The NIS2 Directive now applies to designated IT suppliers to financial companies as appointed by the Danish FSA
Published 18 October 2024
Category: Financial Regulation
As of today, the NIS-2 Directive[1] (“NIS2”) applies to the most important IT suppliers to the financial sector.
While the implementation of NIS2 in general has been postponed to 2025 take effect in Denmark, the Danish Financial Supervisory Authority (the “Danish FSA”) was already in May 2024, with a new Chapter 19 c of the Financial Business Act, provided with the legal framework for supervision of the financial sector under the DORA Regulation[2] and NIS2.
The Danish FSA informs that they now have appointed a number of IT suppliers as operators of financial digital infrastructure to which NIS2 applies. The Danish FSA will publish which IT suppliers have been appointed when the appointments are final, i.e. when the companies’ appeal period has finally expired. The statement from the Danish FSA can be found here.
The purpose of NIS2 is to strengthen cybersecurity by setting requirements for financial companies’ IT security, their reporting of security incidents, and risk management. Find more information on the authority given to the Danish FSA pursuant to a new Chapter 19c of the Danish Financial Business Act on Mazanti Pulse.
NIS2 does not apply to financial undertakings covered by the DORA Regulation. For these companies, the DORA Regulation will instead apply from 17 January 2025.
[1] Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union.
[2] Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on Digital Operational Resilience for the financial sector, and
Also tagged ‘DORA’
The Danish implementation of a framework for supervision of the financial sector under The DORA Regulation and NIS2 Directive
On 2 May 2024, the Danish Parliament adopted an amendment to the Danish Financial Business Act to provide the Danish FSA with a legal framework for supervision of the financial sector under the DORA Regulation and the NIS-2 Directive.
DORANIS2Other updates
National versions of guidelines on funds’ names now published
On 21 August 2024, the European Securities and Markets Authority (“ESMA”) published their guidelines on funds’ names (the “Guidelines”) in versions translated into all the official EU-languages.
ESMASustainabilityRegistration of “sustainability auditors” is now possible
On 1 June 2024, the new rules on requirements to companies’ sustainability reporting (entailed by CSRD) entered into force.
CSRDSustainabilityMeasures to support corporate sustainability reporting
In July, the European Securities and Markets Authority (“ESMA”) published measures to support corporate sustainability reporting.
CSRDESMAESRSSustainabilityESMA opinion on sustainable investments: Facilitating the investor journey
On 24 July 2024, the European Securities and Markets Authority (“ESMA”) published an opinion: “Sustainable investments: Facilitating the investor journey – a holistic vision for the long term” setting out ESMA’s long-term vision on the functioning of the Sustainable Finance Framework.
ESMASustainabilityThematic review of pension funds subject to SFDR article 8
The Danish Financial Supervisory Authority initiated an inspection of three pension funds’ disclosing pursuant to SFDR article 8 in November 2023.
ComplianceDisclosure RequirementsSustainabilityEU’s new Anti-Money Laundering package announced
On 19 June 2024 EU’s new Anti-Money Laundering package was announced. The new AML package has been long in the making, and the Commission presented its package of legislative proposals as early as July 2021.
KYC / AML