Annual disclosure requirements for financial institutions
Financial institutions must submit annual reports to their regulatory authorities, detailing key information such as:
- The number of new agreements established
- Categories of ICT third-party service providers engaged
- Types of contractual arrangements in place
- The specific ICT services and functions provided
Meet your DORA RoI reporting deadline
We’ll support you by providing:
- Clear guidance on your regulatory obligations
- Tech-enabled support to rapidly build your ICT third-party register
- Comprehensive review of your existing register
- Compliance checks and support to enable you to meet the reporting deadline
Simplifying your regulatory obligations
We will provide comprehensive and concise guidance on your organisation's regulatory obligations for the specific jurisdictions in which you operate, incorporating the requirements for reporting the RoI.
Consolidation and enhancement of existing efforts
We will seamlessly integrate your existing register, or the one created during the dry run, into our platform, efficiently migrating the relevant information to ensure comprehensive RoI reporting readiness, all while adhering to the standardised RoI Data model and taxonomy, thereby streamlining the reporting process and minimising potential errors.
Compliance verification and submission assistance
Our solution is equipped with a robust suite of 100 automated validation checks, which meticulously reviews the RoI reporting data to proactively identify potential issues, allowing for swift and effective rectification, and ultimately ensuring accurate and timely submission of reports, thereby minimising the risk of errors and delays.
Accelerated through our use of technology
Through our compliance partner Formalize, you will have access to their reporting module for simple and flexible management of digital compliance.
- Migrate existing RoI data, details of CIF, mapped assets and systems
- Extract metadata from contracts to populate required information for RoI
- Centralised repository for contract, critical and important functions, ICT assets and systems
- Generate RoI at individual level or consolidated level
- Generate RoI in csv, xlsx or XBRL-csv
Schedule your RoI discussion
Whether you decide to proceed with a one-off package or an annual subscription, we’ll provide a fully managed service to ensure you meet the new RoI reporting requirement on time, in the format required.
Insights
Why 72 hours is the New Standard for M&A Cyber Due Diligence
A decade ago, cyber due diligence sat somewhere between “nice to have” and “we’ll deal with it post-close.” That world no longer exists.
Thomas Murray Launches Digital Asset Market Information (DAMI)
Thomas Murray, a global leader in risk management, due diligence, and cybersecurity services, is proud to announce the launch of Digital Asset Market Information (DAMI).
Solving the "Scale Paradox": How to Automate Portfolio Oversight with Fewer People
In 2026, private equity technical teams are facing a "Scale Paradox": portfolios are growing in complexity, while in the internal teams responsible for operations and cybersecurity oversight, headcounts remain stagnant.
How Private Equity Hackers Choose Their Targets
Private equity firms sit at the intersection of high-value financial transactions, sensitive deal data, and an expanding portfolio of technology heavy portfolio companies – and it’s this combination that makes PE an attractive target for cyberthreat actors.