Governance

Incident Reporting

The formal process of detecting, classifying, and reporting ICT-related incidents to competent authorities. DORA Articles 17-23 establish specific requirements for incident classification, initial notification, intermediate reports, and final reports to supervisory authorities.

Incident reporting under DORA establishes a structured framework for financial entities to classify and report ICT-related incidents to their competent authorities. The regulation defines criteria for classifying incidents as major based on factors including the number of affected clients, geographic spread, data losses, duration of service downtime, and economic impact.

Major ICT-related incidents must be reported through a multi-stage process: an initial notification within 4 hours of classification, an intermediate report within 72 hours providing updated information, and a final report within one month detailing root causes, remediation actions, and lessons learned. The European Supervisory Authorities have published standardized reporting templates to ensure consistency.

Beyond regulatory reporting, effective incident management requires robust detection capabilities, documented response procedures, clear escalation paths, and post-incident analysis. Financial entities must also consider voluntary reporting of significant cyber threats to help build sector-wide threat intelligence.

Learn More

Discover how Matproof can help you achieve Incident Reporting compliance.

View framework page

Incident compliance by city

Frankfurt Munich Berlin Hamburg Düsseldorf Stuttgart Cologne

Related Terms

DORA (Digital Operational Resilience Act)

An EU regulation that establishes uniform requirements for the security of network and information systems in the financial sector. DORA became mandatory on January 17, 2025, and applies to banks, insurance companies, investment firms, and their critical ICT service providers.

BaFin (Federal Financial Supervisory Authority)

Germany's integrated financial regulatory authority responsible for supervising banks, insurance companies, and securities trading. BaFin is the primary competent authority for DORA compliance in Germany, receiving incident reports and conducting supervisory reviews.

Operational Resilience

The ability of an organization to deliver critical operations through disruption. In the context of DORA, it specifically refers to digital operational resilience — the capacity of financial entities to build, assure, and review their technological operational integrity.

SIEM (Security Information and Event Management)

A technology platform that collects, analyzes, and correlates security events from across an organization's IT infrastructure to detect threats and support incident response. SIEM is essential for meeting DORA's detection and monitoring requirements.

Automate compliance with Matproof

DORA, SOC 2, ISO 27001 — get audit-ready in weeks, not months.

Request a demo