ARTICLE
16 December 2024

Deadline Confirmed For Reporting DORA's ICT Register

AM
Arendt & Medernach

Contributor

Arendt & Medernach logo

About Arendt

Arendt combines the entire value chain of services dedicated to Asset Managers, Banks, Insurers, Public Institutions and Private Clients operating in Luxembourg.

-Legal & Tax
-Regulatory & Consulting
-Investor Services

Legal & Tax

We assist clients in structuring and running their business from a legal and tax standpoint across Luxembourg. Our teams directly serve international clients or work in close collaboration with foreign partner law firms.

Together with our regulatory consultants and investor services experts, we bridge the gap between legal/tax advice and its implementation. We deliver best-in-class services along our clients’ business life cycles.

The 450 legal experts of Arendt & Medernach have a wealth of experience in a wide variety of specialisations. Together, they are able to advise on a complete range of 15 complementary practice areas

Explore Firm Details
As the date of application for the Digital Operation Resilience Act (DORA) is fast approaching, it is crucial that financial entities make sure they are prepared to be in compliance with its requirements as of 17 January 2025.
Luxembourg Tax
Yann Fihey,Astrid Wagner,Bénédicte D’Allard
+1 Authors
 Your Author LinkedIn Connections

As the date of application for the Digital Operation Resilience Act (DORA) is fast approaching, it is crucial that financial entities make sure they are prepared to be in compliance with its requirements as of 17 January 2025. With this in mind, on 5 December, the European Supervisory Authorities (ESAs) issued a joint statement outlining the expectations for financial entities under DORA.

The ESAs underscored the importance of financial entities (preparing for the upcoming deadline of early 2025) to submit their registers of contractual arrangements with ICT third-party providers, to the competent authorities as the latter will have to report these to the ESAs by 30 April 2025.

Key points to remember

  • No transition period: the ESAs emphasise the importance of financial entities adopting a robust, structured approach in order to meet their obligations in a timely manner as DORA does not provide for a transition period.
  • Deadline for reporting: financial entities must ensure that their registers of contractual arrangements with ICT third-party providers are ready for submission to competent authorities early 2025. These registers will need to be reported to the ESAs by 30 April 2025.
  • Proactive preparation: as the ESAs strongly encourage financial entities to begin preparing their registers as soon as possible, the CSSF has also advised financial entities to plan accordingly for information that may not be immediately available, such as relevant identifiers (e.g. LEI or EUID) for ICT third-party providers.
  • Lessons from the dry-run exercise: financial entities are advised to leverage the lessons learned from the ESAs' dry-run exercise in 2024 and refer to the Implementing Technical Standards (ITS) on the Register of Information, which were adopted by the EU Commission on 29 November 2024.
  • Incident reporting: it is important that financial entities are equipped to classify and report their major ICT-related incidents from the date of application.

For any further information, financial entities are encouraged to consult the Final Report and the ITS on the Register of Information to ensure that they are fully prepared for the early 2025 submission.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Yann Fihey
Yann Fihey
Photo of Astrid Wagner
Astrid Wagner
Photo of Faustine Cachera
Faustine Cachera
Photo of Bénédicte D’Allard
Bénédicte D’Allard
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More