Free teardown · no cost, no commitment

See what a regulator would find in one of your incidents.

Send us one past incident — anonymised by you — and we will return a cited gap analysis against EU DORA, the FCA and your own process. A real report from the platform, not a slide deck. You keep it either way.

What you get back

A report you could hand to your auditor.

The same regulatory gap analysis the platform produces in production — run on your incident, returned as a branded, print-ready document.

Findings

Cited to the source

Every regulatory claim names the regulation and points at the event behind it. An uncertain article is flagged verify, never invented.

Triage

Prioritised backlog

Each finding is categorised by obligation — Regulatory · Mandatory · Advisory — and priority — P0/Notification · Must · Should · Could — so you know what to fix first.

Notifications

Trigger checklist

Whether the incident would have tripped a reporting clock — DORA major-incident, FCA SUP 15.3, MAS one-hour — set against how it was actually handled.

How it works

Three steps, about a week.

01 · You send one incident: A timeline from a past incident — a Slack/Teams export, a ticket history, or just a written account — with names and identifiers removed by you. One incident is enough.
02 · We run it through Signum: We ingest it, reconstruct the enacted process and generate the regulatory gap analysis against the regimes in your scope. No access to your systems is required.
03 · We walk you through it: A 30-minute call on the findings and what they would mean for your reporting posture. The report is yours to keep whether or not we go further.

Who it is for

Regulated firms with a real reporting clock.

Financial services, digital-asset and fintech firms under EU DORA or FCA operational-resilience rules — where an ICT incident carries a notification duty and an audit trail you have to defend.

Our posture

A draft for you, never a decision for you.

You anonymise: We ask for redacted material and hold it under a mutual NDA on request.
We never file: The report is a draft for your sign-off. Signum never notifies a regulator or changes a ticket on your behalf.
Illustrative until signed: Findings are for your compliance owner to verify and adopt — not an attestation.

Want to see the shape of the output first? Read an illustrative sample report →

Claim your teardown.

Email us the regimes in your scope and we will tell you exactly what to send. One incident, one report, no cost.

Request your free teardown