DORA (EU Digital Operational Resilience Act) compliance for AI agents. 5-pillar audit, incident classification, Article 28 Register of Information, TLPT readiness. Regulation (EU) 2022/2554. By MEOK AI Labs.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Nicholastempleman from gravatar.com Nicholastempleman

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: MEOK AI Labs
  • Tags banking-compliance , digital-operational-resilience-act , dora , eu-dora , eu-regulation , financial-compliance , fintech-compliance , ict-risk , mcp , meok-ai-labs , regulation
  • Requires: Python >=3.10
Classifiers
Report project as malware

Project description

dora-compliance-mcp MCP server

PyPI Downloads GitHub stars License: MIT

DORA Compliance MCP

Automate DORA (Digital Operational Resilience Act) compliance for EU financial entities.

Regulation (EU) 2022/2554 — enforcement live since 17 January 2025. Penalties: up to 1% of average daily worldwide turnover for CTPPs.

MEOK AI Labs

Install · Tools · Pricing · Attestation API

Why This Exists

DORA has been enforceable since January 2025. Every EU bank, insurer, investment firm, and their critical ICT providers must demonstrate operational resilience across 5 pillars. The regulation requires ICT risk management frameworks, incident reporting within 4 hours, threat-led penetration testing (TLPT), and third-party risk registers.

Traditional DORA compliance involves hiring consultancies at €800-1,500/day for 6-12 months. This MCP automates the 5-pillar assessment, generates Article 28 register entries, runs TLPT planning checklists, and produces incident classification templates — all from a single Claude prompt.

Install

pip install dora-compliance-mcp

Tools

Tool DORA Pillar What it does
assess_ict_risk Pillar 1 ICT risk management framework assessment
classify_incident Pillar 2 Incident classification per Article 18 criteria
plan_tlpt Pillar 3 Threat-led penetration testing planning
assess_third_party Pillar 4 Article 28 ICT third-party risk register
check_information_sharing Pillar 5 Information sharing arrangement audit
run_full_audit All 5 Complete 5-pillar DORA readiness assessment
sign_attestation HMAC-SHA256 signed compliance certificate

Example

Prompt: "Our bank uses 3 cloud providers and 2 SaaS fintech tools.
Run a full DORA 5-pillar assessment. Flag any ICT concentration risk
and generate the Article 28 register entries."

Result: 5-pillar assessment with ICT concentration risk flagged on
cloud provider dependency, Article 28 register entries for all 5
third parties, incident reporting template, TLPT scope recommendation.
Each section signed with attestation cert.

Pricing

Tier Price What you get
Free £0 10 calls/day — risk assessment + incident classification
Pro £199/mo Unlimited + HMAC-signed attestations + verify URLs
Enterprise £1,499/mo Multi-tenant + co-branded reports + webhooks

Subscribe to Pro · Enterprise

Attestation API

POST https://meok-attestation-api.vercel.app/sign
GET  https://meok-attestation-api.vercel.app/verify/{cert_id}

Zero-dep verifier: pip install meok-attestation-verify

Links

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Nicholastempleman from gravatar.com Nicholastempleman

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: MEOK AI Labs
  • Tags banking-compliance , digital-operational-resilience-act , dora , eu-dora , eu-regulation , financial-compliance , fintech-compliance , ict-risk , mcp , meok-ai-labs , regulation
  • Requires: Python >=3.10
Classifiers

Release history Release notifications | RSS feed

1.4.7

1.4.6

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.0

1.2.14

1.2.13

1.2.12

1.2.11

1.2.10

1.2.9

1.2.8

1.2.7

1.2.6

1.2.5

1.2.4

1.2.3

This version

1.2.2

1.2.1

1.2.0

1.1.0

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dora_compliance_mcp-1.2.2.tar.gz (12.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

dora_compliance_mcp-1.2.2-py3-none-any.whl (14.0 kB view details)

Uploaded Python 3

File details

Details for the file dora_compliance_mcp-1.2.2.tar.gz.

File metadata

  • Download URL: dora_compliance_mcp-1.2.2.tar.gz
  • Upload date:
  • Size: 12.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.15

File hashes

Hashes for dora_compliance_mcp-1.2.2.tar.gz
Algorithm Hash digest
SHA256 17c9514aaade273439308453085a565a875fd33281b199a02cbf97b5c8683934
MD5 866d36b1e4f4705ea0493e16a4cc6795
BLAKE2b-256 395aadaae9ffcdb03c1c6f96854df3a6405b4d0b8084eeabb7cf168f01b39348

See more details on using hashes here.

File details

Details for the file dora_compliance_mcp-1.2.2-py3-none-any.whl.

File metadata

File hashes

Hashes for dora_compliance_mcp-1.2.2-py3-none-any.whl
Algorithm Hash digest
SHA256 80cd3666ac03d481498a6bd6f9fb2c0b6ea6de0e25895f31bf2fdda354f28403
MD5 66d80a6c6fa26a544b244302ebf7e551
BLAKE2b-256 6c9ce30ce32c6a01b2877bdfdf38331ccdefa59381ce1319b37b5982185ec7e8

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page