DORA validator:
Check your Register of Information before next submission
Financial entities are required to maintain a Register of Information (“RoI”) covering all ICT contractual arrangements. Preparing this dataset involves complex data collection and formating. Since no official pre-submission tool exists, we created the DORA Validator to help entities verify their register before filing.
Review your DORA Register of InformationUnderstanding the DORA Register of Information (RoI)
What is the Register of Information (RoI)?
The Digital Operational Resilience Act (DORA) is a European regulation that enhances financial entities' cybersecurity and operational resilience. It requires firms to identify, assess, and manage risks related to their ICT third-party service providers.
Under DORA, the Register of Information (RoI) is a mandatory dataset that financial entities must maintain and report. It includes:
- A list of all ICT third-party service providers.
- The criticality of each provider to the institution.
- Details of contractual arrangements, including risk assessments and dependency evaluations.
What is the required format and validation rules?
The RoI must be submitted as a structured ZIP package, containing:- Plain CSV files (specific tables based on regulatory templates).
- JSON metadata file (providing taxonomy references).
Each submission is automatically validated by the relevant authority, checking for:
- File integrity (correct ZIP structure, mandatory files present).
- Data consistency (matching key identifiers, expected values).
- Compliance with regulatory rules (both EU-wide and national-level validations).
The ESAs have provided a website with a set of resources to prepare for the reporting of RoIs, including the applicable validation rules and a visual representation of the data model.
Who must submit the RoI and what happens after submission?
AIFMs, management companies (ManCos), investment firms, credit institutions, insurance companies and other entities covered under DORA must submit the Register of Information (RoI) to their respective National Competent Authority (NCA).
Reporting deadlines & submission schedule
For 2026, the precise submission deadlines for financial entities at local level have not yet been confirmed and are expected to be announced by each authority.
The below table provide a non-exhaustive list of local register submission deadlines. It will be updated as soon as the information becomes available.
| Country | Competent Authority | Submission deadline | Reporting channel |
|---|---|---|---|
| Austria | FMA | January with the reporting date of December 31 of the previous year. | FMA-Incoming Platform |
| Belgium | FSMA | TBC | FiMiS |
| Denmark | Danish FSA | TBC | FIONA online |
| Estonia | Finantsinspektsioon (FSA) | TBC | Not specified |
| Finland | FIN-FSA | February 28, 2026 | Fin-FSA e-services |
| France | AMF | TBC | ROSA platform |
| Germany | BaFin | From 2026 onwards, the registers must be forwarded annually to the ESAs by 31 March, covering all contractual information as of 31 December of the previous year. | MVP platform |
| Greece | Bank of Greece | TBC | Not specified |
| Ireland | Central Bank of Ireland (CBI) | TBC | CBI Portal |
| Italy | Bank of Italy / IVASS | TBC | Infostat platform |
| Liechtenstein | FMA | TBC | e-Service Portal |
| Luxembourg | CSSF | Between 28 February and 31 March of year n+1 | eDesk |
| Malta | MFSA | The authority shall communicate further instructions with regards to the RoI reporting of 2026 in due time. | Not specified |
| Netherlands (AFM) | AFM | TBC | AFM Portal |
| Netherlands (DNB) | DNB | TBC | MyDNB Portal |
| Poland | KNF | TBC | KNF Portal |
| Portugal | Banco de Portugal | TBC | Not specified |
| Slovakia | NBS | TBC | Not specified |
| Slovenia | ATVP | TBC | Not specified |
| Spain | CNMV | TBC | Cifra Doc |
| Sweden | Finansinspektionen | TBC | Fidac |
How the DORA RoI validator works
User-friendly process
The validator is open to any financial entity who wants to benefit from health checks on the format and content of their RoI packages.
Users can access the validator without the need for prior registration or creating an account.
- Upload your RoI zip file in the drop zone
- Read and accept the Terms & Conditions
- Tick the CAPTCHA
- Click on the button to launch the process
- Receive your RoI validation status in real-time
What it checks
The validator integrates three levels of checks sourced from the ESAs’ guidelines:- Level 1: File structure, naming, and completeness
- Level 2: For each file, control of column names/headers and their completeness
- Level 3: Control of required fields and type
Validation results
The checks are run instantaneously. The validation results are displayed on your web browser in a few seconds.
As a user, you will see:
- A validation confirmation if the uploaded RoI package has passed all checks.
- A failed result with the list of issues in case at least one check is in error.
Check your Register of Information now
Simple. User-friendly. Free.
Upload your file, launch the process and review the validation results.
No data is stored or shared. All uploaded files are processed only for validation purposes and are automatically deleted after validation.
Get started and challenge
your DORA compliance readiness.
Click on the following button to upload your DORA zip file.
Do you need support on DORA? Contact us.
We offer two tailored solutions to help entities efficiently prepare and file their Register of Information:
Excel register template “Cost-effective compliance”
Ideal for organisations seeking a straightforward, budget-friendly approach.- Compliant with ESA ITS & RTS requirements at all times
- One-click generation of target reports for submission
- Embedded RoI control rules
If you prefer a full-featured collaborative platform with audit functionalities, documents storage, and several users at a time, you can opt for our:
SaaS licence “Autonomous end-to-end reporting”
Designed for organisations needing advanced functionality and teamwork.- Multi-user access with simultaneous collaboration
- Centralised document storage for all RoI records
- Audit functionalities for smooth compliance reviews
- Online application with real-time updates and monitoring
Learn more about our full range of DORA solutions here.