Q&As available
Digital Finance and InnovationMarket AbuseSustainable financeThe European Securities and Markets Authority (ESMA), the EU's securities markets regulator, has published the following question and answer:
EU ESG Ratings Regulation (ESGRR)
- Defined ranking system (2853)
- Transitional provisions (2854)
- ESG rating providers established after date of entry into force (2855)
- Material changes to registration information (2856)
Market Abuse Regulation (MAR) Regulation
Markets in Crypto-Assets Regulation (MiCA)
- Exemption from white paper requirements when offering a crypto-asset other than an ART or EMT (2671)
-