The Danish FSA has published the designated IT suppliers to financial companies subject to NIS2 and under the supervision of the Danish FSA
Published 27 November 2024
Category: Updates
The Danish FSA has appointed a number of IT suppliers as operators of financial digital infrastructure to which NIS2 applies. The details are available here (in Danish).
As of 18 October 2024, the NIS-2 directive[1] (“NIS2”) applies to the most important IT suppliers to the financial sector.
While the implementation of NIS2 in general has been postponed to 2025 take effect in Denmark, the Danish Financial Supervisory Authority (the “Danish FSA”) already in May 2024, with a new Chapter 19 c of the Financial Business Act, was provided with the legal framework for supervision of the financial sector under the DORA Regulation[2] and NIS2.
The designated IT suppliers are set out below:
- JN Data A/S
- FORENINGEN BANKDATA
- SDC A/S
- Bec Financial Technologies A.M.B.A.
- e-nettet A/S
- Mastercard Payment Services Denmark A/S
The purpose of NIS2 is to strengthen cybersecurity by setting requirements for financial companies’ IT security, their reporting of security incidents, and risk management. Find more information on the authority given to the Danish FSA pursuant to a new Chapter 19c of the Danish Financial Business Act on Mazanti Pulse.
NIS2 does not apply to financial undertakings covered by the DORA Regulation. For these companies, the DORA Regulation will instead apply from 17 January 2025.
[1] Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union.
[2] Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on Digital Operational Resilience for the financial sector, and
Also tagged ‘Cybersecurity’
The Danish Parliament has adopted regulation to implement the NIS2 Directive and the CER Directive
On April 29, 2025, on the day where major parts of France, Spain, and Portugal suffered severe utility breakdowns, the Danish Parliament adopted the bills for implementing the NIS2 Directive and the CER Directive.
CERCritical SectorsCybersecurityNIS2The Danish government has presented bills for implementing the NIS2 Directive and the CER Directive
On 6 February 2025, the bills for implementing the NIS2 Directive and the CER Directive were presented by the Danish government to the Danish Parliament.
CERCybersecurityNIS2Other updates
Changes to financial reports for Danish UCITS
The Danish FSA has submitted a draft executive order amending the executive order on financial reports for Danish UCITS for public consultation.
Danish RegulationSFDRSustainabilityAnnual report on principal adverse impact disclosures
The European Supervisory Authority has published an annual report on principal adverse impact disclosures in accordance with Article 18 of the SFDR.
Disclosure RequirementsSFDRSustainabilityEU state aid framework enabling support to clean industry
The CISAF aims to facilitate Member States' support for clean technology manufacturing and deployment while ensuring a level playing field across the EU.
SustainabilityNon-financial reporting under the EU taxonomy – theme inspection by the Danish FSA for 2024
The Danish FSA has now carried out a follow-up theme inspection of 20 financial companies regarding their reporting in accordance with Article 8 of the Taxonomy Regulation for the 2024 financial year.
Disclosure RequirementsSFDRSustainabilityUpdated Q&A from ESMA on the SFDR and Level 2 Regulation
The Q&A gathers responses from the EU Commission as well as ESAs with the purpose of assisting with clarifying implementation and application of the legislation.
Disclosure RequirementsESMASFDRSustainabilityRevised sustainability standards sent for public consultation
The European Financial Reporting Advisory Group (“EFRAG”), published the draft revised European Sustainability Reporting Standards (“ESRS”).
ComplianceCSRDDisclosure RequirementsESRSSFDRSustainability