Compliance Coverage Gap Analysis (2020–2025)
Overview A review of the compliance pillar catalogue showed no 2020 coverage and sparse treatment of regulator-led mandates in 2021–2022, particularly around supply-chain due diligence, APAC supervisory updates, and Companies House modernisation. To close…
Overview
A review of the compliance pillar catalogue showed no 2020 coverage and sparse treatment of regulator-led mandates in 2021–2022, particularly around supply-chain due diligence, APAC supervisory updates, and Companies House modernisation. To close those gaps, 21 regulator-anchored briefs have been added spanning EU, U.S., UK, Singapore, India, China, Switzerland, Canada, and Germany. Each brief cites the primary statute, directive, or supervisory release so editors can trace coverage directly to the source.
Regulator records now represented
| Year | Regulatory development | Official source |
|---|---|---|
| 2020 | EU Fifth Anti-Money Laundering Directive transposition deadline requiring beneficial ownership access and prepaid card limits | Directive (EU) 2018/843 |
| 2020 | U.S. DOJ Evaluation of Corporate Compliance Programs update emphasising data analytics and third-party lifecycle controls | DOJ memo (June 2020) |
| 2020 | California Consumer Privacy Act enforcement launch with 45-day response timelines | CA DOJ CCPA enforcement |
| 2020 | UK ICO Age Appropriate Design Code (Children’s Code) enforcement on privacy-by-default for minors | ICO Children’s Code |
| 2020 | MAS environmental risk management guidelines for banks covering governance, scenario testing, and disclosures | MAS Guidelines |
| 2021 | U.S. Corporate Transparency Act enactment creating federal beneficial ownership reporting | Public Law 116-283 |
| 2021 | UK PRA Supervisory Statement SS2/21 on outsourcing and third-party risk | PRA SS2/21 |
| 2021 | Germany Supply Chain Due Diligence Act establishing BAFA oversight | BGBl. 2021 I p. 2959 |
| 2021 | SEC approval of Nasdaq Rule 5605(f) board diversity disclosures | SEC Order 34-92590 |
| 2021 | China Data Security Law localisation and security assessment obligations | Data Security Law |
| 2022 | EU Taxonomy climate KPI disclosures via Delegated Regulation (EU) 2021/2178 | Regulation (EU) 2021/2178 |
| 2022 | India CERT-In six-hour incident reporting and KYC directions | CERT-In Directions |
| 2022 | U.S. Uyghur Forced Labor Prevention Act rebuttable presumption | Public Law 117-78 |
| 2022 | UK FCA Consumer Duty (PS22/9) fair value and outcomes oversight | FCA PS22/9 |
| 2022 | FinCEN Beneficial Ownership Information Reporting final rule | 87 FR 59498 |
| 2022 | EU Corporate Sustainability Reporting Directive adoption | Directive (EU) 2022/2464 |
| 2022 | EU Digital Operational Resilience Act publication | Regulation (EU) 2022/2554 |
| 2023 | EU Deforestation Regulation geolocation and customs statements | Regulation (EU) 2023/1115 |
| 2023 | U.S. interagency third-party risk management guidance (SR 23-4 / OCC 2023-17) | Federal Reserve SR 23-4 |
| 2023 | Switzerland revised Federal Act on Data Protection | Fedlex FADP |
| 2023 | UK Economic Crime and Corporate Transparency Act identity verification regime | 2023 c.58 |
Gap closure highlights
- Supply-chain due diligence is now represented across EU and U.S. mandates (Lieferkettengesetz, EU deforestation, UFLPA) so procurement teams can plan risk assessments and customs declarations using regulator-sourced evidence.
- SOX and assurance modernisation is reinforced with PCAOB coverage already in the archive and new CTA/Companies House filings that extend internal-control remediation across legal entities.
- APAC compliance mandates gain depth through MAS environmental and technology risk statements, CERT-In reporting, and China’s Data Security Law, balancing the previously Europe-heavy catalogue.
- Patient protection and investor disclosure gaps identified in Q1 2024 have been addressed with 22 additional briefs spanning the U.S. No Surprises Act, EU SFDR Level 1, MiFID II sustainability preferences, Virginia and Connecticut privacy laws, the EU Foreign Subsidies Regulation, NYDFS Cybersecurity amendments, OSFI Guideline B-13, SEC T+1 settlement, and the FCA anti-greenwashing rule. These fill previously under-covered healthcare, sustainable finance, state privacy, and market-structure mandates.
Newly covered 2020–2025 compliance mandates
| Published | Regulation | Focus |
|---|---|---|
| 29 May 2020 | EBA Guidelines on loan origination and monitoring | Credit governance, ESG due diligence |
| 17 Sep 2020 | CFTC swap data reporting rewrite | Derivatives trade reporting |
| 10 Mar 2021 | EU SFDR Level 1 application | Sustainable finance disclosures |
| 01 Jul 2021 | EU ESEF Inline XBRL | Digital financial reporting |
| 01 Jul 2021 | South Africa POPIA enforcement | Privacy operations |
| 10 Nov 2021 | EU Crowdfunding Regulation | Cross-border platform supervision |
| 15 Nov 2021 | U.S. Infrastructure Act digital asset broker rule | Beneficial ownership & Form 1099 |
| 01 Jan 2022 | U.S. No Surprises Act go-live | Patient billing protections |
| 04 Jan 2022 | UK NSI Act commencement | National security screening |
| 01 Feb 2022 | EU CSDR settlement discipline | Post-trade risk |
| 02 Aug 2022 | MiFID II sustainability preferences | ESG suitability |
| 04 Nov 2022 | SEC Marketing Rule compliance date | Advertising controls |
| 22 Nov 2022 | EBA remote customer onboarding guidelines | Digital KYC |
| 01 Jan 2023 | Virginia Consumer Data Protection Act | State privacy rights |
| 01 Jul 2023 | Connecticut Data Privacy Act | State privacy opt-outs |
| 12 Jul 2023 | EU Foreign Subsidies Regulation | Subsidy screening |
| 22 Sep 2023 | Quebec Law 25 phase two | Privacy impact assessments |
| 01 Nov 2023 | NYDFS Cybersecurity second amendment | Governance & ransomware reporting |
| 01 Jan 2024 | Corporate Transparency Act BOI reporting | Beneficial ownership filings |
| 01 Jan 2024 | OSFI Guideline B-13 effective | Technology & cyber risk |
| 28 May 2024 | SEC T+1 settlement cycle | Trade lifecycle acceleration |
| 31 May 2024 | FCA anti-greenwashing rule | ESG claims assurance |
These additions ensure the compliance pillar archives now span 2020 through 2025 with verified regulator records, meeting editorial coverage goals for backfill and geographic breadth.