§ DORA · Article 14

DORA Article 14: Obligations, Deadlines & Penalties

Regulation (EU) 2022/2554, Article 14 · All obligations · DORA
At a glance
Article 14 of the DORA imposes 3 obligations on financial entities.
§ Obligations

All obligations under Article 14

Obligation 1
Financial entities shall have in place crisis communication plans enabling a responsible disclosure of major ICT-related incidents or vulnerabilities to clients, counterparts, and the public as appropriate. Regulation (EU) 2022/2554, Article 14, Article 14
Obligated entity
financial entities
Sector scope
financial sector
Action required
have in place
Deadline
Penalty
Obligation 2
Financial entities shall implement communication policies for internal staff and for external stakeholders, differentiating between staff involved in ICT risk management and staff that needs to be informed. Regulation (EU) 2022/2554, Article 14, Article 14
Obligated entity
financial entities
Sector scope
financial sector
Action required
implement
Deadline
Penalty
Obligation 3
At least one person in the financial entity shall be tasked with implementing the communication strategy for ICT-related incidents and fulfil the public and media function for that purpose. Regulation (EU) 2022/2554, Article 14, Article 14
Obligated entity
financial entities
Sector scope
financial sector
Action required
task
Deadline
Penalty
§ Frequently asked

Questions about Article 14

Who must comply with Article 14 of the DORA? +
financial entities.
What does Article 14 of the DORA require? +
have in place implement task
Need a cross-border briefing on DORA Article 14?
Search Fontvera ↵
All EU obligation pages  ·  All DORA articles