Info

🔗 Back to Summary. 🇫🇷 French Version: 2025R1143_FR.25. Back to Summary of LVL1. Direct link to EUR-LEX.

Article 24 – Information on market data fees and licensing models ⬅️ | ➡️ Article 26 – Information on energy efficiency

References LVL1 <=> LVL2

Level 1 reference(s): 2014R0600_EN.27da > 2

Article 25 - Information on digital operational resilience

1.

An applicant seeking authorisation to operate a CT pursuant to Article 27db of Regulation (EU) No 600/2014 shall include in its application for authorisation evidence of compliance with the requirements on ICT risk management organisation and capabilities, operational resilience strategy and testing, incident management and ICT third-party risk monitoring under Regulation (EU) 2022/2554.

2.

The information set out in paragraph 1 shall include documents regarding the applicant’s arrangements, in accordance with Regulation (EU) 2022/2554, on:

(a)

ICT risk management;

(b)

ICT-related incident management;

(c)

digital operational resilience testing;

(d)

ICT third-party risk monitoring.

3.

The information set out in paragraph 1 shall take into account the size and overall risk profile, and the nature, scale and complexity of the applicant’s services, activities and operations.

NOMOX

Explorer

2025R1143_EN.25

Article 25 - Information on digital operational resilience

1.

2.

(a)

(b)

(c)

(d)

3.

Table of Contents

Backlinks