Compliance Hub

DORA

Digital Operational Resilience Act (DORA): A Comprehensive Guide to Compliance

The Digital Operational Resilience Act (DORA) is a European Union regulation designed to strengthen the IT security of financial entities and ensure the financial sector remains resilient during severe operational disruptions. DORA applies to a wide range of financial entities and ICT third-party service providers. It aims to harmonize digital

NIS2

Navigating NIS2: A Comprehensive Guide to the EU's Cybersecurity Directive

The NIS2 Directive [(EU) 2022/2555] is a legislative framework designed to enhance cybersecurity across the European Union by establishing a high common level of security for network and information systems. It builds upon the original NIS Directive, expanding its scope and strengthening requirements to address evolving cyber threats. Member

AI compliance

The Role of Internal Audit in Responsible AI and AI Act Compliance

Introduction As Artificial Intelligence (AI) becomes increasingly integrated into organizations, the need for responsible AI practices and compliance with regulations like the AI Act is growing. Internal audit (IA) departments can play a crucial role in guiding organizations toward responsible AI implementation and ensuring compliance. The AI Safety Report The

right to repair

The Tractor Tech Tug-of-War: Farmers, Manufacturers, and the Right to Repair

Introduction Modern agriculture is increasingly reliant on advanced technology. From GPS-guided autosteering to sophisticated onboard computers, today's farm equipment is a far cry from the tractors of the past. This technological revolution, however, has sparked a significant conflict between farmers and manufacturers over the right to repair. Farmers

LGPD

Breaches and Fines under Brazil’s Lei Geral de Proteção de Dados (LGPD)

LGPD Enforcement Landscape The Brazilian National Data Protection Authority (ANPD) has escalated enforcement of the LGPD since 2023, issuing warnings, fines, and operational restrictions. Key penalties include: * Fines: Up to 2% of a company’s Brazilian revenue (capped at BRL 50 million (~$10 million) per violation). * Non-monetary sanctions: Public disclosure

US regulations

Decoupling America’s Artificial Intelligence Capabilities from China Act

The recent introduction of Senator Josh Hawley's "Decoupling America’s Artificial Intelligence Capabilities from China Act" marks a pivotal moment in U.S.-China tech relations, following seismic market disruptions caused by Chinese AI firm DeepSeek. The legislation seeks to sever all collaborative AI development ties

Trump’s Cybersecurity Nominees: Overhaul, Ideology, and the Battle for Critical Infrastructure in 2025

How Noem, Patel, Ratcliffe, and Gabbard aim to reshape federal cyber policy—and the risks of deregulation amid rising threats.ShareRewrite Kristi Noem's appointment as Secretary of Homeland Security has sparked significant debate about the future of the Cybersecurity and Infrastructure Security Agency (CISA), with implications for state

EU AI Act

EU Bans Risky AI Systems

The European Union's Artificial Intelligence Act (EU AI Act), enacted on February 2, 2025, represents a watershed moment in global AI governance. As the world’s first comprehensive regulatory framework for artificial intelligence, it establishes stringent prohibitions on high-risk applications while aiming to foster innovation and protect fundamental