ICT risk increasingly borderless

A power outage took ATMs offline in Cannes, France earlier this year. Photo: Lorenzo Franzoni/Getty Images

June 9, 20262 min read

Joint ESA report also highlights the role of third parties as incident originators and warns about impending risk from AI.

The first annual overview of major ICT-related incidents in the EU’s financial sector is based on reporting introduced by the EU’s Digital Operational Resilience Act (DORA). In 2025, over 3,000 major incidents were reported by financial entities in the EU.

Sixty percent of the incidents affected the credit sector, while

Cybersecurity, Digital Operational Resilience Act, DORA, EU, ICT risk, Industry, Operational resilience, Operational risk, Security, Technology, Third-party risk management, Third-party vendors

Subscribe to continue reading

Get a premium plan for unlimited access to every article like this one, plus exclusive interviews, daily expert insights, podcasts, and more.

Subscribe Sign in

What you get with a premium plan:

Ad-free experience across all content
Daily regulatory insight and practical guidance
Unlimited access to all articles
Exclusive interviews, event coverage, and in-depth analysis
Every podcast and video featuring trusted industry experts
Full set of Rules Navigator tools

Latest News

Halfway through 2026, Valerie Mirko reflects on SEC and FINRA

OPINION: UK’s net-zero challenge isn’t ambition but capability to deliver

Compliance burnout: An overlooked risk

Latest News

FCA work in review: May 27-June 5, 2026

CFTC ends gag rule

Coverage denials are delaying care, driving medical debt for privately insured

Latest News