Art 19 - Reporting of major ICT-related incidents

Art 19 obliges financial entities to notify the competent authority of any major ICT-related incident that significantly impacts the continuity or security of their services. The report must be submitted without undue delay, include a description of the incident, its impact, and remedial actions taken, and be followed by a detailed written account within a specified period.