Regulatory & Compliance

Occupational Safety and Health Administration

Jurisdiction: USA

Category:  Health & Safety

OSHA’s mission is to “assure safe and healthy working conditions for working men and women by setting and enforcing standards and by providing training, outreach, education and assistance”. The agency is also charged with enforcing a variety of whistleblower statutes and regulations.

Health Insurance Portability and Accountability Act

Jurisdiction: Global

Category:  Health & Safety

Brief description- HIPPA was created primarily to modernize the flow of healthcare information, stipulate how Personally Identifiable Information maintained by the healthcare and healthcare insurance industries should be protected from fraud and theft, and address limitations on healthcare insurance coverage.

European Union General Data Protection Regulation

Jurisdiction: Europe & International

Category:  Data Privacy

The General Data Protection Regulation (EU) (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

Personal Data protection act

Jurisdiction: Singapore

Category:  Data Privacy

The Personal Data Protection Act 2012 (the “Act”) sets out the law on data protection in Singapore. Apart from establishing a general data protection regime, the Act also regulates telemarketing practices. The PDPC publishes a comprehensive set of guidelines. The guidelines provide guidance on how the PDPC interprets the Act. They are advisory in nature and are not legally binding.

Children’s Online Privacy Protection Act

Jurisdiction: USA

Category:  Data Privacy

Brief description- The act applies to the online collection of personal information by persons or entities under U.S. jurisdiction about children under 13 years of age including children outside the U.S., if the company is U.S.-based. It details what a website operator must include in a privacy policy, when and how to seek verifiable consent from a parent or guardian, and what responsibilities an operator must protect children’s privacy and safety online including restrictions on the marketing of those under 13.

Personal Information Protection and Electronic Documents Act)

Jurisdiction: Canada

Category:  Data Privacy

The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian law relating to data privacy. It governs how private sector organizations collect, use and disclose personal information in the course of commercial business. In addition, the Act contains various provisions to facilitate the use of electronic documents. PIPEDA became law on 13 April 2000 to promote consumer trust in electronic commerce.

Jurisdiction: USA

Category:  Finance

The Dodd-Frank Wall Street Reform and Consumer Protection Act is a massive piece of financial reform legislation passed during the Obama administration in 2010 as a response to the financial crisis of 2008. Under Dodd-Frank, the Financial Stability Oversight Council and Orderly Liquidation Authority monitor the financial stability of major financial firms whose failure could have a serious negative impact on the U.S. economy. The law also provides for liquidations or restructurings, established to assist with the dismantling of financial companies that have been placed in receivership and prevent tax dollars from being used to prop up such firms.

Sarbanes-Oxley Act

Jurisdiction: USA

Category:  Finance

The Sarbanes-Oxley Act of 2002 is a law the U.S. Congress passed on July 30 of that year to help protect investors from fraudulent financial reporting by corporations. Also known as the SOX Act of 2002 and the Corporate Responsibility Act of 2002, it mandated strict reforms to existing securities regulations and imposed tough new penalties on lawbreakers.

European Market Infrastructure Regulation

Jurisdiction: Europe

Category:  Finance

The European Market Infrastructure Regulation (EMIR) is a body of legislation for over-the-counter (OTC) derivatives, central counterparties and trade repositories. EMIR was introduced by the European Union (EU) as implementation of the G20 commitment to reduce systemic, counterparty and operational risk, and increase transparency in the OTC derivatives market. It was also designed as a preventative measure to avoid fallout during possible future financial crises similar to the collapse that followed the Lehman Brothers bankruptcy in 2008.

Markets in Financial Instruments Directive

Jurisdiction: Europe

Category:  Finance

The Markets in Financial Instruments Directive (MiFID) is a European regulation that increases the transparency across the European Union’s financial markets and standardizes the regulatory disclosures required for firms operating in the European Union. MiFID implemented new measures, such as pre- and post-trade transparency requirements, and set out the standards of conduct to be followed by financial firms. MiFID has a defined scope that primarily focuses on stocks.

Proceeds of Crime (Money Laundering) and Terrorist Financing Act

Jurisdiction: Canada

Category:  Finance

PCMLTFA combats the laundering of proceeds of crime and the financing of terrorist activities in Canada and was established by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). The aim of this act is to implement specific measures to detect and deter money laundering and the financing of terrorist activities and to facilitate the investigation and prosecution of money laundering offences and terrorist activity financing offences. It also established record keeping and client identification requirements.

Control Objectives for Information and Related Technologies

Jurisdiction: International

Category:  IT Management & Governance

COBIT is a framework created by the ISACA for IT governance and management. It was designed to be a supportive tool for managers—and allows bridging the crucial gap between technical issues, business risks, and control requirements. COBIT is a thoroughly recognized guideline that can be applied to any organization in any industry. Overall, COBIT ensures quality, control, and reliability of information systems in an organization, which is also the most important aspect of every modern business.