The three European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) will establish the EU systemic cyber incident coordination framework (EU-SCICF), in the context of the Digital Operational Resilience Act (DORA), that will facilitate an effective financial sector response to a cyber incident that poses a risk to financial stability, by strengthening the coordination among financial authorities and other relevant bodies in the European Union, as well as with key actors at international level.
Over the coming months, the ESAs will kickstart the implementation of the framework by setting up:
- the EU-SCICF Secretariat, supporting the functioning of the framework;
- the EU-SCICF Forum, working on testing and maturing the functioning;
- the EU-SCICF Crisis Coordination, facilitating during a crisis the coordination of actions by the participating authorities.
The ESAs will identify legal and other operational hurdles encountered during the initial set up and report these to the European Commission. The further development of the framework will be subject to the availability of resources and other measures taken by the European Commission.
Background
After identifying a shortfall in crisis management frameworks that could lead to a lack of financial sector coordination in the event of a significant cross-border information and communication technologies (ICT) incident, the European Systemic Risk Board (ESRB) recommended that the ESAs build on the role foreseen in the Digital Operational Resilience Act (DORA) and gradually develop a pan-European systemic cyber incident coordination framework (EU-SCICF).
In July 2023, as a first step towards putting the Recommendation into practice, the ESAs, the ECB and the Member States, from their relevant national authorities, designated a main point of contact for the EU-SCICF and informed the secretariat of the ESAs of this designation. This point of contact is to facilitate the development of the framework and will be involved in the crisis process of the EU-SCICF.
Details
- Publication date
- 17 July 2024