Latest News

Pensions sector among least affected by major ICT incidents in 2025 – ESAs

By Natalie Tuck

Pensions were among the least affected financial sectors by major ICT-related incidents in 2025, according to the first joint report by the European Supervisory Authorities (ESAs) under the Digital Operational Resilience Act (DORA).

Financial entities reported a total of 3,383 major ICT-related incidents during 2025, equivalent to 0.18 major incidents per entity. However, the pensions sector recorded only a handful of major incidents in 2025, according to a chart in the report.

More than three-quarters of all incidents were concentrated in the credit and payments sectors, with over 60 per cent occurring within the credit sector and a further 16 per cent affecting payments providers.

The report also found that while human error accounted for 12 per cent of major incidents overall, no major incidents caused by human error were reported in either the pensions or ratings and benchmarks sectors.

One of the most significant incidents highlighted in the report was the outage affecting TARGET Services on 27 February 2025. The disruption left the Eurosystem's T2 and T2S platforms unavailable for several hours, suspending securities settlement, payments processing and liquidity transfers.

According to the report, the incident was caused by a rare hardware malfunction within a core storage system component. While services were restored after a failover to a secondary site, the outage resulted in delays to payments and settlements across Europe, including some delays to salary and pension payments in certain communities.

The ESAs said around one-third of all major incidents had a cross-border impact.

System failures and external events were identified as the main drivers of incidents, while cybersecurity-related events accounted for around 10 per cent of reports.

The authorities also warned that “highly capable” artificial intelligence (AI)-driven tools could heighten cyber risks in future and urged financial entities to strengthen their cybersecurity measures and operational resilience.

“These findings illustrate the growing systemic dimension of ICT risk as well as the importance of resilience and supervision in strengthening the financial sector’s ability to prevent, absorb and recover from future incidents,” the ESAs stated.

The ESAs include the European Banking Authority (EBA), the European Insurance and Occupational Pensions Authority (EIOPA), and the European Securities and Markets Authority (ESMA), and EIOPA chaired this year’s Joint Committee.

Under DORA, financial entities must follow a common framework for identifying and reporting major ICT-related incidents, helping regulators monitor operational risks and coordinate responses to disruptions that affect multiple countries or sectors.


Share Story:

Recent Stories

Pensions sector among least affected by major ICT incidents in 2025 – ESAs

Two more Dutch pension funds join new pension system

Fiduciary managers 'missing opportunities' through risk aversion


Podcast: Stepping up to the challenge
In the latest European Pensions podcast, Natalie Tuck talks to PensionsEurope chair, Jerry Moriarty, about his new role and the European pension policy agenda

Podcast: The benefits of private equity in pension fund portfolios
The outbreak of the Covid-19 pandemic, in which stock markets have seen increased volatility, combined with global low interest rates has led to alternative asset classes rising in popularity. Private equity is one of the top runners in this category, and for good reason.

In this podcast, Munich Private Equity Partners Managing Director, Christopher Bär, chats to European Pensions Editor, Natalie Tuck, about the benefits private equity investments can bring to pension fund portfolios and the best approach to take.

Mitigating risk
BNP Paribas Asset Management’s head of pension solutions, Julien Halfon, discusses equity hedging with Laura Blows

Advertisement
© 2019 Perspective Publishing     Privacy & Cookies