Belgium Financial Services and Markets Authority publishes DORA guidance on ICT third-party provider registers and major incident reporting

The Belgium Financial Services and Markets Authority has issued guidance on compliance with the Digital Operational Resilience Act (DORA), effective 17 January 2025. The document outlines requirements for maintaining information registers of ICT third-party service providers and reporting major ICT-related incidents, detailing the scope and practical submission procedures.

Policy and regulationOperational risk and resilienceOutsourcing and third-party risk management

The Belgium Financial Services and Markets Authority has published a document setting out how financial entities should meet their obligations under the Digital Operational Resilience Act to maintain information registers of ICT third-party service providers and to report major ICT-related incidents, following DORA taking effect on 17 January 2025. The publication explains the scope of the Regulation and describes the specific rules for complying with the register-keeping and major incident reporting requirements, including practical details on submitting the registers and incident reports.

Original source View in tracker