Skip to content

NIS2: Registration Deadline Expires, Fines Now Possible

The key point: After the registration deadline has passed, supervisory authorities can impose fines on companies affected by NIS2 that have not registered.

The registration deadline under the NIS2 Directive has expired. Companies that have not fulfilled their registration obligation must now expect fines.

With the expiration of the registration deadline for the NIS2 Directive, supervisory authorities can now impose fines on non-compliant companies. The European Directive on Network and Information Security (NIS2) requires operators of critical infrastructure and certain companies to register with the competent authorities and demonstrate their security measures.

For compliance officers, this means that registration gaps now carry immediate legal consequences. The national implementations of the NIS2 Directive provide for substantial penalties, the amount of which varies depending on the member state. Germany has implemented the Directive through the amendment of the IT Security Act (IT-SiG 2.0).

Companies that have been remiss so far should carry out their registration immediately and in parallel review whether their security organization meets the required standards. The documentation of measures already taken will be central to demonstrating compliance.


Source: news.google.com · Published June 3, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.6.2.

Share on: