The EuropeanSupervisory Authorities have published their first annual overview of majorICT-related incidents in the EU financial sector under the reporting frameworkof the Digital OperationalResilience Act. The report is issuedby the European Banking Authority, the European Insurance and OccupationalPensions Authority, and the European Securities and Markets Authority.DORA Review Finds Cross-Border ICT RiskThe reportconsolidates incident reporting requirements under DORA and aims to standardisehow financial entities classify, manage, and report ICT-related disruptionsacross the European Union.According to thefindings, ICT risks are increasingly cross-border and interconnected. Thereport stated that “ICT risks are increasingly borderless and interconnected.”It added that shared digital infrastructure and outsourced services arecontributing to wider operational risk transmission across markets.Financial firms in theEU reported 3,383 major ICT-related incidents. Around one third hadcross-border effects, reflecting greater interconnectedness in financialsystems. The authorities noted that the direct impact on customers andtransactions was generally limited.AI Raises Future Financial Cyber RiskSystem failures andexternal events were identified as the main drivers of disruption. The reporthighlighted the importance of third-party risk management, oversight ofoutsourced services, and coordination with providers during incident responseand recovery.Cybersecurity-relatedincidents accounted for about 10% of the total. While the share was relativelysmall, the report warned that firms must maintain strong cybersecuritystandards. It also pointed to the potential use of highly capable AI-driventools as a factor that could increase future risk pressure on financialsystems.Overall, theauthorities said the findings point to a more systemic ICT risk environmentacross the financial sector, requiring stronger resilience, supervision, andcoordination to prevent and respond to future disruptions.Under DORA,ICT-related incidents are defined as unplanned events affecting the security ofnetwork and information systems and impacting availability, integrity,authenticity, or confidentiality of data or services. A major ICT-relatedincident is one with a high impact on critical or important functions of afinancial entity.This article was written by Tareq Sikder at www.financemagnates.com.