# DORA and Finanstilsynet Denmark: Practical Guide for Financial Entities Source: https://www.cyadviso.com/dora-finanstilsynet-denmark Last reviewed: 2026-05-01 Country: Denmark (DK) Tags: DORA, Denmark Finanstilsynet — Denmark's DORA competent authority for banks, payment firms, investment firms and insurers: scope, ICT incident reporting and evidence today. --- ## Short answer In Denmark, Finanstilsynet (the Danish FSA) is the single competent authority for credit institutions, payment institutions, e-money institutions, investment firms, insurance undertakings and CASPs that fall in DORA scope. ## Competent authorities - **Finanstilsynet (Danish Financial Supervisory Authority)** (Finanstilsynet) — https://www.finanstilsynet.dk/ ## Entities in scope - Credit institutions (banks) - Payment institutions and electronic money institutions (PIs / EMIs) - Investment firms - Crypto-asset service providers (CASPs) authorised under MiCA - Insurance and reinsurance undertakings, where supervised in this jurisdiction - Other financial entities listed in DORA Article 2 ## Jurisdictional nuances - Finanstilsynet supervises both the prudential and the conduct sides — DORA ICT risk reporting flows through the same supervisor that handles your existing capital and AML reporting. - Danish ICT supervisory expectations have historically borrowed from CBEST/TIBER-style threat-led testing thinking; entities identified by Finanstilsynet under DORA Article 26 should plan accordingly. ## Primary sources - Finanstilsynet — DORA regulation — https://www.finanstilsynet.dk/finansielle-temaer/tilsyn-med-ikt-og-datasikkerhed/forordning-om-digital-operationel-modstandsdygtighed-dora - Finanstilsynet — DORA ICT incident reporting — https://www.finanstilsynet.dk/finansielle-temaer/tilsyn-med-ikt-og-datasikkerhed/indberetning-af-ikt-relaterede-haendelser-i-henhold-til-dora - Regulation (EU) 2022/2554 — DORA, EUR-Lex — https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32022R2554 - European Banking Authority — Digital Operational Resilience Act (DORA) — https://www.eba.europa.eu/activities/direct-supervision-and-oversight/digital-operational-resilience-act --- Canonical HTML: https://www.cyadviso.com/dora-finanstilsynet-denmark Authored by Andrey Gubarev — CISO for EU fintechs (CISM, CDPSE, SABSA). CyAdviso · DORA / ICT risk / vCISO programmes for EU-licensed fintechs.