EU Legal Order
The key EU instruments framing the compliance function and their authorities.
Across the European Union, the compliance function is framed by directly applicable regulations and by directives transposed into national law of each Member State.
| Area | EU instrument | Authority |
|---|---|---|
| Data Protection | GDPR — Regulation (EU) 2016/679 | EDPB |
| Cybersecurity | NIS2 — Directive (EU) 2022/2555 | ENISA |
| Digital Operational Resilience | DORA — Regulation (EU) 2022/2554 | ESAs |
| Artificial Intelligence | AI Act — Regulation (EU) 2024/1689 | AI Office |
| Whistleblowing | Directive (EU) 2019/1937 | — |
| Anti-Money Laundering | AML package; Regulation (EU) 2024/1624 | AMLA |
| Sustainability | CSRD — Directive (EU) 2022/2464 | — |
| Pay Transparency | Directive (EU) 2023/970 | — |
More information
The information is indicative; EU instruments and their national transposition evolve and should be confirmed with the competent authorities.