2023-06-29

IT Incident Management in Capital Markets

The Dutch Authority for the Financial Markets (AFM) conducted an exploratory study of IT incident management at eight capital market institutions to assess maturity levels and identify gaps in current practices. The study found that while all firms have procedures to manage IT events and are aware of their legal notification obligations, average maturity levels remain low at 2.6 out of 5. The AFM highlights discrepancies between existing processes and the upcoming Digital Operational Resilience Act (DORA), recommending that firms initiate compliance programs immediately to address these gaps before the legislation takes effect in 2025.

Netherlands

Autoriteit Financiele Markten

Show thumbnailShow full textSourceAdd to collection

Show thumbnail