TIBER-EU LI
A central component of Regulation (EU) 2022/2554, the Digital Operational Resilience Act (DORA), is the testing of digital operational resilience. Financial intermediaries must set up a comprehensive testing program for this as part of their ICT risk management. For certain financial intermediaries, threat-led penetration testing (TLPT), in which realistic attack scenarios are carried out on critical production systems, is also prescribed in accordance with Art. 26 DORA. In Liechtenstein, the TIBER-EU (Threat Intelligence-Based Ethical Red Teaming) framework is being adopted for the implementation of TLPT requirements in order to specifically test and strengthen the cyber defense capabilities of financial intermediaries using an established standard.
The adoption of TIBER-EU LI was decided with the approval of FMA Communication 2025/3 - Adoption of TIBER-EU LI (implementation document), which comes into force on October 15, 2025.
Was ist TIBER-EU?
TIBER-EU is a European framework developed by the European Central Bank for controlled, threat-based red team testing on critical live production systems of financial companies. The aim is to strengthen cyber resilience, create uniform standards for TLPT in the EU and support both financial intermediaries and supervisory authorities in implementing regulatory requirements. The framework basically serves as a guideline for high-quality, secure and cross-border recognized tests.
The following website contains a complete overview of all documents relevant to TIBER-EU LI:
https://www.ecb.europa.eu/paym/cyber-resilience/tiber-eu/html/index.en.html
Kontaktdaten
The FMA acts as the competent authority for monitoring TLPT and TIBER tests as part of its legal mandate to implement the requirements of DORA. Within the FMA, the ICT Supervision and Cybersecurity Unit forms the TIBER and TLPT Cyber Team (TCT).
If you have any questions about TIBER-EU LI or TLPT, please contact the FMA's TCT at the following e-mail address