Skip to content
RegSpace
Book a demo

Compliance guides

The regulations that touch your business, explained.

What each rule is, who it applies to, the obligations and deadlines, and how RegSpace keeps you ahead of the changes with cited weekly intelligence and policy gap analysis.

EU

DORA

Digital Operational Resilience Act (Regulation (EU) 2022/2554)

DORA (Regulation (EU) 2022/2554) sets a single EU rulebook for ICT risk in the financial sector and has applied since 17 January 2025. Track the obligations, evidence them in living registers, and keep counsel in control.

Read the guide
EU

EU AI Act

EU Artificial Intelligence Act (Regulation (EU) 2024/1689)

The EU AI Act (Regulation (EU) 2024/1689) applies in phases from February 2025 through 2027 and beyond. RegSpace monitors the sources that move, scores your policies against the obligations, and shows the gaps so your counsel can act on draft intelligence, not guesswork.

Read the guide
EU/UK

GDPR

General Data Protection Regulation (EU) 2016/679 and the UK GDPR / Data Protection Act 2018

Stay on top of EU GDPR (2016/679), the UK GDPR and the Data Protection Act 2018, including the Data (Use and Access) Act 2025 changes. RegSpace monitors the regulators, scores your policies against the law, and keeps your RoPA, DPIA and risk registers in one place.

Read the guide
EU

NIS2

NIS2 Directive (Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union)

NIS2 raises the bar for cybersecurity risk management, incident reporting, and management-body accountability across essential and important entities. RegSpace helps your compliance team monitor the law, find policy gaps, and keep the registers that evidence your programme.

Read the guide
US (California)

CCPA / CPRA

California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (CPRA, Proposition 24)

The CCPA, as amended by the CPRA, gives California consumers strong privacy rights and is enforced by the California Privacy Protection Agency and the Attorney General. RegSpace monitors the sources that move, scores your policies against the law, and keeps the registers that evidence your programme, all as draft intelligence for your counsel to review.

Read the guide
UK

DUAA

UK Data (Use and Access) Act 2025

The Data (Use and Access) Act 2025 reforms the UK GDPR, the Data Protection Act 2018 and PECR, with a package commencing 5 February 2026 under SI 2026/82 and the new complaints duty from 19 June 2026. RegSpace monitors the commencement timeline, scores your policies against the new obligations, and hosts s.164A complaints intake, all as draft intelligence for your counsel.

Read the guide
Australia

Australia Privacy Act

Privacy Act 1988 (Cth), as amended by the Privacy and Other Legislation Amendment Act 2024

The Privacy Act 1988 and its 13 Australian Privacy Principles set the rules for APP entities, and the Privacy and Other Legislation Amendment Act 2024 begins a multi-tranche overhaul. RegSpace monitors the OAIC and the reform tranches, scores your policies against the law, and gives your counsel source-linked draft intelligence to act on.

Read the guide