Content Options:

Content Options

View Options:


You are viewing the version of the document as on 2025-12-01.

CTPS 8.1 Initial incident report

CTPS 8.1.1R

1A critical third party must, as soon as is practicable after the occurrence of a CTP operational incident and in so far as it is aware at the time of submission, submit the following information about the CTP operational incident:

  1. (1)

    to the regulators and to affected firms:

    1. (a)

      a description of the CTP operational incident, including:

      1. (i)

        the nature and extent of:

        1. (A)

          the disruption to systemic third party services; or

        2. (B)

          impact to the critical third party’s operations;

      2. (ii)

        the time when the CTP operational incident was detected (and, if different, the local time in the location where the CTP operational incident was detected);

      3. (iii)

        the name and number of systemic third party services affected;

      4. (iv)

        the geographical area, including the jurisdictions, affected by the CTP operational incident; and

      5. (v)

        if known, the cause of the CTP operational incident;

    2. (b)

      contact details of any individual who is responsible for communicating with the affected firms about the CTP operational incident;

    3. (c)

      details of any initial action taken or planned in response to the CTP operational incident;

    4. (d)

      the anticipated amount of time it will take to resolve the CTP operational incident, including the anticipated recovery time for each systemic third party service affected; and

    5. (e)

      any other information the critical third party reasonably considers relevant to the affected firms and the regulators in making an initial assessment of the CTP operational incident’s potential impact on affected firms; and

  2. (2)

    to the regulators:

    1. (a)

      the names of the affected firms;

    2. (b)

      the names of any other regulatory body or authorities (other than the regulators) that have been notified of the CTP operational incident; and

    3. (c)

      any other information that the critical third party reasonably considers will assist the regulators in making an initial assessment of the impact the CTP operational incident could have on the stability of, or confidence in, the UK’s financial system.