IKT Asset
AIDORAInformationsregisterFinanzunternehmenBaFinIKT-Dienstleistungen

New Information Register Under DORA: Deadlines and Requirements for Financial Companies

With the introduction of the DORA information register, financial companies are required to comprehensively document and report their IT service relationships. The new regulations come into effect in April 2025.

New Information Register Under DORA

In April 2025, a voluntary test phase for the information register will begin, which is being implemented under the Digital Operational Resilience Act (DORA). Financial companies are required to document and report their IT service relationships to BaFin. Here are the key points:

Deadlines and Formats

  • Voluntary Test Phase: Starting in April 2025, financial companies will have the opportunity to test the electronic submission process via BaFin's reporting and publication portal (MVP).
  • Submission Formats: Submissions can be made either in structured form according to the xBRL taxonomy or using an Excel template.

Proactive Reporting Obligations

Financial companies are required to proactively inform BaFin about any planned contractual agreements for the use of ICT services for critical functions. This applies even if the criticality of a function only becomes apparent later.

Submission of the Information Register

The information register consists of 15 templates covering all aspects of ICT third-party agreements. The annual submission must be made by March 31.

Conclusion

The new requirements of the DORA information register represent a significant change for financial companies. Timely preparation and compliance with deadlines are crucial to meet regulatory requirements.