CELEX:32024R1834R(03)

This is a corrigendum to the Commission Delegated Regulation (EU) 2024/1834, which supplements the Digital Operational Resilience Act (DORA). Published on 30 April 2026, it corrects technical errors in the original text, specifically in the annexes related to the classification of ICT incidents and the templates for reporting major incidents. The changes are editorial in nature and do not introduce new obligations or alter the substantive requirements of the regulation.

The corrigendum affects all financial entities subject to DORA, including banks, investment firms, payment institutions, insurance companies, and critical ICT third-party service providers. Any organization that has already implemented incident reporting processes under the original delegated regulation must ensure their templates and classification criteria align with the corrected version.

Compliance teams should immediately review the corrected annexes to identify any discrepancies in their current incident reporting frameworks. Update internal procedures, reporting templates, and staff training materials to reflect the corrected text. Ensure that any ICT incident reports submitted after the publication date use the corrected classification and format. Finally, document this review as part of your ongoing DORA compliance evidence.