Highlights:
1. The ESA’s DORA report, which provides an overview of major ICT-related incidents in the EU financial sector, found that 3,000 incidents were reported in 2025 – with one-third having a cross-border impact
2. Shared infrastructures and third-party reliance magnify threats, with the report stating that “risks can be amplified by the interconnections within individual sectors and across the broader financial system”
3. Of the reported incidents, 51% were due to system failures, 27% to external events, and 19% to process failures
4. While cybersecurity incidents accounted for only 10% of those reported, the ESA noted that existing cybersecurity controls may not always be defensible against advancing attacks and should be tested regularly
5. These findings in mind, the firms that prioritize resilience and ensure they have robust, updated frameworks in place – supported by security-first vendors – will be able to navigate the twists and turns of the current threat landscape
This week’s Regulatory Wrap is brought to you by Global Relay’s Content Writer, Kathryn Fallah.