Regulatory Sandbox

Compliance

Adherence to laws, regulations, guidelines, and specifications relevant to an organisation's business.

Regulatory Technology

Technology solutions designed to help companies comply with regulations efficiently and cost-effectively.

Data Privacy

The proper handling of personal data including collection, storage, processing, and sharing in compliance with regulations.

Data Protection Officer

An individual responsible for overseeing an organisation's data protection strategy and regulatory compliance.

Control Framework

A structured set of controls and processes designed to manage risk and ensure compliance with regulations.

Sanctions Screening

The process of checking individuals and entities against government-issued lists of sanctioned parties.

Incident Reporting

The formal process of documenting and communicating security incidents, breaches, or compliance violations.

EU AI Act

The European Union's comprehensive legislation establishing rules for the development and use of AI systems based on risk levels.

Compliance as Code

The practice of expressing regulatory and security compliance requirements as machine-readable policies that can be automatically validated against infrastructure and application configurations.

Continuous Compliance

An automated approach to maintaining regulatory compliance through real-time monitoring, policy enforcement, and evidence collection integrated into development and operations pipelines.

AI Audit

An independent assessment of an AI system's compliance with regulatory requirements, ethical standards, and organisational policies, examining data, models, outputs, and governance.

The system of policies, rules, and processes by which activities are directed, controlled, and managed.

The process of identifying, assessing, and controlling threats to an organisation's capital and operations.

The risk of loss resulting from inadequate or failed internal processes, people, systems, or external events.

A systematic evaluation of the potential social, economic, and civil rights impacts of an automated decision-making system before and after deployment.

Evaluating the potential risks of engaging with a vendor including security, financial, and operational concerns.

The international standard for AI management systems that specifies requirements for establishing, implementing, maintaining, and improving AI governance within organisations.

A set of principles, guidelines, and processes that an organisation adopts to ensure its AI systems are developed and deployed in a manner that is fair, transparent, and accountable.

A process required under GDPR for assessing the risks of personal data processing activities and identifying measures to mitigate those risks before implementation.