Regulatory compliance: by regulation

Navigating the regulatory compliance landscape can be overwhelming and challenging.

With ever-changing guidelines and new regulations being introduced, it can feel like hitting a moving target.

As an ethics and compliance practitioner, it’s your responsibility to keep your organization on the right side of the law. From the FCPA to SOX and the U.K. Bribery Act, there are numerous regulations to consider. Not to mention the fast-moving legislation protecting privacy and consumer rights across the US.

At NAVEX, we understand the complexities of regulatory compliance and are here to help. Here you’ll find regulatory compliance requirements and recommendations for some of the most impactful legislation worldwide.

GDPR

Meet the General Data Protection Regulation’s requirements for data privacy, security and governance.

FCPA

Identify, track and manage risks and liabilities associated with Foreign Corrupt Practices Act (FCPA) requirements.

SOX

Ensure you have security measures in place to meet the data protection requirements of the Sarbanes-Oxley Act and proof of compliance in the event of a SOX audit.

HIPAA

We help healthcare providers meet the stringent privacy and security requirements of the Health Insurance Portability and Accountability Act (HIPAA).

CPRA

We help companies that are subject to the CPRA comply with the data privacy law by creating mechanisms that allow California residents to exercise those rights.

OSHA

Compliance with the wide scope of OSHA regulations is complex. Let us help you with a systematic approach.

PCI DSS

We can help you systematize the increasingly complex, high-stakes process of financial data privacy.

DOJ Corporate Guidance

We help compliance professionals address the new DOJ Guidance on corporate compliance programs.

ISO 27001

We enable a more efficient, more effective ISO 27001 program and allow you to continuously monitor and evolve your organization’s ISMS.

NERC CIP

NERC CIP requirements control cyber assets and infrastructure, such as electronic security perimeters, as well as physical assets. Our platform simplifies NERC CIP compliance.

NIST CSF

This risk-based cybersecurity framework is used internationally to provide a common language and foundation for managing cybersecurity risk.

NYDFS

New York financial services firms must comply with 23 NYCRR 500, a regulation from the New York Department of Financial Services (NYDFS) that places cybersecurity requirements on all covered NY financial institutions.

EU Whistleblower Directive

Ensure your anonymous whistleblowing system and processes meet the new EU Whistleblower Protection Directive.

UK Modern Slavery Act

Meet the stringent transparency requirements of the UK Modern Slavery Act.

UK Bribery Act

Meet UK Bribery Act requirements and avoid the risk and reputational damage that can come with non-compliance.

Sapin II

Build an Anti-Bribery and Corruption Program that aligns with the French anti-corruption and whistleblower protection law, Sapin II.

German Supply Chain Act

Address complex requirements across supply chains to ensure a unified protection of human rights.

California Workplace Violence Prevention Act (SB 553)

Starting July 1 2024, any company headquartered in California – or with a location in California employing 10 or more people – must comply with these new requirements.