DORA (EU Digital Operational Resilience Act) compliance for AI agents. 5-pillar audit, incident classification, Article 28 Register of Information, TLPT readiness. Regulation (EU) 2022/2554. By MEOK AI Labs.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Nicholastempleman from gravatar.com Nicholastempleman

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: MEOK AI Labs
  • Tags banking-compliance , digital-operational-resilience-act , dora , eu-dora , eu-regulation , financial-compliance , fintech-compliance , ict-risk , mcp , meok-ai-labs , regulation
  • Requires: Python >=3.10
Classifiers
Report project as malware

Project description

dora-compliance-mcp MCP server

PyPI Downloads GitHub stars License: MIT

DORA Compliance MCP

Automate DORA (Digital Operational Resilience Act) compliance for EU financial entities.

Regulation (EU) 2022/2554 — enforcement live since 17 January 2025. Penalties: up to 1% of average daily worldwide turnover for CTPPs.

MEOK AI Labs

Install · Tools · Pricing · Attestation API

Why This Exists

DORA has been enforceable since January 2025. Every EU bank, insurer, investment firm, and their critical ICT providers must demonstrate operational resilience across 5 pillars. The regulation requires ICT risk management frameworks, incident reporting within 4 hours, threat-led penetration testing (TLPT), and third-party risk registers.

Traditional DORA compliance involves hiring consultancies at €800-1,500/day for 6-12 months. This MCP automates the 5-pillar assessment, generates Article 28 register entries, runs TLPT planning checklists, and produces incident classification templates — all from a single Claude prompt.

Install

pip install dora-compliance-mcp

Tools

Tool DORA Pillar What it does
assess_ict_risk Pillar 1 ICT risk management framework assessment
classify_incident Pillar 2 Incident classification per Article 18 criteria
plan_tlpt Pillar 3 Threat-led penetration testing planning
assess_third_party Pillar 4 Article 28 ICT third-party risk register
check_information_sharing Pillar 5 Information sharing arrangement audit
run_full_audit All 5 Complete 5-pillar DORA readiness assessment
sign_attestation HMAC-SHA256 signed compliance certificate

Example

Prompt: "Our bank uses 3 cloud providers and 2 SaaS fintech tools.
Run a full DORA 5-pillar assessment. Flag any ICT concentration risk
and generate the Article 28 register entries."

Result: 5-pillar assessment with ICT concentration risk flagged on
cloud provider dependency, Article 28 register entries for all 5
third parties, incident reporting template, TLPT scope recommendation.
Each section signed with attestation cert.

Pricing

Tier Price What you get
Free £0 10 calls/day — risk assessment + incident classification
Pro £199/mo Unlimited + HMAC-signed attestations + verify URLs
Enterprise £1,499/mo Multi-tenant + co-branded reports + webhooks

Subscribe to Pro · Enterprise

Attestation API

POST https://meok-attestation-api.vercel.app/sign
GET  https://meok-attestation-api.vercel.app/verify/{cert_id}

Zero-dep verifier: pip install meok-attestation-verify

Links

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Nicholastempleman from gravatar.com Nicholastempleman

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: MEOK AI Labs
  • Tags banking-compliance , digital-operational-resilience-act , dora , eu-dora , eu-regulation , financial-compliance , fintech-compliance , ict-risk , mcp , meok-ai-labs , regulation
  • Requires: Python >=3.10
Classifiers

Release history Release notifications | RSS feed

1.4.7

1.4.6

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.0

1.2.14

1.2.13

1.2.12

1.2.11

1.2.10

1.2.9

1.2.8

1.2.7

1.2.6

1.2.5

1.2.4

This version

1.2.3

1.2.2

1.2.1

1.2.0

1.1.0

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dora_compliance_mcp-1.2.3.tar.gz (15.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

dora_compliance_mcp-1.2.3-py3-none-any.whl (14.5 kB view details)

Uploaded Python 3

File details

Details for the file dora_compliance_mcp-1.2.3.tar.gz.

File metadata

  • Download URL: dora_compliance_mcp-1.2.3.tar.gz
  • Upload date:
  • Size: 15.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.9.6

File hashes

Hashes for dora_compliance_mcp-1.2.3.tar.gz
Algorithm Hash digest
SHA256 645b1e1d30e01cfc9779d44bb2e1fb35c857ca388c5ca0d0bca3d338c00fd144
MD5 792d70366079a52da584582dccd7109d
BLAKE2b-256 1eab702b33537b02d2b50496544b96af0a7c78753b856762aca49af1ec5e9ccd

See more details on using hashes here.

File details

Details for the file dora_compliance_mcp-1.2.3-py3-none-any.whl.

File metadata

File hashes

Hashes for dora_compliance_mcp-1.2.3-py3-none-any.whl
Algorithm Hash digest
SHA256 f33c6b1e0837f389310cd43aece352fe9cf900d5c1d98f9870fccaa4a160fa45
MD5 5e7e931bc9d5a84b11d90f77727b5b05
BLAKE2b-256 dd82617a03c07176c43bdac71752a8b6af540af14f2f985dd626431ff33af757

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page