Competent authorities are now collecting DORA ROI submissions. Technical rejection rate on first submission exceeds 70%. (EBA dry-run exercise, 2024)
DORA Register of Information

Your ICT data.
Correctly formatted.
Submitted right, first time.

Upload your existing ICT register in any Excel or CSV format. In under 10 minutes, receive a complete EBA-compliant XBRL-CSV submission package — ready for your competent authority.

Upload your Excel →See how it works
EBA taxonomy 4.0 errata 5Arelle-validated pipelineNo AI inferenceUnder 10 minutes
70%+

of first DORA ROI submissions fail technical validation — before the regulator even reviews the content.

22,000+
entities must file EU-wide
ESA estimate
€10M
max fine for non-compliance
DORA Art. 50

Based on EBA observations from prior regulatory reporting cycles (COREP, FINREP)

While others use AI to guess your compliance data — we don't guess at all.

AI hallucination in a regulatory submission can cause rejection, scrutiny, and liability. doraroi.io uses deterministic, rule-based logic only. Every value in your package comes from your data — or directly from you.

01

Deterministic pipeline

Rule-based mapping only. Same input always produces identical output. Fully auditable.

02

Zero AI inference

No machine learning, no language models, no probabilistic outputs in your compliance data.

03

Ask, don't guess

Missing a required field? We ask you. We never substitute or fill in values you didn't provide.

04

Your data only

Processed to generate your package, then deleted immediately. Not stored, not analysed, not shared.

Your data is safe

Five guarantees. No exceptions.

🔒

Zero retention

Processed in memory. Deleted immediately after download. We cannot leak what we do not store.

🇪🇺

EU only

All processing on our servers in Frankfurt, Germany. Your data never leaves the EU.

🚫

No AI

No AI touches your compliance data. Every value comes directly from you.

Arelle-certified pipeline

Our export pipeline is validated against the official EBA DORA 4.0 taxonomy. Your data never leaves our environment — we use our own Arelle-validated pipeline instead of routing submissions through an external validator.

👤

You stay in control

Nothing pre-filled or inferred. DORA Article 28(3) responsibility stays with you.

Process

From your Excel to a compliant submission.

No installation. No onboarding. No template required.

01

Upload your ICT register

Excel and CSV formats accepted. We detect column headers automatically — messy names, decorative rows, and extra columns are all handled.

02

Confirm missing values

We identify required fields absent from your data and ask you to provide them — one field at a time, directly in the browser. Nothing is pre-filled or inferred. You stay in full control.

03

Download and submit

Receive a complete XBRL-CSV package and a human-readable PDF companion. Ready to submit to your competent authority.

⏱ Most reports completed in under 10 minutes
Sample output

This is what you receive.

Every submission produces two files: a machine-readable XBRL-CSV package for the regulator, and a human-readable PDF companion for your own records.

📄
Human-readable PDF companion
A structured summary of all your submission data — entity details, contractual arrangements, ICT providers, functions, and supply chain. Designed for internal review and audit trails.
🗜️
XBRL-CSV submission package (ZIP)
14 structured CSV files mapped to EBA taxonomy 4.0 errata 5 — ready to upload directly to FIN-FSA, BaFin, AFM, CSSF, or any EU competent authority portal.
🔒
Audit hash
A SHA256 snapshot fingerprint of your locked data, with timestamp. Tamper-evident proof of what was submitted and when.
sample-output.pdfOpen full PDF →
Security & data handling

Your data never leaves the EU. And it is gone the moment you download.

We understand that ICT register data is sensitive. Here is exactly what happens to it — no ambiguity.

🖥️
Backend servers
Frankfurt, Germany (EU Central). Operated by Render.com. Your data does not leave the European Union.
🧠
Your uploaded Excel file
Processed entirely in server RAM. The moment the response is sent, the file is garbage-collected. Nothing written to disk. No database. No cloud storage.
📦
Generated outputs
ZIP and PDF are streamed directly to your browser on download. Not stored on our servers after delivery.
🔑
Audit record only
We retain only a SHA256 hash fingerprint of your locked submission data, with a timestamp. No Excel contents. No business data.
🇪🇺
GDPR
DORA ROI contains no personal data — it is an ICT contract registry. GDPR does not apply. Processing is EU-only regardless.
Pricing

Simple pricing.
No surprises.

Pay per submission. No monthly fees, no seat licences. One report, one price.

doraroi.io submission€599 excl. VAT
Consultant day rate (manual XBRL)€1,500 – 3,000
Cost of a rejected resubmissionUnquantifiable
5 Report Bundle€1,995 excl. VAT — save €1,000
Managing multiple entities? Contact us for volume pricing →
€599 excl. VAT
per report · includes all revisions before lock
  • Full XBRL-CSV package, EBA 4.0 errata 5
  • Pre-delivery technical validation
  • Human-readable PDF companion
  • Unlimited field revisions before lock
  • Locked snapshot with audit hash
  • Data deleted after generation
Start your submission →
Volume pricing
€399 excl. VAT / report
5 Report Bundle · €1,995 total · save €1,000

For compliance teams and consultants managing multiple entities. Purchase 5 reports upfront — receive 5 single-use access codes by email immediately after payment.

Buy 5 Report Bundle →
✓ Arelle-validated pipeline — EBA DORA 4.0 taxonomy — 0 errors

Every code deployment is validated with Arelle against the official EBA DORA 4.0 taxonomy — the same validator used by European regulators. Our pipeline has been verified: 0 errors.

Your data never leaves our environment. Instead of routing submissions through an external validator, we use our own Arelle-validated pipeline — tested against the official EBA DORA 4.0 taxonomy.

0 Arelle errors
FAQ

Common questions.

Everything you need to know before you submit.

Which competent authorities can I submit this to?

doraroi.io produces a package in the format required by all EU competent authorities collecting DORA ROI submissions — including FIN-FSA, BaFin, AFM, CSSF, and others operating under the ESA framework.

What happens if the package is rejected?

Our packages pass pre-delivery technical validation. If a rejection occurs due to a formatting error on our side, we will regenerate the package at no additional cost.

Who is responsible if there are errors?

We are responsible for correct formatting and EBA taxonomy mapping. You remain responsible for the accuracy of the underlying business data, as required under DORA Article 28(3).

Is my data safe?

Your uploaded file is processed in server RAM and discarded immediately after your package is generated. Nothing is written to disk or stored in a database. All processing takes place on EU servers in Frankfurt, Germany.

Do I need a specific Excel template?

No. doraroi.io accepts any Excel format. We automatically detect your column headers — whatever names you use internally. If you don't have an Excel yet, you can start with an empty upload and fill in all fields directly in the browser.

Can I get a refund?

Refunds are not available once a package has been generated and downloaded. If the package cannot be generated due to a fault on our side, a full refund is issued automatically.

doraroi.io generates a structured XBRL submission package based solely on data provided by the user. We apply deterministic formatting and EBA taxonomy mapping rules. We do not interpret, assess, or validate the accuracy of the underlying business data. Final regulatory responsibility remains with the financial entity under DORA Article 28(3). doraroi.io is a formatting tool — not a compliance advisor, legal counsel, or regulatory authority.