On July 8, 2019, Banco de Portugal, the country's central bank, launched a public consultation seeking feedback on its proposed instruction for reporting cybersecurity incidents. The aim of the instruction is to establish a duty to report relevant cybersecurity incidents, and to harmonise and centralise different reporting methods into a single communications model.
Events that have an adverse impact on the network, application or system security of the supervised institution are relevant if they are classified as "severe" or "significant" incidents. This is determined by means of criteria set out in the instruction.
Request a Free Trial
As a trusted source of regulatory intelligence for the global payments industry, we enable organisations to manage the growing volume and velocity of regulatory risk with confidence, empowering more informed and effective decision making, in an efficient and cost-effective way.Take a Trial