How Fireblocks Solution Supports DORA Compliance
Fireblocks has introduced a compliance package to assist EU financial institutions with meeting the requirements of the Digital Operational Resilience Act (DORA).
The Cyber and Operational Resilience (COR) Compliance Package aims to help banks, financial institutions and crypto asset service providers (CASPs) navigate the regulatory framework that came into force on 17 January 2025.
DORA legislation requires financial organisations to enhance their cybersecurity measures and operational resilience capabilities.
It establishes a framework for financial entities to maintain robust information and communication technology (ICT) systems and address potential digital vulnerabilities.
Fireblocks' new offering targets institutions that designate the company as a Third-Party ICT Provider supporting critical functions.
The package includes several components designed to streamline compliance processes while maintaining operational efficiency.
Regulatory alignment features
The package provides a legal addendum to Fireblocks' Master Service Agreement that aligns with DORA's contractual requirements under article 30.
It also delivers periodic and annual reports covering ICT security, performance metrics and support management.
Financial institutions can access audit and penetration testing support through either pooled or individual engagements.
A notable element is the Annual Fireblocks Security Pooled Audit Event, which offers clients direct interaction with the company's security department.
“Fireblocks provides its customers with a holistic offering designed to meet their DORA obligations confidently and efficiently,” says Oded Blatman, Chief Information Security Officer at Fireblocks.
“We've built this package to simplify compliance, reduce complexity, and allow our customers to focus on scaling their businesses and innovating in a rapidly changing environment.”
Technical security foundations
Fireblocks distinguishes its approach from competitors by implementing operational changes and developing a dedicated reporting framework in addition to its contractual solutions.
“DORA isn't just about compliance—it's about setting a higher standard for ICT Security and operational resilience”
The company's compliance package is built upon its existing security infrastructure, which utilises Multi-Party Computation (MPC) technology—a cryptographic method that enables multiple parties to compute functions together without revealing their private inputs to each other.
The firm maintains several security certifications including SOC 2 (Service Organization Control), CCSS (Cryptocurrency Security Standard), and ISO 27001, an international standard for information security management.
These technical foundations provide the groundwork for financial institutions to address DORA requirements while maintaining their operational capabilities in digital asset management and blockchain applications.
“DORA isn't just about compliance—it's about setting a higher standard for ICT Security and operational resilience,” adds Blatman.
“With this package, we're empowering financial institutions to not only meet these standards but also thrive in a more secure and transparent financial ecosystem.”
Fireblocks currently supports more than 2,000 organisations including BNY Mellon, Galaxy, and Revolut, securing over US$7tn in digital asset transactions across more than 100 blockchains and 300 million wallets.
Explore the latest edition of FinTech Magazine and be part of the conversation at our global conference series, FinTech LIVE.
Discover all our upcoming events and secure your tickets today.
FinTech Magazine is a BizClik brand
