# Art. 10 — Detection 1. Financial entities shall have in place mechanisms to promptly detect anomalous activities, in accordance with [Article 17](/dora/digital-operational-resilience-act/chapter-iii-ict-related-incident-classification-reporting/article-17-ict-related-incident-management-process.md), including ICT network performance issues and [ICT-related incidents](https://www.mica.wtf/definitions/definitions/dora/ict-related-incident), and to identify potential material single points of failure. All detection mechanisms referred to in the first subparagraph shall be regularly tested in accordance with [Article 25](/dora/digital-operational-resilience-act/chapter-iv-digital-operational-resilience-testing/article-25-testing-of-ict-tools-and-systems.md). 2. The detection mechanisms referred to in paragraph 1 shall enable multiple layers of control, define alert thresholds and criteria to trigger and initiate [ICT-related incident](https://www.mica.wtf/definitions/definitions/dora/ict-related-incident) response processes, including automatic alert mechanisms for relevant staff in charge of [ICT-related incident](https://www.mica.wtf/definitions/definitions/dora/ict-related-incident) response. 3. Financial entities shall devote sufficient resources and capabilities to monitor user activity, the occurrence of ICT anomalies and [ICT-related incidents](https://www.mica.wtf/definitions/definitions/dora/ict-related-incident), in particular [cyber-attacks](https://www.mica.wtf/definitions/definitions/dora/cyber-attack). 4. [Data reporting service providers](https://www.mica.wtf/definitions/definitions/dora/data-reporting-service-provider) shall, in addition, have in place systems that can effectively check trade reports for completeness, identify omissions and obvious errors, and request re-transmission of those reports. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.mica.wtf/dora/digital-operational-resilience-act/chapter-ii-ict-risk-management/article-10-detection.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.