Compliance with DORA Regulation Made Simple.
The Fireblocks Cyber Operational and Resilience (COR) Compliance Package simplifies regulatory compliance requirements mandated by the DORA regulation. The package delivers regular reports, enhanced security frameworks, pentesting and audit support so that you can focus on growth in a highly regulated environment.
Effortless Third-Party Validation for Fireblocks Customers
-
-
Built by Experts
A compliance package created by regulatory experts at Fireblocks so you have confidence that your business is aligning with DORA’s stringent third-party ICT requirements.
-
Strengthen Resilience
Enhance and assure your operational resilience against various threats with regular security and business continuity testing performed by Fireblocks, and the ability to perform your own security pen testing (PT).
-
Reduce Third Party Risk
Effectively manage third party risk by leveraging Fireblocks ISO and CCSS certifications, periodic reporting, security pooled audit event, SOC 2 audit and additional documentation, that will ensure you’re up to speed.
-
Save Time
Reduce the burden to meet new compliance requirements by getting access to all the reports, security frameworks and audits you need to validate Fireblocks under the DORA standards.
-
Built by Experts
What you need to know about complying with DORA regulations.
DORA (the Digital Operational Resilience ACT) is an EU regulation that came into effect on January 17, 2025 to safeguard and ensure business continuity for financial institutions and MiCA-licensed Crypto Asset Service Providers (CASPs). It sets out requirements around risk management and incident reporting that these institutions must adhere to when contracting with third-parties that support critical or important functions.
The requirements set out processes for how these institutions conduct due diligence, assess performance, conduct audits, verify quality standards and more on third-parties.
For a more detailed understanding of your obligations, read our Navigating DORA Compliance for Third-Party ICT Vendors: A CISO’s Guide with Fireblocks executive guide.
Fireblocks Cyber & Operational Resilience (COR) Compliance Package
Validate Fireblocks as a third-party ICT with a comprehensive package
The COR Compliance Package provides the tool-kit you need to validate how Fireblocks fits into your DORA obligations. With periodic updates, security insights, proactive notifications, and a pre-drafted legal addendum, you’ll be fully prepared to meet your new EU operational resilience requirements.
What’s Included:
- Pre-Drafted Legal Addendums
Comprehensive regulatory language tailored to DORA requirements detailing Fireblocks’ obligations as aThird-Party ICT Vendor supporting a critical/important function - Periodic and Annual Reports
Regular ICT Service and Support reporting provides insights that keep you informed about Fireblocks’ performance - Comprehensive Annual Security Kit
- Annual BCP and Emergency Plan Testing Executive Report
- Annual ICT Security Report
- Annual Certifications ( CCSS, ISO) and Annual External Audits (SOC2)
- Summaries of Annual Pen Testing and Code Review Executive Reports (when applicable)
- As-Needed Notifications
ICT-Related Incident Alerts delivered promptly, so you can respond proactively and fulfill any reporting requirements - Annual Fireblocks-Hosted Security Pooled Audit
A multi-day event with deep operational insight into Fireblocks’ security practices. - Optional Add-Ons
Customer support for Pooled/Individual Audits or Threat-Led Penetration Testing (TLPT)
Oded Blatman
Chief Information Security Officer
DORA isn’t just about compliance—it’s about setting a higher standard for ICT Security and operational resilience. With this package, we’re empowering financial institutions to not only meet these standards but also thrive in a more secure and transparent financial ecosystem.
Annual Fireblocks Security Pooled Audit
The Annual Fireblocks Security Pooled Audit event offers a multi-day deep dive into Fireblocks operational and ICT security practices, as well as direct engagement with senior Fireblocks Security personnel, to support compliance and streamline audit requests.
*Add-ons available.
Disclaimer: This is not intended to provide legal advice and Fireblocks encourages you to conduct your own analysis (including seeking independent advice) with respect to the scope/applicability of DORA to your business or operations.