Regulatory Alerts2025-06-23
Instruction No. 2025-I-11 on Information to Notify to the ACPR Regarding Participation in Cyber Threat Intelligence Sharing Arrangements
The Autorité de Contrôle Prudentiel et de Résolution (ACPR) issued Instruction No. 2025-I-11 to mandate that specific financial entities notify the regulator of their participation in or cessation from cyber threat intelligence sharing arrangements. This requirement applies to designated banks, payment institutions, and insurance entities subject to the EU Digital Operational Resilience Act (DORA). Entities must submit notifications using the prescribed form by September 30, 2025, for arrangements established before June 30, 2025, with the instruction entering into force on July 1, 2025.
Share