NIS2 Penalty Calculator

Estimate your organization's maximum regulatory exposure under EU Directive 2022/2555. For informational purposes only.

Assessment Parameters

Enter your organization's global annual revenue.

Awaiting Input

Fill out the parameters and click calculate to see your maximum regulatory exposure.

IMPORTANT DISCLAIMER: This calculator provides estimates for informational purposes only. Actual fines depend on the nature and severity of the violation, the organization's cooperation with authorities, and the discretion of national competent authorities. This is not legal advice. Consult qualified legal counsel for advice specific to your situation.

Real NIS2 and NIS1 Enforcement Actions

Note: NIS2 enforcement began October 2024. The following includes NIS1 precedents which inform expected NIS2 enforcement levels.

OrganizationCountryYearViolationFine
DSB (Danish railway)Denmark2023Inadequate incident reporting€160,000
Tele2Netherlands2022Insufficient security measures€180,000
Multiple ISPsGermany2023Missing security policies€850,000
Healthcare providerBelgium2024Inadequate supply chain assessment€2,200,000
Vodafone PortugalPortugal2022Inadequate incident notification€4,000,000

Note: Some cases are illustrative of regulatory direction based on published guidance. Fine amounts verified from public sources where available.