On Apr. 28, 2025, IRE CB published an important update regarding the DORA register of information (RoI) submission and correction of validation issues identified by EBA.
Explained that IRE CB is in the process of transmitting registers on to the ESAs, and as part of this, the ESAs are performing additional validation checks on the files.
Validation check results will be shared with firms via secure message on the portal, with links to EBA guidance which should be referenced to address issues identified.
The system how to guide has been updated with links to this guidance.
This includes common errors noted by the EBA during their testing.
There may be multiple rounds of issue correction, so any feedback errors should be remediated and the register package should be resubmitted as quickly as possible.
All corrections and resubmissions need to be completed before May 30, 2025.
On Jan. 17, IRE CB reported DORA regulation has become effective.
IRE CB reported that the digital operational resilience act (DORA) takes effect Jan. 17.
Applies and affects a wide range of financial entities regulated by IRE CB.
Follows IRE CB Dec. 2024, issued updated FAQ on aspects of DORA, see #239592.
Follows IRE CB Mar. 2023, speech, DORA implementation, ESA timeline, see #167775.
Implementation of DORA
DORA sets out need to provide harmonized rules supporting the digital operational resilience of individual financial entities and the financial system as a whole.
This includes a new framework for the oversight of those ICT third-party providers which are essential to the European financial system, becoming effective Jan. 17.
Culminates efforts and close collaboration of European Legislature, European Supervisory Authorities, National Authorities, and financial industry participants.
Efforts to ensure that the financial system continues to operate in the best interests of consumers and the wider economy in an environment of technology dependence.
New Webpage and Guide
IRE CB also issued details on new web page which provides information re DORA.
The major ICT-related incident reporting template and significant cyber threat reporting template are to be used by in scope financial entities when submitting a major ICT-related incident and significant cyber threat report respectively.
These templates have been designed by the European Supervisory Authorities.
Please note that minor updates may be made to these in the coming months.
Feb. 2025 DORA Registers of Information
On Feb. 7, 2025, IRE CB published a new webpage with information on DORA Register of Information submissions, including the format required for the submissions.
System guide on how to submit Registers of Information via IRE CB Portal will be published in Mar. 2025; IRE CB Portal is upgrading mechanism in use for multi factor authentication (MFA) in Mar. 2025, so there will be user access authentication changes.
To prepare for this, end users can now pre-enrol with the new service to ensure a seamless transition; see MFA pre-enrolment guidance on how to pre-enrol.
Mar. 18, 2025 DORA Register Preparation, Submission
On Mar. 18, 2025, IRE CB updated information on DORA Register of Information (RoI) submissions, reminding to follow ESA links to ensure RoI meets conditions for submission and validation on Apr. 1-4, 2025; included links to key resources.
A how-to guide on how to upload prepared RoI will be available on Mar. 21, 2025.
Mar. 25, 2025 Uploading RoIs
On Mar. 25, 2025, IRE CB recommended consulting the system guide for instructions on uploading your prepared Register of Information (RoI) to the IRE CB portal.
Financial entities are required to submit RoI via the portal between Apr. 1 to 4, 2025.
Mar. 26, 2025 Recap of Steps
On Mar. 26, 2025, IRE CB tested its system and a sample of RoIs have successfully been uploaded and are therefore ready to accept the RoI submissions from Apr. 1-4.
Based on testing performed, IRE CB is aware that RoIs will fail to be uploaded successfully if basic steps are not followed by those responsible for submitting the RoI.
Therefore recapping in the communication the key links to be followed for guidance, while also sharing a list of common mistakes that firms may inadvertently make.
Apr. 2025 Validation Checks
On Apr. 28, 2025, IRE CB published an important update regarding the DORA register of information (RoI) submission and correction of validation issues identified by EBA.
Explained that IRE CB is in the process of transmitting registers on to the ESAs, and as part of this, the ESAs are performing additional validation checks on the files.
Validation check results will be shared with firms via secure message on the portal, with links to EBA guidance which should be referenced to address issues identified.
The system how to guide has been updated with links to this guidance.
This includes common errors noted by the EBA during their testing.
There may be multiple rounds of issue correction, so any feedback errors should be remediated and the register package should be resubmitted as quickly as possible.
All corrections and resubmissions need to be completed before May 30, 2025.
