Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
EU: Commission opens infringement procedures for lack of NIS 2 and CER Directives transposition
On November 28, 2024, the European Commission announced that it opened infringement procedures by sending a letter of formal notice to Member States that failed to transpose the Directive on measures for a high common level of cybersecurity across the Union (NIS 2 Directive) and Directive on the resilience of critical entities (CER Directive) by October 17, 2024.
NIS 2 Directive
23 Member States received the letter regarding the NIS 2 Directive transposition: Bulgaria, Czechia, Denmark, Germany, Estonia, Ireland, Greece, Spain, France, Cyprus, Latvia, Luxembourg, Hungary, Malta, Netherlands, Austria, Poland, Portugal, Romania, Slovenia, Slovakia, Finland, and Sweden.
CER Directive
24 Member States received the letter regarding the CER Directive transposition: Belgium, Bulgaria, Czechia, Denmark, Germany, Greece, Spain, France, Croatia, Cyprus, Latvia, Lithuania, Luxembourg, Hungary, Malta, the Netherlands, Austria, Poland, Portugal, Romania, Slovenia, Slovakia, Finland, and Sweden.
Next steps
The Commission outlined that the concerned Member States now have two months to respond, complete their transposition, and notify the Commission of the measures. According to the Commission, in the absence of a satisfactory response, it may decide to issue a reasoned opinion.
You can read the press release here.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
