This is not an official FinDatEx tool. It is a private, open-source side project, not affiliated with, endorsed by, or connected to the FinDatEx initiative or any of its member organisations. "FinDatEx", "TPT", "EET", "EMT", and "EPT" are referenced here only to describe the data templates the tool tries to validate.
The validator is provided as-is, without warranty of any kind — no guarantee of completeness, correctness, regulatory fitness, or compatibility with any particular spec version. Validation results may be incomplete or wrong. Do not rely on this tool as the sole check before delivering data to a counterparty or regulator.
See
LICENSEfor the full legal text (Apache 2.0).
Loads a FinDatEx data-template file (TPT, EET, EMT or EPT) and checks it against the official spec: missing mandatory fields, wrong formats, invalid codes, broken cross-field rules, and so on. You get a quality score (0–100) and a downloadable Excel report with one row per finding so you can fix things in your source system.
On screen the findings are grouped by rule (e.g. "mandatory field missing", "invalid ISIN", a specific cross-field check) with a count and an expandable list, so a recurring problem across thousands of rows reads as one entry instead of thousands. The Excel report keeps the full one-row-per-finding detail.
Bundled templates: TPT V8.0 + V7.0, EET V1.1.3 + V1.1.2, EMT V4.3 + V4.2, EPT V2.1 + V2.0.
There are two ways. Pick whichever is more convenient — the validation engine is exactly the same.
Public URL: https://www.findatex-validator.eu
- Open the URL in your browser.
- Pick the template (TPT / EET / EMT / EPT) and version.
- Drag your
.xlsx,.xlsmor.csvfile onto the upload area (max 25 MB). - Click Validieren. You get findings on screen and a download link for the Excel report.
The hosted instance has no login. Files are processed in memory and discarded the moment the response is sent; the report download link is single-use and expires after 5 minutes.
Limits on the hosted web app. Because it is a public, unauthenticated
service, the web app is throttled to keep it usable for everyone (the
maintainer can tune these per deployment via FINDATEX_WEB_* env vars —
the defaults are):
| Limit | Default | What you see when you hit it |
|---|---|---|
| Uploads per IP per hour | 10 | HTTP 429 — try again later |
| Concurrent validations (whole instance) | 4 | HTTP 429 — retry shortly |
| Max upload size | 25 MB | HTTP 413 — file too large |
| Report download lifetime | 5 min, single use | link expires, re-validate |
If these limits get in your way — large files, bulk runs, confidential data — use the desktop app instead: it has no rate limit, no concurrency cap, no file-size cap and no upload at all (see Option B).
The desktop app reads files from your local disk, validates them locally, and writes the report locally. No upload, no network traffic except an optional GLEIF / OpenFIGI lookup that you opt in to in the settings dialog.
There are no limits in the desktop app: no rate limit, no concurrency cap, no 25 MB file-size ceiling, no expiring report links. Validate as many files as you like, as large as you like.
Pre-built native installers for every release are attached to the GitHub Releases page. Two flavours per platform:
| Platform | Installer (admin) | Portable (no admin) |
|---|---|---|
| Linux x64 | findatex-validator-<v>-linux-x64.deb |
findatex-validator-<v>-linux-x64.tar.gz |
| Windows x64 | findatex-validator-<v>-windows-x64.msi |
findatex-validator-<v>-windows-x64.zip |
| macOS Apple Silicon | findatex-validator-<v>-macos-arm64.dmg |
findatex-validator-<v>-macos-arm64.tar.gz |
| macOS Intel | findatex-validator-<v>-macos-x64.dmg |
findatex-validator-<v>-macos-x64.tar.gz |
The installers are unsigned, so the OS will warn on first launch. Override the warning once and you're set:
- macOS: Right-click the
.app→ Open → confirm. - Windows: More info → Run anyway on the SmartScreen prompt.
No Java install needed — the installers ship a bundled runtime.
| Mode | What happens to your data |
|---|---|
| Desktop app | Files stay on your machine. The only outbound call is the optional GLEIF / OpenFIGI lookup, which sends only the LEIs / ISINs from your file — never the full file. |
| Hosted web app | Files are processed in memory and discarded immediately after the response. Reports live for 5 minutes via a single-use URL, then are deleted. No login, no per-file logging. External validation off by default. |
For confidential fund data, prefer the desktop app.
The validator can be wrong — a false positive, a missing check, a rule that is too strict for a legitimate edge case. Both UIs have a Report a false positive action on a finding that opens a pre-filled GitHub issue in your browser. You review the exact text and submit it yourself; nothing is sent automatically, no account data leaves your machine beyond the GitHub issue you choose to post.
This is the fastest way to get a rule fixed. General bug reports and
feature requests are equally welcome on the
issue tracker
(see CONTRIBUTING.md). Security issues go through
the private process in SECURITY.md instead.
To understand which templates and versions are actually used, the tool records aggregate-only run statistics (template, version, finding counts, a server-derived country code). It never records your files, fund names, ISINs/LEIs, cell or finding content, or your IP address. The raw IP is never stored or logged.
This is on by default and easy to switch off:
- Desktop app: Settings → Statistik → uncheck. The opt-out is persisted per install.
- Self-hosted web app: statistics are inert unless the operator
configures a database (
FINDATEX_WEB_USAGE_DB_URL); the public hosted instance has it enabled. Details and the full schema are indocs/USAGE_STATS.md.
If you want to hear about new releases and template-version updates,
both UIs offer an optional newsletter sign-up. Your e-mail is
forwarded to an external newsletter provider (which handles
double-opt-in, unsubscribe and deletion) and is never stored in this
project's database or logs. Sign-up is entirely opt-in; the form is
only shown when the maintainer has configured a provider. Setup and
GDPR notes: docs/NEWSLETTER.md.
User-facing help — what gets validated, what the profiles mean, how
the GLEIF / OpenFIGI lookup works — is in
HELP.md. It is also
reachable from the Help button in either UI.
INSTALL.md— build from source, package native installers locally, run the web app in dev mode, self-host with Docker, env-var reference.CONTRIBUTING.md— development setup, coding conventions, PR checklist, how to add a new template version.CLAUDE.md— architectural map (module boundaries, validation flow, where each kind of code lives).docs/SPEC_DOWNLOADS.md— operator checklist for acquiring spec XLSX files from FinDatEx.docs/SPEC_INVENTORY.md— auto-maintained list of bundled spec files.docs/DEPLOY_CLOUDRUN.md— Cloud Run hosting: one-time GCP/WIF bootstrap, runbook for rolling out a new release (gh workflow run "Deploy to Cloud Run" -f tag=<version>), rollback, optional custom domain.samples/— per-template scenario fixtures (clean + broken variants).
Found a vulnerability? Please do not open a public issue. See
SECURITY.md and use GitHub's private vulnerability
reporting (Repository → Security → Advisories → Report a
vulnerability). The maintainer will acknowledge within 72 hours.
Created and maintained by Karl Kauc (karl.kauc@gmail.com, github.com/karlkauc). This is a private project — see the disclaimer at the top.
Released under the Apache License 2.0. You may use, modify, and distribute the source under the terms of that license; the patent grant in §3 applies to all contributions.
Bug reports, feature requests, and pull requests are welcome. See
CONTRIBUTING.md for the development setup, coding
conventions, and PR checklist, and
CODE_OF_CONDUCT.md for the community
standards. Security issues should be reported privately via the
process described in SECURITY.md.