EuroComply
Konto erstellen
DORA · questionnaire · no signup

DORA Scope Checker

Answer 4 questions to find out whether your organisation falls under the Digital Operational Resilience Act, which obligations apply, and what the maximum fine exposure is.

Question 1 of 4 · Article 2(1)

Is your organisation one of the following?

Credit institution, payment institution, electronic money institution, investment firm, insurance/reinsurance undertaking, crypto-asset service provider (CASP), central securities depository, central counterparty, trading venue, or trade repository.

Which organisations are in scope for DORA?

DORA (Regulation (EU) 2022/2554) applies to financial entities — banks, payment institutions, investment firms, insurance companies, crypto-asset service providers and others — as well as designated Critical ICT Third-Party Providers. Micro-enterprises (fewer than 10 employees and below €2M turnover) benefit from simplified obligations. Use this checker to confirm your entity type and the specific DORA pillars that apply.

  • Credit institutions — banks, savings banks, credit unions
  • Payment institutions and electronic money institutions
  • Investment firms and management companies
  • Insurance and reinsurance undertakings
  • Crypto-asset service providers (CASPs) under MiCA
  • Central securities depositories, central counterparties, trading venues
  • Critical ICT third-party providers (CTPPs) — cloud, software, data vendors to financial entities
  • Micro-enterprises (< 10 employees, < €2M) — simplified obligations only
Source: Regulation (EU) 2022/2554 (DORA), Article 2Reviewed:

DORA at a glance

Regulation
Regulation (EU) 2022/2554
Applies from
17 January 2025
Competent authority
ESAs (EBA, ESMA, EIOPA) + national authorities
Max fine (entity)
€5 million or 10% of annual turnover
Max fine (manager)
€1 million
CTPP fine
1% of average daily worldwide turnover per day
TLPT frequency
At least every 3 years for significant entities
Incident reporting
Initial: 4 hours; intermediate: 24 hours; final: 1 month

Informational only — not legal advice. Consult qualified counsel for DORA applicability to your specific entity type and jurisdiction. Editorial policy. Last reviewed: .