Open navigation
Search
Search
All expertise
Explore our breadth of expertise.
Sectors View all
Practice Areas View all
All insights
Leverage our expert analysis, intelligence and thought leadership for your strategic advantage.
Personalised updates
Receive tailored insights and intelligence that apply directly to your business.
Topics in focus View all
Insights by type
CMS News
Stay up to date with our growth, evolution and our many successes.
Global Press Room
Contact us
For all general enquiries.
About CMS
CMS Careers

Select your region

International Europe Africa Asia-Pacific The Americas Middle East
Regulatory News

EC: DORA Delegated and Implementing Regulations

20 Feb 2025 (UPDATED: 13 Mar 2026) International 1 min read

The following have been published in the Official Journal: (i) Commission Delegated Regulation (EU) 2025/301 of 23 October 2024 supplementing DORA with regard to regulatory technical standards specifying the content and time limits for the initial notification of, and intermediate and final report on, major ICT-related incidents, and the content of the voluntary notification for significant cyber threats; (ii) Commission Implementing Regulation (EU) 2025/302 of 23 October 2024 laying down implementing technical standards for the application of DORA with regard to the standard forms, templates, and procedures for financial entities to report a major ICT-related incident and to notify a significant cyber threat.


For more information

Last updated · 13 Mar 2026
More insights
Commercial Insurance
Back to top Back to top
If you want to use third party tools, please enable personalisation cookies as part of your cookie preferences. You can change this setting at any time via the button below or in our Cookie Notice.