The NIS2 Directive now applies to designated IT suppliers to financial companies as appointed by the Danish FSA

Published 18 October 2024

PrintCategory: Financial Regulation

As of today, the NIS-2 Directive[1] (“NIS2”) applies to the most important IT suppliers to the financial sector.

While the implementation of NIS2 in general has been postponed to 2025 take effect in Denmark, the Danish Financial Supervisory Authority (the “Danish FSA”) was already in May 2024, with a new Chapter 19 c of the Financial Business Act, provided with the legal framework for supervision of the financial sector under the DORA Regulation[2] and NIS2.

The Danish FSA informs that they now have appointed a number of IT suppliers as operators of financial digital infrastructure to which NIS2 applies. The Danish FSA will publish which IT suppliers have been appointed when the appointments are final, i.e. when the companies’ appeal period has finally expired. The statement from the Danish FSA can be found here.

The purpose of NIS2 is to strengthen cybersecurity by setting requirements for financial companies’ IT security, their reporting of security incidents, and risk management. Find more information on the authority given to the Danish FSA pursuant to a new Chapter 19c of the Danish Financial Business Act on Mazanti Pulse.

NIS2 does not apply to financial undertakings covered by the DORA Regulation. For these companies, the DORA Regulation will instead apply from 17 January 2025.

 

[1] Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union.

[2] Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on Digital Operational Resilience for the financial sector, and

Tags:  DORANIS2


Also tagged ‘DORA’

27 Nov 2024 Updates

The Danish FSA has published the designated IT suppliers to financial companies subject to NIS2 and under the supervision of the Danish FSA

The Danish FSA has appointed a number of IT suppliers as operators of financial digital infrastructure to which NIS2 applies.

CybersecurityDORANIS2The Danish FSA
7 May 2024 Financial RegulationUpdates

The Danish implementation of a framework for supervision of the financial sector under The DORA Regulation and NIS2 Directive

On 2 May 2024, the Danish Parliament adopted an amendment to the Danish Financial Business Act to provide the Danish FSA with a legal framework for supervision of the financial sector under the DORA Regulation and the NIS-2 Directive.

DORANIS2

Other updates

28 Mar 2025 Financial RegulationImpact and ESGUpdates

The Danish FSA: Managers need to ensure truly sustainable investments

The Danish Financial Supervisory Authority (the “Danish FSA”) has initiated an inspection of three managers in September 2024.

SFDRSustainabilityThe Danish FSA
27 Feb 2025 Impact and ESGUpdates

The Omnibus package and its impact on EU’s ESG regulation

Yesterday, the European Commission revealed the proposal for the Omnibus Simplification Package.

CSDDDCSRDDisclosure RequirementsSustainability
20 Feb 2025 Financial RegulationUpdates

The Danish FSA has updated the report on fitness assessments

On 5 February 2025, the Danish FSA published a new and updated version of its report detailing its practice regarding the fitness assessment of board members, executive management members and key persons in financial businesses.

Danish RegulationGovernanceThe Danish FSA
11 Feb 2025 Corporate RegulationUpdates

EU Commission calls for review of certain outbound investments

On 15 January 2025, the European Commission issued a recommendation urging EU Member States to review investments out of EU for risks of enabling technology transfers/leakage into third countries (‘outbound investments’).

Cross-Border
7 Feb 2025 Updates

The Danish government has presented bills for implementing the NIS2 Directive and the CER Directive

On 6 February 2025, the bills for implementing the NIS2 Directive and the CER Directive were presented by the Danish government to the Danish Parliament.

CERCybersecurityNIS2
5 Feb 2025 Impact and ESGUpdates

EU Competitiveness Compass – ESG takeaways

29 January 2025, the EU Commission published its Competitiveness Compass which sets out a compass that will guide the work in the coming five years and lists priority actions to reignite economic dynamics in Europe, according to the communication.

CSDDDCSRDDisclosure RequirementsSFDRSustainability