Description

Financial entities must submit their Register of Information (RoI) detailing all contractual arrangements with ICT third-party service providers to their national competent authority by March 31, 2026. Data must reflect status as of December 31, 2025. Submissions must be in xBRL-CSV format.

Requirements

Compile Register of Information for all ICT provider contracts
Ensure data reflects December 31, 2025 status
Format submission in xBRL-CSV
Submit to national competent authority
Validate data completeness and accuracy

Applicable To

BanksInsurance CompaniesInvestment FirmsPayment InstitutionsCrypto-Asset Service Providers

Penalty Information

⚠Fines up to 10% of annual turnover or EUR 10 million for serious breaches; individual senior manager fines up to EUR 1 million.

days remaining

March 31, 2026

Share:X in @

Framework

DORA

Digital Operational Resilience Act

Related DORA Deadlines

DORA European Commission Supervisory Review
January 17, 2026
DORA ICT Risk Management Framework Review
June 30, 2026

DORA Register of Information Annual Submission