New Commission Delegated Regulation (EU) 2023/2450 as regards the specification of critical services in the EU pursuant to Article 5 of the Critical Entities Resilience Directive (CER Directive) was published in the Official Journal (OJ) of the EU.
The delegated regulation sets out a list of services and enterprises that are deemed to be critical for the functioning of the EU (economy) and for the safety and soundness of Europe as a whole. These service providers and enterprises are required to take special measures to strengthen their resilience against relevant natural and man-made risks, including those of a cross-sectoral or cross-border nature, accidents, natural disasters, public health emergencies, and hybrid or other antagonistic threats, which include terrorist offences, insider threats, or sabotage. Specifically, these services and enterprises need to carry out risk assessments of their own, take technical and organisational measures to enhance their resilience, and notify significant incidents to competent authorities (initial notification after 24h and a report after one month). Significant are those incidents that „significantly disrupt or have the potential to significantly disrupt the provision of essential services“.
Enclosed in the list are the following financial market services or entities – as quoted:
– taking deposits (credit institutions);
– lending (credit institutions);
– operation of a trading venue (operators of trading venues); and
– operation of clearing systems (central counterparties);
Related services include – as quoted:
– provision of cloud computing services (providers of cloud computing services);
– provision of data centre service (providers of data centre services);
– provision of content delivery networks (providers of content delivery networks); and
– provision of trust services (trust service providers).
Further entities and services are identified in the list.
Commission Delegated Regulation (EU) 2023/2450 of 25 July 2023 supplementing Directive (EU) 2022/2557 of the European Parliament and of the Council by establishing a list of essential services
ID
25558
Other Features
assessment
banks
best practice
building societies
CCPs
clearing
cloud outsourcing
companies
compliance
cooperation
credit
cyber security
financial stability
notifications
recovery
reporting
resilience
risk
risk management
trading
trading venues
Date Published: 2023-10-30
Date Taking Effect: 2023-11-19
Regulatory Framework: Critical Entities Resilience Directive (CER Directive)
Regulatory Type: delegated regulation
ID 26607
A new consolidated version of Decision (EU) 2015/1814 as regards „the establishment ...
ID 26606
New Commission Delegated Regulation (EU) 2023/2904 as regards the operation of the Union R ...
ID 26604
A new consolidated version of Directive 2008/48/EC, the Consumer Credit Directive, was pub ...
ID 26602
A new consolidated version of Council Regulation (EU) 2019/1716 with respect to sanction m ...
You are on the training version of RISP core with limited functions and data.
Please subscribe to RISP core for professional or academic use. We supply free real time datasets for approved academic research; professional subscriptions start at 950€ plus VAT per annum.