Expanding regulatory expectations are one of the few certainties in today’s world.
The European Union continues to introduce new regulatory frameworks, with the Digital Operational Resilience Act (DORA) marking the latest regulatory push from Brussels. This comes on top of other, wide-ranging legislation, from the General Data Protection Regulation (GDPR) to the various guidelines published by the European Banking Authority (EBA), constantly adding to the single rulebook.
At the same time, national regulatory bodies often add a little spice to these regulations. In Germany, BaFin has added to the regulatory landscape with minimal requirements for risk management (MaRisk). And so have other national regulatory bodies from the UK (FCA/PRA) to Singapore (MAS).
Our job is to make sure that corporate compliance walks in lockstep with these changes and that information security management systems and internal control systems are kept in line with regulatory expectations. With our excellent political connections, we often understand well before any new law enters into effect what directions regulatory trends will take. This includes emerging frameworks for artificial intelligence, such as the EU AI Act, as well as the complex compliance demands presented by decentralised finance (DeFi), helping clients maintain robust, future-proof controls in an ever-evolving regulatory landscape.
