Compliance Coverage¶
EU AMLD 5/6¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
Article 13 |
Customer due diligence | aml.address_verification, aml.kyc_basic_cdd, aml.minimum_age, aml.ubo_identification | OK | aml.address_verification: OK policies/aml/address_verification/policy.rego, OK policies/aml/address_verification/policy_test.rego; aml.kyc_basic_cdd: OK policies/aml/kyc_basic_cdd/policy.rego, OK policies/aml/kyc_basic_cdd/policy_test.rego; aml.minimum_age: OK policies/aml/minimum_age/policy.rego, OK policies/aml/minimum_age/policy_test.rego; aml.ubo_identification: OK policies/aml/ubo_identification/policy.rego, OK policies/aml/ubo_identification/policy_test.rego |
Article 18 |
Enhanced due diligence | aml.high_risk_country_edd, aml.sanctions_check | OK | aml.high_risk_country_edd: OK policies/aml/high_risk_country_edd/policy.rego, OK policies/aml/high_risk_country_edd/policy_test.rego; aml.sanctions_check: OK policies/aml/sanctions_check/policy.rego, OK policies/aml/sanctions_check/policy_test.rego |
Article 20 |
PEP | aml.pep_screening_required | OK | aml.pep_screening_required: OK policies/aml/pep_screening_required/policy.rego, OK policies/aml/pep_screening_required/policy_test.rego |
Article 33 |
Transaction monitoring | aml.txn_monitoring_thresholds | OK | aml.txn_monitoring_thresholds: OK policies/aml/txn_monitoring_thresholds/policy.rego, OK policies/aml/txn_monitoring_thresholds/policy_test.rego |
Coverage: 8/8 (100%)
Betting (multi-jurisdiction) current¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
1. Operator Controls |
Licensing, KYC and Core Controls | betting.adr_provider_listed_uk, betting.affordability_checks_uk, betting.complaints_process_published, betting.kyc_onboarding, betting.kyc_on_withdrawal, betting.license_check_adm_it, betting.license_check_anj_fr, betting.license_check_au_nt, betting.license_check_brazil_14790, betting.license_check_ca_on_igaming, betting.license_check_coljuegos_co, betting.license_check_dgoj_es, betting.license_check_ggl_de, betting.license_check_gra_sg, betting.license_check_ksa_nl, betting.license_check_mga, betting.license_check_spelinspektionen_se, betting.license_check_spillemyndigheden_dk, betting.license_check_ukgc, betting.license_check_us_co_division, betting.license_check_us_nj_dge, betting.license_check_us_nv_ngcb, betting.license_check_us_pa_pgcb, betting.player_funds_segregation, betting.source_of_funds_checks, betting.source_of_funds_thresholds, betting.license_check_agco_on | OK | betting.adr_provider_listed_uk: OK policies/betting/adr_provider_listed_uk/policy.rego, OK policies/betting/adr_provider_listed_uk/policy_test.rego; betting.affordability_checks_uk: OK policies/betting/affordability_checks_uk/policy.rego, OK policies/betting/affordability_checks_uk/policy_test.rego; betting.complaints_process_published: OK policies/betting/complaints_process_published/policy.rego, OK policies/betting/complaints_process_published/policy_test.rego; betting.kyc_onboarding: OK policies/betting/kyc_onboarding/policy.rego, OK policies/betting/kyc_onboarding/policy_test.rego; betting.kyc_on_withdrawal: OK policies/betting/kyc_on_withdrawal/policy.rego, OK policies/betting/kyc_on_withdrawal/policy_test.rego; betting.license_check_adm_it: OK policies/betting/license_check_adm_it/policy.rego, OK policies/betting/license_check_adm_it/policy_test.rego; betting.license_check_anj_fr: OK policies/betting/license_check_anj_fr/policy.rego, OK policies/betting/license_check_anj_fr/policy_test.rego; betting.license_check_au_nt: OK policies/betting/license_check_au_nt/policy.rego, OK policies/betting/license_check_au_nt/policy_test.rego; betting.license_check_brazil_14790: OK policies/betting/license_check_brazil_14790/policy.rego, OK policies/betting/license_check_brazil_14790/policy_test.rego; betting.license_check_ca_on_igaming: OK policies/betting/license_check_ca_on_igaming/policy.rego, OK policies/betting/license_check_ca_on_igaming/policy_test.rego; betting.license_check_coljuegos_co: OK policies/betting/license_check_coljuegos_co/policy.rego, OK policies/betting/license_check_coljuegos_co/policy_test.rego; betting.license_check_dgoj_es: OK policies/betting/license_check_dgoj_es/policy.rego, OK policies/betting/license_check_dgoj_es/policy_test.rego; betting.license_check_ggl_de: OK policies/betting/license_check_ggl_de/policy.rego, OK policies/betting/license_check_ggl_de/policy_test.rego; betting.license_check_gra_sg: OK policies/betting/license_check_gra_sg/policy.rego, OK policies/betting/license_check_gra_sg/policy_test.rego; betting.license_check_ksa_nl: OK policies/betting/license_check_ksa_nl/policy.rego, OK policies/betting/license_check_ksa_nl/policy_test.rego; betting.license_check_mga: OK policies/betting/license_check_mga/policy.rego, OK policies/betting/license_check_mga/policy_test.rego; betting.license_check_spelinspektionen_se: OK policies/betting/license_check_spelinspektionen_se/policy.rego, OK policies/betting/license_check_spelinspektionen_se/policy_test.rego; betting.license_check_spillemyndigheden_dk: OK policies/betting/license_check_spillemyndigheden_dk/policy.rego, OK policies/betting/license_check_spillemyndigheden_dk/policy_test.rego; betting.license_check_ukgc: OK policies/betting/license_check_ukgc/policy.rego, OK policies/betting/license_check_ukgc/policy_test.rego; betting.license_check_us_co_division: OK policies/betting/license_check_us_co_division/policy.rego, OK policies/betting/license_check_us_co_division/policy_test.rego; betting.license_check_us_nj_dge: OK policies/betting/license_check_us_nj_dge/policy.rego, OK policies/betting/license_check_us_nj_dge/policy_test.rego; betting.license_check_us_nv_ngcb: OK policies/betting/license_check_us_nv_ngcb/policy.rego, OK policies/betting/license_check_us_nv_ngcb/policy_test.rego; betting.license_check_us_pa_pgcb: OK policies/betting/license_check_us_pa_pgcb/policy.rego, OK policies/betting/license_check_us_pa_pgcb/policy_test.rego; betting.player_funds_segregation: OK policies/betting/player_funds_segregation/policy.rego, OK policies/betting/player_funds_segregation/policy_test.rego; betting.source_of_funds_checks: OK policies/betting/source_of_funds_checks/policy.rego, OK policies/betting/source_of_funds_checks/policy_test.rego; betting.source_of_funds_thresholds: OK policies/betting/source_of_funds_thresholds/policy.rego, OK policies/betting/source_of_funds_thresholds/policy_test.rego; betting.license_check_agco_on: OK policies/betting/license_check_agco_on/policy.rego, OK policies/betting/license_check_agco_on/policy_test.rego |
2. Market Integrity |
Integrity, Data, and Youth Protection | betting.ads_bonus_terms_fair_clear, betting.ads_no_minors_targeting, betting.age_verification_before_gambling_uk, betting.credit_card_gambling_ban_uk, betting.data_integrity_audits, betting.game_rules_visible_before_play, betting.geofencing_regulated_markets, betting.in_play_delay_controls, betting.market_restrictions_youth, betting.match_fixing_monitoring, betting.no_bets_by_participants, betting.official_data_only, betting.reverse_withdrawal_ban_uk, betting.rng_certification_gli11, betting.rtp_disclosure_to_players, betting.suspicious_betting_reporting_uk, betting.slots_min_spin_speed_uk, betting.slots_no_autoplay_uk, betting.slots_no_losses_disguised_as_wins | OK | betting.ads_bonus_terms_fair_clear: OK policies/betting/ads_bonus_terms_fair_clear/policy.rego, OK policies/betting/ads_bonus_terms_fair_clear/policy_test.rego; betting.ads_no_minors_targeting: OK policies/betting/ads_no_minors_targeting/policy.rego, OK policies/betting/ads_no_minors_targeting/policy_test.rego; betting.age_verification_before_gambling_uk: OK policies/betting/age_verification_before_gambling_uk/policy.rego, OK policies/betting/age_verification_before_gambling_uk/policy_test.rego; betting.credit_card_gambling_ban_uk: OK policies/betting/credit_card_gambling_ban_uk/policy.rego, OK policies/betting/credit_card_gambling_ban_uk/policy_test.rego; betting.data_integrity_audits: OK policies/betting/data_integrity_audits/policy.rego, OK policies/betting/data_integrity_audits/policy_test.rego; betting.game_rules_visible_before_play: OK policies/betting/game_rules_visible_before_play/policy.rego, OK policies/betting/game_rules_visible_before_play/policy_test.rego; betting.geofencing_regulated_markets: OK policies/betting/geofencing_regulated_markets/policy.rego, OK policies/betting/geofencing_regulated_markets/policy_test.rego; betting.in_play_delay_controls: OK policies/betting/in_play_delay_controls/policy.rego, OK policies/betting/in_play_delay_controls/policy_test.rego; betting.market_restrictions_youth: OK policies/betting/market_restrictions_youth/policy.rego, OK policies/betting/market_restrictions_youth/policy_test.rego; betting.match_fixing_monitoring: OK policies/betting/match_fixing_monitoring/policy.rego, OK policies/betting/match_fixing_monitoring/policy_test.rego; betting.no_bets_by_participants: OK policies/betting/no_bets_by_participants/policy.rego, OK policies/betting/no_bets_by_participants/policy_test.rego; betting.official_data_only: OK policies/betting/official_data_only/policy.rego, OK policies/betting/official_data_only/policy_test.rego; betting.reverse_withdrawal_ban_uk: OK policies/betting/reverse_withdrawal_ban_uk/policy.rego, OK policies/betting/reverse_withdrawal_ban_uk/policy_test.rego; betting.rng_certification_gli11: OK policies/betting/rng_certification_gli11/policy.rego, OK policies/betting/rng_certification_gli11/policy_test.rego; betting.rtp_disclosure_to_players: OK policies/betting/rtp_disclosure_to_players/policy.rego, OK policies/betting/rtp_disclosure_to_players/policy_test.rego; betting.suspicious_betting_reporting_uk: OK policies/betting/suspicious_betting_reporting_uk/policy.rego, OK policies/betting/suspicious_betting_reporting_uk/policy_test.rego; betting.slots_min_spin_speed_uk: OK policies/betting/slots_min_spin_speed_uk/policy.rego, OK policies/betting/slots_min_spin_speed_uk/policy_test.rego; betting.slots_no_autoplay_uk: OK policies/betting/slots_no_autoplay_uk/policy.rego, OK policies/betting/slots_no_autoplay_uk/policy_test.rego; betting.slots_no_losses_disguised_as_wins: OK policies/betting/slots_no_losses_disguised_as_wins/policy.rego, OK policies/betting/slots_no_losses_disguised_as_wins/policy_test.rego |
3. AML Monitoring |
Ongoing Monitoring & Anomalies | betting.aml_high_risk_country_restrictions, betting.aml_sar_reporting_uk, betting.ongoing_aml_monitoring, betting.sanctions_screening_global, betting.txn_monitoring_anomalies | OK | betting.aml_high_risk_country_restrictions: OK policies/betting/aml_high_risk_country_restrictions/policy.rego, OK policies/betting/aml_high_risk_country_restrictions/policy_test.rego; betting.aml_sar_reporting_uk: OK policies/betting/aml_sar_reporting_uk/policy.rego, OK policies/betting/aml_sar_reporting_uk/policy_test.rego; betting.ongoing_aml_monitoring: OK policies/betting/ongoing_aml_monitoring/policy.rego, OK policies/betting/ongoing_aml_monitoring/policy_test.rego; betting.sanctions_screening_global: OK policies/betting/sanctions_screening_global/policy.rego, OK policies/betting/sanctions_screening_global/policy_test.rego; betting.txn_monitoring_anomalies: OK policies/betting/txn_monitoring_anomalies/policy.rego, OK policies/betting/txn_monitoring_anomalies/policy_test.rego |
4. Player Protection & Limits |
Player Protection & Limits | betting.deposit_limit_controls, betting.loss_limit_controls, betting.reality_checks_elapsed_time, betting.safer_gambling_interactions, betting.self_exclusion_de_oasis, betting.self_exclusion_dk_rofus, betting.self_exclusion_es_rgiaj, betting.self_exclusion_nl_cruks, betting.self_exclusion_se_spelpaus, betting.self_exclusion_uk_gamstop, betting.session_time_limits_controls, betting.self_exclusion_on_igaming, betting.au_iga_no_prohibited_services | OK | betting.deposit_limit_controls: OK policies/betting/deposit_limit_controls/policy.rego, OK policies/betting/deposit_limit_controls/policy_test.rego; betting.loss_limit_controls: OK policies/betting/loss_limit_controls/policy.rego, OK policies/betting/loss_limit_controls/policy_test.rego; betting.reality_checks_elapsed_time: OK policies/betting/reality_checks_elapsed_time/policy.rego, OK policies/betting/reality_checks_elapsed_time/policy_test.rego; betting.safer_gambling_interactions: OK policies/betting/safer_gambling_interactions/policy.rego, OK policies/betting/safer_gambling_interactions/policy_test.rego; betting.self_exclusion_de_oasis: OK policies/betting/self_exclusion_de_oasis/policy.rego, OK policies/betting/self_exclusion_de_oasis/policy_test.rego; betting.self_exclusion_dk_rofus: OK policies/betting/self_exclusion_dk_rofus/policy.rego, OK policies/betting/self_exclusion_dk_rofus/policy_test.rego; betting.self_exclusion_es_rgiaj: OK policies/betting/self_exclusion_es_rgiaj/policy.rego, OK policies/betting/self_exclusion_es_rgiaj/policy_test.rego; betting.self_exclusion_nl_cruks: OK policies/betting/self_exclusion_nl_cruks/policy.rego, OK policies/betting/self_exclusion_nl_cruks/policy_test.rego; betting.self_exclusion_se_spelpaus: OK policies/betting/self_exclusion_se_spelpaus/policy.rego, OK policies/betting/self_exclusion_se_spelpaus/policy_test.rego; betting.self_exclusion_uk_gamstop: OK policies/betting/self_exclusion_uk_gamstop/policy.rego, OK policies/betting/self_exclusion_uk_gamstop/policy_test.rego; betting.session_time_limits_controls: OK policies/betting/session_time_limits_controls/policy.rego, OK policies/betting/session_time_limits_controls/policy_test.rego; betting.self_exclusion_on_igaming: OK policies/betting/self_exclusion_on_igaming/policy.rego, OK policies/betting/self_exclusion_on_igaming/policy_test.rego; betting.au_iga_no_prohibited_services: OK policies/betting/au_iga_no_prohibited_services/policy.rego, OK policies/betting/au_iga_no_prohibited_services/policy_test.rego |
Coverage: 64/64 (100%)
EdTech (multi-jurisdiction) current¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
US Federal |
US Federal Student Privacy | edtech.coppa_data_minimization, edtech.coppa_delete_on_parent_request, edtech.coppa_parental_consent_under_13, edtech.ferpa_consent_or_exception_for_disclosure, edtech.ferpa_directory_info_optout_respected, edtech.ferpa_parent_access_rights, edtech.ppra_parental_consent_sensitive_surveys | OK | edtech.coppa_data_minimization: OK policies/edtech/coppa_data_minimization/policy.rego, OK policies/edtech/coppa_data_minimization/policy_test.rego; edtech.coppa_delete_on_parent_request: OK policies/edtech/coppa_delete_on_parent_request/policy.rego, OK policies/edtech/coppa_delete_on_parent_request/policy_test.rego; edtech.coppa_parental_consent_under_13: OK policies/edtech/coppa_parental_consent_under_13/policy.rego, OK policies/edtech/coppa_parental_consent_under_13/policy_test.rego; edtech.ferpa_consent_or_exception_for_disclosure: OK policies/edtech/ferpa_consent_or_exception_for_disclosure/policy.rego, OK policies/edtech/ferpa_consent_or_exception_for_disclosure/policy_test.rego; edtech.ferpa_directory_info_optout_respected: OK policies/edtech/ferpa_directory_info_optout_respected/policy.rego, OK policies/edtech/ferpa_directory_info_optout_respected/policy_test.rego; edtech.ferpa_parent_access_rights: OK policies/edtech/ferpa_parent_access_rights/policy.rego, OK policies/edtech/ferpa_parent_access_rights/policy_test.rego; edtech.ppra_parental_consent_sensitive_surveys: OK policies/edtech/ppra_parental_consent_sensitive_surveys/policy.rego, OK policies/edtech/ppra_parental_consent_sensitive_surveys/policy_test.rego |
US States |
US State-Level Laws | edtech.ca_sopipa_no_sale_of_student_data, edtech.ca_sopipa_no_targeted_advertising, edtech.co_student_data_transparency, edtech.ct_student_data_privacy, edtech.il_soppa_breach_notification, edtech.ny_edlaw2d_encryption_and_contracts | OK | edtech.ca_sopipa_no_sale_of_student_data: OK policies/edtech/ca_sopipa_no_sale_of_student_data/policy.rego, OK policies/edtech/ca_sopipa_no_sale_of_student_data/policy_test.rego; edtech.ca_sopipa_no_targeted_advertising: OK policies/edtech/ca_sopipa_no_targeted_advertising/policy.rego, OK policies/edtech/ca_sopipa_no_targeted_advertising/policy_test.rego; edtech.co_student_data_transparency: OK policies/edtech/co_student_data_transparency/policy.rego, OK policies/edtech/co_student_data_transparency/policy_test.rego; edtech.ct_student_data_privacy: OK policies/edtech/ct_student_data_privacy/policy.rego, OK policies/edtech/ct_student_data_privacy/policy_test.rego; edtech.il_soppa_breach_notification: OK policies/edtech/il_soppa_breach_notification/policy.rego, OK policies/edtech/il_soppa_breach_notification/policy_test.rego; edtech.ny_edlaw2d_encryption_and_contracts: OK policies/edtech/ny_edlaw2d_encryption_and_contracts/policy.rego, OK policies/edtech/ny_edlaw2d_encryption_and_contracts/policy_test.rego |
International |
International and Non-US Regulations | edtech.au_app_11_security_edtech, edtech.au_app_5_notice_edtech, edtech.au_ndb_breach_notification_edtech, edtech.br_lgpd_children_consent_best_interest, edtech.ca_pipeda_consent_edtech, edtech.eu_dpia_high_risk_edtech, edtech.eu_eprivacy_cookie_consent_edtech, edtech.eu_gdpr_minors_consent_education, edtech.eu_scc_transfers_edplatform, edtech.in_dpdpa_children_verifiable_consent, edtech.kr_pipa_guardian_consent_under_14, edtech.nz_notice_at_collection_edtech, edtech.uk_aadc_privacy_by_default, edtech.uk_aadc_profiling_and_geolocation_off | OK | edtech.au_app_11_security_edtech: OK policies/edtech/au_app_11_security_edtech/policy.rego, OK policies/edtech/au_app_11_security_edtech/policy_test.rego; edtech.au_app_5_notice_edtech: OK policies/edtech/au_app_5_notice_edtech/policy.rego, OK policies/edtech/au_app_5_notice_edtech/policy_test.rego; edtech.au_ndb_breach_notification_edtech: OK policies/edtech/au_ndb_breach_notification_edtech/policy.rego, OK policies/edtech/au_ndb_breach_notification_edtech/policy_test.rego; edtech.br_lgpd_children_consent_best_interest: OK policies/edtech/br_lgpd_children_consent_best_interest/policy.rego, OK policies/edtech/br_lgpd_children_consent_best_interest/policy_test.rego; edtech.ca_pipeda_consent_edtech: OK policies/edtech/ca_pipeda_consent_edtech/policy.rego, OK policies/edtech/ca_pipeda_consent_edtech/policy_test.rego; edtech.eu_dpia_high_risk_edtech: OK policies/edtech/eu_dpia_high_risk_edtech/policy.rego, OK policies/edtech/eu_dpia_high_risk_edtech/policy_test.rego; edtech.eu_eprivacy_cookie_consent_edtech: OK policies/edtech/eu_eprivacy_cookie_consent_edtech/policy.rego, OK policies/edtech/eu_eprivacy_cookie_consent_edtech/policy_test.rego; edtech.eu_gdpr_minors_consent_education: OK policies/edtech/eu_gdpr_minors_consent_education/policy.rego, OK policies/edtech/eu_gdpr_minors_consent_education/policy_test.rego; edtech.eu_scc_transfers_edplatform: OK policies/edtech/eu_scc_transfers_edplatform/policy.rego, OK policies/edtech/eu_scc_transfers_edplatform/policy_test.rego; edtech.in_dpdpa_children_verifiable_consent: OK policies/edtech/in_dpdpa_children_verifiable_consent/policy.rego, OK policies/edtech/in_dpdpa_children_verifiable_consent/policy_test.rego; edtech.kr_pipa_guardian_consent_under_14: OK policies/edtech/kr_pipa_guardian_consent_under_14/policy.rego, OK policies/edtech/kr_pipa_guardian_consent_under_14/policy_test.rego; edtech.nz_notice_at_collection_edtech: OK policies/edtech/nz_notice_at_collection_edtech/policy.rego, OK policies/edtech/nz_notice_at_collection_edtech/policy_test.rego; edtech.uk_aadc_privacy_by_default: OK policies/edtech/uk_aadc_privacy_by_default/policy.rego, OK policies/edtech/uk_aadc_privacy_by_default/policy_test.rego; edtech.uk_aadc_profiling_and_geolocation_off: OK policies/edtech/uk_aadc_profiling_and_geolocation_off/policy.rego, OK policies/edtech/uk_aadc_profiling_and_geolocation_off/policy_test.rego |
Security & Ops |
Security and Operational Baseline | edtech.edtech_access_least_privilege, edtech.edtech_audit_logs_student_record_access, edtech.edtech_encryption_at_rest, edtech.edtech_encryption_in_transit, edtech.edtech_retention_after_course_completion | OK | edtech.edtech_access_least_privilege: OK policies/edtech/edtech_access_least_privilege/policy.rego, OK policies/edtech/edtech_access_least_privilege/policy_test.rego; edtech.edtech_audit_logs_student_record_access: OK policies/edtech/edtech_audit_logs_student_record_access/policy.rego, OK policies/edtech/edtech_audit_logs_student_record_access/policy_test.rego; edtech.edtech_encryption_at_rest: OK policies/edtech/edtech_encryption_at_rest/policy.rego, OK policies/edtech/edtech_encryption_at_rest/policy_test.rego; edtech.edtech_encryption_in_transit: OK policies/edtech/edtech_encryption_in_transit/policy.rego, OK policies/edtech/edtech_encryption_in_transit/policy_test.rego; edtech.edtech_retention_after_course_completion: OK policies/edtech/edtech_retention_after_course_completion/policy.rego, OK policies/edtech/edtech_retention_after_course_completion/policy_test.rego |
Coverage: 32/32 (100%)
PSD2 2015/2366¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
SCA |
Strong Customer Authentication | fintech.psd2_sca | OK | fintech.psd2_sca: OK policies/fintech/psd2_sca/policy.rego, OK policies/fintech/psd2_sca/policy_test.rego |
Coverage: 1/1 (100%)
RBI eKYC placeholder¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
High-risk eKYC |
High-risk eKYC controls required | fintech.rbi_ekyc_risk | OK | fintech.rbi_ekyc_risk: OK policies/fintech/rbi_ekyc_risk/policy.rego, OK policies/fintech/rbi_ekyc_risk/policy_test.rego |
Coverage: 1/1 (100%)
Fintech Max 2025-08-17¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
AML/KYC Core |
Screening, risk, monitoring | fintech.aml_account_freeze_on_hit, fintech.aml_adverse_media_screening, fintech.aml_customer_risk_tiering, fintech.aml_duplicate_account_detection, fintech.aml_geolocation_restrictions, fintech.aml_ongoing_monitoring, fintech.aml_pep_screening, fintech.aml_risk_scoring_model, fintech.aml_sanctions_rescreening_frequency, fintech.aml_sanctions_screening, fintech.aml_transaction_velocity_limits, fintech.aml_unusual_activity_alerting, fintech.aml_watchlist_management, fintech.aml_pep_periodic_review, fintech.aml_manual_review_queue | OK | fintech.aml_account_freeze_on_hit: OK policies/fintech/aml_account_freeze_on_hit/policy.rego, OK policies/fintech/aml_account_freeze_on_hit/policy_test.rego; fintech.aml_adverse_media_screening: OK policies/fintech/aml_adverse_media_screening/policy.rego, OK policies/fintech/aml_adverse_media_screening/policy_test.rego; fintech.aml_customer_risk_tiering: OK policies/fintech/aml_customer_risk_tiering/policy.rego, OK policies/fintech/aml_customer_risk_tiering/policy_test.rego; fintech.aml_duplicate_account_detection: OK policies/fintech/aml_duplicate_account_detection/policy.rego, OK policies/fintech/aml_duplicate_account_detection/policy_test.rego; fintech.aml_geolocation_restrictions: OK policies/fintech/aml_geolocation_restrictions/policy.rego, OK policies/fintech/aml_geolocation_restrictions/policy_test.rego; fintech.aml_ongoing_monitoring: OK policies/fintech/aml_ongoing_monitoring/policy.rego, OK policies/fintech/aml_ongoing_monitoring/policy_test.rego; fintech.aml_pep_screening: OK policies/fintech/aml_pep_screening/policy.rego, OK policies/fintech/aml_pep_screening/policy_test.rego; fintech.aml_risk_scoring_model: OK policies/fintech/aml_risk_scoring_model/policy.rego, OK policies/fintech/aml_risk_scoring_model/policy_test.rego; fintech.aml_sanctions_rescreening_frequency: OK policies/fintech/aml_sanctions_rescreening_frequency/policy.rego, OK policies/fintech/aml_sanctions_rescreening_frequency/policy_test.rego; fintech.aml_sanctions_screening: OK policies/fintech/aml_sanctions_screening/policy.rego, OK policies/fintech/aml_sanctions_screening/policy_test.rego; fintech.aml_transaction_velocity_limits: OK policies/fintech/aml_transaction_velocity_limits/policy.rego, OK policies/fintech/aml_transaction_velocity_limits/policy_test.rego; fintech.aml_unusual_activity_alerting: OK policies/fintech/aml_unusual_activity_alerting/policy.rego, OK policies/fintech/aml_unusual_activity_alerting/policy_test.rego; fintech.aml_watchlist_management: OK policies/fintech/aml_watchlist_management/policy.rego, OK policies/fintech/aml_watchlist_management/policy_test.rego; fintech.aml_pep_periodic_review: OK policies/fintech/aml_pep_periodic_review/policy.rego, OK policies/fintech/aml_pep_periodic_review/policy_test.rego; fintech.aml_manual_review_queue: OK policies/fintech/aml_manual_review_queue/policy.rego, OK policies/fintech/aml_manual_review_queue/policy_test.rego |
KYC Process |
Identity verification & lifecycle | fintech.kyc_biometric_liveness, fintech.kyc_document_verification, fintech.kyc_reverification_schedule, fintech.kyc_source_of_funds, fintech.kyc_source_of_wealth | OK | fintech.kyc_biometric_liveness: OK policies/fintech/kyc_biometric_liveness/policy.rego, OK policies/fintech/kyc_biometric_liveness/policy_test.rego; fintech.kyc_document_verification: OK policies/fintech/kyc_document_verification/policy.rego, OK policies/fintech/kyc_document_verification/policy_test.rego; fintech.kyc_reverification_schedule: OK policies/fintech/kyc_reverification_schedule/policy.rego, OK policies/fintech/kyc_reverification_schedule/policy_test.rego; fintech.kyc_source_of_funds: OK policies/fintech/kyc_source_of_funds/policy.rego, OK policies/fintech/kyc_source_of_funds/policy_test.rego; fintech.kyc_source_of_wealth: OK policies/fintech/kyc_source_of_wealth/policy.rego, OK policies/fintech/kyc_source_of_wealth/policy_test.rego |
Open Banking / PSD2 |
SCA, exemptions, APIs and consent | fintech.fapi_compliance, fintech.ob_audit_logging, fintech.ob_consent_expiry_90d, fintech.ob_consent_revocation, fintech.ob_data_minimization, fintech.ob_rate_limits, fintech.ob_tpp_eidas_cert_validation, fintech.psd2_sca_enforced, fintech.psd2_sca_exemptions_controls, fintech.psd2_transaction_risk_analysis, fintech.xs2a_api_security | OK | fintech.fapi_compliance: OK policies/fintech/fapi_compliance/policy.rego, OK policies/fintech/fapi_compliance/policy_test.rego; fintech.ob_audit_logging: OK policies/fintech/ob_audit_logging/policy.rego, OK policies/fintech/ob_audit_logging/policy_test.rego; fintech.ob_consent_expiry_90d: OK policies/fintech/ob_consent_expiry_90d/policy.rego, OK policies/fintech/ob_consent_expiry_90d/policy_test.rego; fintech.ob_consent_revocation: OK policies/fintech/ob_consent_revocation/policy.rego, OK policies/fintech/ob_consent_revocation/policy_test.rego; fintech.ob_data_minimization: OK policies/fintech/ob_data_minimization/policy.rego, OK policies/fintech/ob_data_minimization/policy_test.rego; fintech.ob_rate_limits: OK policies/fintech/ob_rate_limits/policy.rego, OK policies/fintech/ob_rate_limits/policy_test.rego; fintech.ob_tpp_eidas_cert_validation: OK policies/fintech/ob_tpp_eidas_cert_validation/policy.rego, OK policies/fintech/ob_tpp_eidas_cert_validation/policy_test.rego; fintech.psd2_sca_enforced: OK policies/fintech/psd2_sca_enforced/policy.rego, OK policies/fintech/psd2_sca_enforced/policy_test.rego; fintech.psd2_sca_exemptions_controls: OK policies/fintech/psd2_sca_exemptions_controls/policy.rego, OK policies/fintech/psd2_sca_exemptions_controls/policy_test.rego; fintech.psd2_transaction_risk_analysis: OK policies/fintech/psd2_transaction_risk_analysis/policy.rego, OK policies/fintech/psd2_transaction_risk_analysis/policy_test.rego; fintech.xs2a_api_security: OK policies/fintech/xs2a_api_security/policy.rego, OK policies/fintech/xs2a_api_security/policy_test.rego |
Auth & API Security |
Strong auth and secure APIs | fintech.jwt_expiry_policy, fintech.mtls_required, fintech.oauth2_pkce_required, fintech.three_ds_required | OK | fintech.jwt_expiry_policy: OK policies/fintech/jwt_expiry_policy/policy.rego, OK policies/fintech/jwt_expiry_policy/policy_test.rego; fintech.mtls_required: OK policies/fintech/mtls_required/policy.rego, OK policies/fintech/mtls_required/policy_test.rego; fintech.oauth2_pkce_required: OK policies/fintech/oauth2_pkce_required/policy.rego, OK policies/fintech/oauth2_pkce_required/policy_test.rego; fintech.three_ds_required: OK policies/fintech/three_ds_required/policy.rego, OK policies/fintech/three_ds_required/policy_test.rego |
PCI / AppSec |
PCI DSS and application security controls | fintech.pci_account_lockout, fintech.pci_default_passwords_changed, fintech.pci_file_integrity_monitoring, fintech.pci_https_only, fintech.pci_key_management, fintech.pci_log_retention, fintech.pci_malware_protection, fintech.pci_mfa_required, fintech.pci_network_segmentation, fintech.pci_pan_masking_in_logs, fintech.pci_secure_coding_practices, fintech.pci_session_timeout, fintech.pci_storage_encryption, fintech.pci_tls_min_version, fintech.pci_vulnerability_scanning | OK | fintech.pci_account_lockout: OK policies/fintech/pci_account_lockout/policy.rego, OK policies/fintech/pci_account_lockout/policy_test.rego; fintech.pci_default_passwords_changed: OK policies/fintech/pci_default_passwords_changed/policy.rego, OK policies/fintech/pci_default_passwords_changed/policy_test.rego; fintech.pci_file_integrity_monitoring: OK policies/fintech/pci_file_integrity_monitoring/policy.rego, OK policies/fintech/pci_file_integrity_monitoring/policy_test.rego; fintech.pci_https_only: OK policies/fintech/pci_https_only/policy.rego, OK policies/fintech/pci_https_only/policy_test.rego; fintech.pci_key_management: OK policies/fintech/pci_key_management/policy.rego, OK policies/fintech/pci_key_management/policy_test.rego; fintech.pci_log_retention: OK policies/fintech/pci_log_retention/policy.rego, OK policies/fintech/pci_log_retention/policy_test.rego; fintech.pci_malware_protection: OK policies/fintech/pci_malware_protection/policy.rego, OK policies/fintech/pci_malware_protection/policy_test.rego; fintech.pci_mfa_required: OK policies/fintech/pci_mfa_required/policy.rego, OK policies/fintech/pci_mfa_required/policy_test.rego; fintech.pci_network_segmentation: OK policies/fintech/pci_network_segmentation/policy.rego, OK policies/fintech/pci_network_segmentation/policy_test.rego; fintech.pci_pan_masking_in_logs: OK policies/fintech/pci_pan_masking_in_logs/policy.rego, OK policies/fintech/pci_pan_masking_in_logs/policy_test.rego; fintech.pci_secure_coding_practices: OK policies/fintech/pci_secure_coding_practices/policy.rego, OK policies/fintech/pci_secure_coding_practices/policy_test.rego; fintech.pci_session_timeout: OK policies/fintech/pci_session_timeout/policy.rego, OK policies/fintech/pci_session_timeout/policy_test.rego; fintech.pci_storage_encryption: OK policies/fintech/pci_storage_encryption/policy.rego, OK policies/fintech/pci_storage_encryption/policy_test.rego; fintech.pci_tls_min_version: OK policies/fintech/pci_tls_min_version/policy.rego, OK policies/fintech/pci_tls_min_version/policy_test.rego; fintech.pci_vulnerability_scanning: OK policies/fintech/pci_vulnerability_scanning/policy.rego, OK policies/fintech/pci_vulnerability_scanning/policy_test.rego |
Crypto / VASP |
Virtual asset service provider controls | fintech.bitlicense_compliance, fintech.chain_analysis_risk_controls, fintech.cold_storage_ratio, fintech.custody_asset_segregation, fintech.hot_wallet_limits, fintech.proof_of_reserves_reporting, fintech.stablecoin_reserve_ratio, fintech.travel_rule_compliance, fintech.vasp_license_required, fintech.withdrawal_address_whitelist | OK | fintech.bitlicense_compliance: OK policies/fintech/bitlicense_compliance/policy.rego, OK policies/fintech/bitlicense_compliance/policy_test.rego; fintech.chain_analysis_risk_controls: OK policies/fintech/chain_analysis_risk_controls/policy.rego, OK policies/fintech/chain_analysis_risk_controls/policy_test.rego; fintech.cold_storage_ratio: OK policies/fintech/cold_storage_ratio/policy.rego, OK policies/fintech/cold_storage_ratio/policy_test.rego; fintech.custody_asset_segregation: OK policies/fintech/custody_asset_segregation/policy.rego, OK policies/fintech/custody_asset_segregation/policy_test.rego; fintech.hot_wallet_limits: OK policies/fintech/hot_wallet_limits/policy.rego, OK policies/fintech/hot_wallet_limits/policy_test.rego; fintech.proof_of_reserves_reporting: OK policies/fintech/proof_of_reserves_reporting/policy.rego, OK policies/fintech/proof_of_reserves_reporting/policy_test.rego; fintech.stablecoin_reserve_ratio: OK policies/fintech/stablecoin_reserve_ratio/policy.rego, OK policies/fintech/stablecoin_reserve_ratio/policy_test.rego; fintech.travel_rule_compliance: OK policies/fintech/travel_rule_compliance/policy.rego, OK policies/fintech/travel_rule_compliance/policy_test.rego; fintech.vasp_license_required: OK policies/fintech/vasp_license_required/policy.rego, OK policies/fintech/vasp_license_required/policy_test.rego; fintech.withdrawal_address_whitelist: OK policies/fintech/withdrawal_address_whitelist/policy.rego, OK policies/fintech/withdrawal_address_whitelist/policy_test.rego |
Fraud & Commerce |
Fraud prevention and payments hygiene | fintech.card_tokenization_required, fintech.chargeback_monitoring, fintech.device_fingerprinting, fintech.fraud_velocity_checks, fintech.geofencing_restricted_markets, fintech.ip_geolocation_consistency, fintech.mcc_whitelisting, fintech.pan_masking_in_logs, fintech.transaction_limits_per_risk | OK | fintech.card_tokenization_required: OK policies/fintech/card_tokenization_required/policy.rego, OK policies/fintech/card_tokenization_required/policy_test.rego; fintech.chargeback_monitoring: OK policies/fintech/chargeback_monitoring/policy.rego, OK policies/fintech/chargeback_monitoring/policy_test.rego; fintech.device_fingerprinting: OK policies/fintech/device_fingerprinting/policy.rego, OK policies/fintech/device_fingerprinting/policy_test.rego; fintech.fraud_velocity_checks: OK policies/fintech/fraud_velocity_checks/policy.rego, OK policies/fintech/fraud_velocity_checks/policy_test.rego; fintech.geofencing_restricted_markets: OK policies/fintech/geofencing_restricted_markets/policy.rego, OK policies/fintech/geofencing_restricted_markets/policy_test.rego; fintech.ip_geolocation_consistency: OK policies/fintech/ip_geolocation_consistency/policy.rego, OK policies/fintech/ip_geolocation_consistency/policy_test.rego; fintech.mcc_whitelisting: OK policies/fintech/mcc_whitelisting/policy.rego, OK policies/fintech/mcc_whitelisting/policy_test.rego; fintech.pan_masking_in_logs: OK policies/fintech/pan_masking_in_logs/policy.rego, OK policies/fintech/pan_masking_in_logs/policy_test.rego; fintech.transaction_limits_per_risk: OK policies/fintech/transaction_limits_per_risk/policy.rego, OK policies/fintech/transaction_limits_per_risk/policy_test.rego |
Coverage: 69/69 (100%)
US FinReg MTL¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
State MTL |
Money Transmitter Licenses | fintech.us_mtl_license | OK | fintech.us_mtl_license: OK policies/fintech/us_mtl_license/policy.rego, OK policies/fintech/us_mtl_license/policy_test.rego |
Coverage: 1/1 (100%)
GDPR 2016/679¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
Art.5(1)(c) |
Data minimization | gdpr.data_minimization | OK | gdpr.data_minimization: OK policies/gdpr/data_minimization/policy.rego, OK policies/gdpr/data_minimization/policy_test.rego |
Art.5(1)(e) |
Storage limitation | gdpr.data_retention | OK | gdpr.data_retention: OK policies/gdpr/data_retention/policy.rego, OK policies/gdpr/data_retention/policy_test.rego |
Art.6 |
Lawfulness of processing | gdpr.consent_required | OK | gdpr.consent_required: OK policies/gdpr/consent_required/policy.rego, OK policies/gdpr/consent_required/policy_test.rego |
Coverage: 3/3 (100%)
iGaming (multi-jurisdiction) current¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
Licensing |
Licensing checks (per regulator) | igaming.license_check_adm_it, igaming.license_check_anj_fr, igaming.license_check_dgoj_es, igaming.license_check_ukgc, igaming.license_check_us_nj_dge, igaming.license_check_us_nv_ngcb, igaming.license_check_us_pa_pgcb | OK | igaming.license_check_adm_it: OK policies/igaming/license_check_adm_it/policy.rego, OK policies/igaming/license_check_adm_it/policy_test.rego; igaming.license_check_anj_fr: OK policies/igaming/license_check_anj_fr/policy.rego, OK policies/igaming/license_check_anj_fr/policy_test.rego; igaming.license_check_dgoj_es: OK policies/igaming/license_check_dgoj_es/policy.rego, OK policies/igaming/license_check_dgoj_es/policy_test.rego; igaming.license_check_ukgc: OK policies/igaming/license_check_ukgc/policy.rego, OK policies/igaming/license_check_ukgc/policy_test.rego; igaming.license_check_us_nj_dge: OK policies/igaming/license_check_us_nj_dge/policy.rego, OK policies/igaming/license_check_us_nj_dge/policy_test.rego; igaming.license_check_us_nv_ngcb: OK policies/igaming/license_check_us_nv_ngcb/policy.rego, OK policies/igaming/license_check_us_nv_ngcb/policy_test.rego; igaming.license_check_us_pa_pgcb: OK policies/igaming/license_check_us_pa_pgcb/policy.rego, OK policies/igaming/license_check_us_pa_pgcb/policy_test.rego |
Player Protection |
Responsible gambling controls | igaming.deposit_limit_controls, igaming.self_exclusion_uk_gamstop | OK | igaming.deposit_limit_controls: OK policies/igaming/deposit_limit_controls/policy.rego, OK policies/igaming/deposit_limit_controls/policy_test.rego; igaming.self_exclusion_uk_gamstop: OK policies/igaming/self_exclusion_uk_gamstop/policy.rego, OK policies/igaming/self_exclusion_uk_gamstop/policy_test.rego |
Market Access & Geo |
Regulated market geofencing | igaming.geofencing_regulated_markets | OK | igaming.geofencing_regulated_markets: OK policies/igaming/geofencing_regulated_markets/policy.rego, OK policies/igaming/geofencing_regulated_markets/policy_test.rego |
Coverage: 10/10 (100%)
Kubernetes Security Baseline v1¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
Workload hardening |
Restrict privileged escalation and root | k8s.no_privileged, k8s.no_run_as_root, k8s.limit_capabilities, k8s.ban_hostnetwork, k8s.block_hostpath | OK | k8s.no_privileged: OK addons/kyverno/policies/no-privileged.yaml, OK policies/k8s/no_privileged/policy.rego, OK policies/k8s/no_privileged/policy_test.rego; k8s.no_run_as_root: OK addons/k8s-gatekeeper/templates/no-run-as-root.yaml, OK policies/k8s/no_run_as_root/policy.rego, OK policies/k8s/no_run_as_root/policy_test.rego; k8s.limit_capabilities: OK addons/k8s-gatekeeper/templates/limit-capabilities.yaml, OK policies/k8s/limit_capabilities/policy.rego, OK policies/k8s/limit_capabilities/policy_test.rego; k8s.ban_hostnetwork: OK addons/k8s-gatekeeper/templates/ban-hostnetwork.yaml, OK addons/k8s-gatekeeper/constraints/ban-hostnetwork.yaml, OK policies/k8s/ban_hostnetwork/policy.rego, OK policies/k8s/ban_hostnetwork/policy_test.rego; k8s.block_hostpath: OK addons/kyverno/policies/block-hostpath.yaml, OK policies/k8s/block_hostpath/policy.rego, OK policies/k8s/block_hostpath/policy_test.rego |
Image & supply chain |
Avoid mutable tags and ensure fresh images | k8s.disallow_latest, k8s.require_imagepullpolicy_always | OK | k8s.disallow_latest: OK addons/kyverno/policies/disallow-latest.yaml, OK policies/k8s/disallow_latest/policy.rego, OK policies/k8s/disallow_latest/policy_test.rego; k8s.require_imagepullpolicy_always: OK addons/k8s-gatekeeper/templates/require-imagepullpolicy-always.yaml, OK policies/k8s/require_imagepullpolicy_always/policy.rego, OK policies/k8s/require_imagepullpolicy_always/policy_test.rego |
Resource governance |
Enforce resource requests and limits | k8s.require_resources | OK | k8s.require_resources: OK addons/kyverno/policies/require-resources.yaml, OK policies/k8s/require_resources/policy.rego, OK policies/k8s/require_resources/policy_test.rego |
Coverage: 8/8 (100%)
LegalTech (multi-jurisdiction) current¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
GDPR Core |
GDPR principles and data subject rights | legaltech.gdpr_breach_72h, legaltech.gdpr_consent_valid, legaltech.gdpr_cookie_consent_eprivacy, legaltech.gdpr_data_minimization, legaltech.gdpr_dpia_required_high_risk, legaltech.gdpr_dsar_timeline_30d, legaltech.gdpr_lawful_basis_required, legaltech.gdpr_records_of_processing, legaltech.gdpr_retention_limit, legaltech.gdpr_transfer_scc | OK | legaltech.gdpr_breach_72h: OK policies/legaltech/gdpr_breach_72h/policy.rego, OK policies/legaltech/gdpr_breach_72h/policy_test.rego; legaltech.gdpr_consent_valid: OK policies/legaltech/gdpr_consent_valid/policy.rego, OK policies/legaltech/gdpr_consent_valid/policy_test.rego; legaltech.gdpr_cookie_consent_eprivacy: OK policies/legaltech/gdpr_cookie_consent_eprivacy/policy.rego, OK policies/legaltech/gdpr_cookie_consent_eprivacy/policy_test.rego; legaltech.gdpr_data_minimization: OK policies/legaltech/gdpr_data_minimization/policy.rego, OK policies/legaltech/gdpr_data_minimization/policy_test.rego; legaltech.gdpr_dpia_required_high_risk: OK policies/legaltech/gdpr_dpia_required_high_risk/policy.rego, OK policies/legaltech/gdpr_dpia_required_high_risk/policy_test.rego; legaltech.gdpr_dsar_timeline_30d: OK policies/legaltech/gdpr_dsar_timeline_30d/policy.rego, OK policies/legaltech/gdpr_dsar_timeline_30d/policy_test.rego; legaltech.gdpr_lawful_basis_required: OK policies/legaltech/gdpr_lawful_basis_required/policy.rego, OK policies/legaltech/gdpr_lawful_basis_required/policy_test.rego; legaltech.gdpr_records_of_processing: OK policies/legaltech/gdpr_records_of_processing/policy.rego, OK policies/legaltech/gdpr_records_of_processing/policy_test.rego; legaltech.gdpr_retention_limit: OK policies/legaltech/gdpr_retention_limit/policy.rego, OK policies/legaltech/gdpr_retention_limit/policy_test.rego; legaltech.gdpr_transfer_scc: OK policies/legaltech/gdpr_transfer_scc/policy.rego, OK policies/legaltech/gdpr_transfer_scc/policy_test.rego |
US (CCPA/CPRA) |
California privacy (CCPA/CPRA) | legaltech.ccpa_notice_at_collection, legaltech.ccpa_opt_out_enabled, legaltech.ccpa_verification_of_requests, legaltech.cpra_sensitive_data_limited_use | OK | legaltech.ccpa_notice_at_collection: OK policies/legaltech/ccpa_notice_at_collection/policy.rego, OK policies/legaltech/ccpa_notice_at_collection/policy_test.rego; legaltech.ccpa_opt_out_enabled: OK policies/legaltech/ccpa_opt_out_enabled/policy.rego, OK policies/legaltech/ccpa_opt_out_enabled/policy_test.rego; legaltech.ccpa_verification_of_requests: OK policies/legaltech/ccpa_verification_of_requests/policy.rego, OK policies/legaltech/ccpa_verification_of_requests/policy_test.rego; legaltech.cpra_sensitive_data_limited_use: OK policies/legaltech/cpra_sensitive_data_limited_use/policy.rego, OK policies/legaltech/cpra_sensitive_data_limited_use/policy_test.rego |
Security Controls |
Technical and organizational measures | legaltech.data_residency_requirements_enforced, legaltech.encryption_at_rest_enabled, legaltech.encryption_in_transit_enabled, legaltech.popia_za_security_measures | OK | legaltech.data_residency_requirements_enforced: OK policies/legaltech/data_residency_requirements_enforced/policy.rego, OK policies/legaltech/data_residency_requirements_enforced/policy_test.rego; legaltech.encryption_at_rest_enabled: OK policies/legaltech/encryption_at_rest_enabled/policy.rego, OK policies/legaltech/encryption_at_rest_enabled/policy_test.rego; legaltech.encryption_in_transit_enabled: OK policies/legaltech/encryption_in_transit_enabled/policy.rego, OK policies/legaltech/encryption_in_transit_enabled/policy_test.rego; legaltech.popia_za_security_measures: OK policies/legaltech/popia_za_security_measures/policy.rego, OK policies/legaltech/popia_za_security_measures/policy_test.rego |
Records & eDiscovery |
Records governance and eDiscovery | legaltech.ch_fadp_records_of_processing, legaltech.ediscovery_frcp_26_34_37, legaltech.legal_hold_no_delete_enforced, legaltech.records_classification_scheme_applied | OK | legaltech.ch_fadp_records_of_processing: OK policies/legaltech/ch_fadp_records_of_processing/policy.rego, OK policies/legaltech/ch_fadp_records_of_processing/policy_test.rego; legaltech.ediscovery_frcp_26_34_37: OK policies/legaltech/ediscovery_frcp_26_34_37/policy.rego, OK policies/legaltech/ediscovery_frcp_26_34_37/policy_test.rego; legaltech.legal_hold_no_delete_enforced: OK policies/legaltech/legal_hold_no_delete_enforced/policy.rego, OK policies/legaltech/legal_hold_no_delete_enforced/policy_test.rego; legaltech.records_classification_scheme_applied: OK policies/legaltech/records_classification_scheme_applied/policy.rego, OK policies/legaltech/records_classification_scheme_applied/policy_test.rego |
Cross-border Transfers |
International data transfers | legaltech.id_pdp_cross_border_transfer, legaltech.pipl_cn_cross_border_assessment | OK | legaltech.id_pdp_cross_border_transfer: OK policies/legaltech/id_pdp_cross_border_transfer/policy.rego, OK policies/legaltech/id_pdp_cross_border_transfer/policy_test.rego; legaltech.pipl_cn_cross_border_assessment: OK policies/legaltech/pipl_cn_cross_border_assessment/policy.rego, OK policies/legaltech/pipl_cn_cross_border_assessment/policy_test.rego |
Children & Minors |
Child-specific consent and protections | legaltech.uk_gdpr_minor_consent | OK | legaltech.uk_gdpr_minor_consent: OK policies/legaltech/uk_gdpr_minor_consent/policy.rego, OK policies/legaltech/uk_gdpr_minor_consent/policy_test.rego |
Country-specific |
National privacy laws | legaltech.ca_qc_law25_privacy_governance, legaltech.au_app_notice_at_collection, legaltech.ae_pdpl_consent_notice, legaltech.kr_pipa_breach_notification, legaltech.lgpd_brazil_compliance, legaltech.mx_lfpdppp_notice_at_collection, legaltech.my_pdpa_retention_principle, legaltech.nz_breach_notification, legaltech.pdpa_sg_consent_purposes, legaltech.pipeda_ca_consent, legaltech.sa_pdpl_breach_notify, legaltech.th_pdpa_breach_notify, legaltech.tr_kvkk_verbis_registration, legaltech.vn_pdpd_notice_and_consent | OK | legaltech.ca_qc_law25_privacy_governance: OK policies/legaltech/ca_qc_law25_privacy_governance/policy.rego, OK policies/legaltech/ca_qc_law25_privacy_governance/policy_test.rego; legaltech.au_app_notice_at_collection: OK policies/legaltech/au_app_notice_at_collection/policy.rego, OK policies/legaltech/au_app_notice_at_collection/policy_test.rego; legaltech.ae_pdpl_consent_notice: OK policies/legaltech/ae_pdpl_consent_notice/policy.rego, OK policies/legaltech/ae_pdpl_consent_notice/policy_test.rego; legaltech.kr_pipa_breach_notification: OK policies/legaltech/kr_pipa_breach_notification/policy.rego, OK policies/legaltech/kr_pipa_breach_notification/policy_test.rego; legaltech.lgpd_brazil_compliance: OK policies/legaltech/lgpd_brazil_compliance/policy.rego, OK policies/legaltech/lgpd_brazil_compliance/policy_test.rego; legaltech.mx_lfpdppp_notice_at_collection: OK policies/legaltech/mx_lfpdppp_notice_at_collection/policy.rego, OK policies/legaltech/mx_lfpdppp_notice_at_collection/policy_test.rego; legaltech.my_pdpa_retention_principle: OK policies/legaltech/my_pdpa_retention_principle/policy.rego, OK policies/legaltech/my_pdpa_retention_principle/policy_test.rego; legaltech.nz_breach_notification: OK policies/legaltech/nz_breach_notification/policy.rego, OK policies/legaltech/nz_breach_notification/policy_test.rego; legaltech.pdpa_sg_consent_purposes: OK policies/legaltech/pdpa_sg_consent_purposes/policy.rego, OK policies/legaltech/pdpa_sg_consent_purposes/policy_test.rego; legaltech.pipeda_ca_consent: OK policies/legaltech/pipeda_ca_consent/policy.rego, OK policies/legaltech/pipeda_ca_consent/policy_test.rego; legaltech.sa_pdpl_breach_notify: OK policies/legaltech/sa_pdpl_breach_notify/policy.rego, OK policies/legaltech/sa_pdpl_breach_notify/policy_test.rego; legaltech.th_pdpa_breach_notify: OK policies/legaltech/th_pdpa_breach_notify/policy.rego, OK policies/legaltech/th_pdpa_breach_notify/policy_test.rego; legaltech.tr_kvkk_verbis_registration: OK policies/legaltech/tr_kvkk_verbis_registration/policy.rego, OK policies/legaltech/tr_kvkk_verbis_registration/policy_test.rego; legaltech.vn_pdpd_notice_and_consent: OK policies/legaltech/vn_pdpd_notice_and_consent/policy.rego, OK policies/legaltech/vn_pdpd_notice_and_consent/policy_test.rego |
Professional Conduct |
Legal ethics and confidentiality | legaltech.aba_model_rule_1_6_confidentiality | OK | legaltech.aba_model_rule_1_6_confidentiality: OK policies/legaltech/aba_model_rule_1_6_confidentiality/policy.rego, OK policies/legaltech/aba_model_rule_1_6_confidentiality/policy_test.rego |
Coverage: 40/40 (100%)
MedTech (multi-jurisdiction) current¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
HIPAA (US) |
HIPAA Security, Privacy, and Administrative Safeguards | medtech.hipaa_access_audit_logging, medtech.hipaa_baa_with_vendors, medtech.hipaa_mfa_privileged_access, medtech.hipaa_minimum_necessary, medtech.hipaa_security_admin_safeguards, medtech.hipaa_security_tech_encryption | OK | medtech.hipaa_access_audit_logging: OK policies/medtech/hipaa_access_audit_logging/policy.rego, OK policies/medtech/hipaa_access_audit_logging/policy_test.rego; medtech.hipaa_baa_with_vendors: OK policies/medtech/hipaa_baa_with_vendors/policy.rego, OK policies/medtech/hipaa_baa_with_vendors/policy_test.rego; medtech.hipaa_mfa_privileged_access: OK policies/medtech/hipaa_mfa_privileged_access/policy.rego, OK policies/medtech/hipaa_mfa_privileged_access/policy_test.rego; medtech.hipaa_minimum_necessary: OK policies/medtech/hipaa_minimum_necessary/policy.rego, OK policies/medtech/hipaa_minimum_necessary/policy_test.rego; medtech.hipaa_security_admin_safeguards: OK policies/medtech/hipaa_security_admin_safeguards/policy.rego, OK policies/medtech/hipaa_security_admin_safeguards/policy_test.rego; medtech.hipaa_security_tech_encryption: OK policies/medtech/hipaa_security_tech_encryption/policy.rego, OK policies/medtech/hipaa_security_tech_encryption/policy_test.rego |
HITECH (US) |
HITECH Act Requirements | medtech.hitech_breach_notification_60d | OK | medtech.hitech_breach_notification_60d: OK policies/medtech/hitech_breach_notification_60d/policy.rego, OK policies/medtech/hitech_breach_notification_60d/policy_test.rego |
FDA (US) — Part 11 and MDR |
FDA 21 CFR Part 11 and Medical Device Reporting (MDR) | medtech.fda_cybersecurity_524b_sbom, medtech.fda_mdr_event_reporting, medtech.fda_part11_audit_trail, medtech.fda_part11_esign_linkage, medtech.fda_part11_system_validation | OK | medtech.fda_cybersecurity_524b_sbom: OK policies/medtech/fda_cybersecurity_524b_sbom/policy.rego, OK policies/medtech/fda_cybersecurity_524b_sbom/policy_test.rego; medtech.fda_mdr_event_reporting: OK policies/medtech/fda_mdr_event_reporting/policy.rego, OK policies/medtech/fda_mdr_event_reporting/policy_test.rego; medtech.fda_part11_audit_trail: OK policies/medtech/fda_part11_audit_trail/policy.rego, OK policies/medtech/fda_part11_audit_trail/policy_test.rego; medtech.fda_part11_esign_linkage: OK policies/medtech/fda_part11_esign_linkage/policy.rego, OK policies/medtech/fda_part11_esign_linkage/policy_test.rego; medtech.fda_part11_system_validation: OK policies/medtech/fda_part11_system_validation/policy.rego, OK policies/medtech/fda_part11_system_validation/policy_test.rego |
EU MDR/IVDR (EU) |
EU Medical Device and IVD Regulations | medtech.eu_ivdr_clinical_performance, medtech.eu_mdr_ce_marking_and_udi, medtech.eu_mdr_clinical_evaluation, medtech.eu_mdr_eudamed_registration, medtech.eu_mdr_pms_psur, medtech.eu_vigilance_incident_reporting | OK | medtech.eu_ivdr_clinical_performance: OK policies/medtech/eu_ivdr_clinical_performance/policy.rego, OK policies/medtech/eu_ivdr_clinical_performance/policy_test.rego; medtech.eu_mdr_ce_marking_and_udi: OK policies/medtech/eu_mdr_ce_marking_and_udi/policy.rego, OK policies/medtech/eu_mdr_ce_marking_and_udi/policy_test.rego; medtech.eu_mdr_clinical_evaluation: OK policies/medtech/eu_mdr_clinical_evaluation/policy.rego, OK policies/medtech/eu_mdr_clinical_evaluation/policy_test.rego; medtech.eu_mdr_eudamed_registration: OK policies/medtech/eu_mdr_eudamed_registration/policy.rego, OK policies/medtech/eu_mdr_eudamed_registration/policy_test.rego; medtech.eu_mdr_pms_psur: OK policies/medtech/eu_mdr_pms_psur/policy.rego, OK policies/medtech/eu_mdr_pms_psur/policy_test.rego; medtech.eu_vigilance_incident_reporting: OK policies/medtech/eu_vigilance_incident_reporting/policy.rego, OK policies/medtech/eu_vigilance_incident_reporting/policy_test.rego |
ONC (US) |
21st Century Cures (ONC) and Information Blocking | medtech.onc_cures_api_fhir_r4, medtech.onc_information_blocking_prohibited | OK | medtech.onc_cures_api_fhir_r4: OK policies/medtech/onc_cures_api_fhir_r4/policy.rego, OK policies/medtech/onc_cures_api_fhir_r4/policy_test.rego; medtech.onc_information_blocking_prohibited: OK policies/medtech/onc_information_blocking_prohibited/policy.rego, OK policies/medtech/onc_information_blocking_prohibited/policy_test.rego |
Data Protection & Cross-border |
GDPR Article 9 and Cross-border Transfers | medtech.gdpr_art9_special_category_safeguards, medtech.health_data_cross_border_controls | OK | medtech.gdpr_art9_special_category_safeguards: OK policies/medtech/gdpr_art9_special_category_safeguards/policy.rego, OK policies/medtech/gdpr_art9_special_category_safeguards/policy_test.rego; medtech.health_data_cross_border_controls: OK policies/medtech/health_data_cross_border_controls/policy.rego, OK policies/medtech/health_data_cross_border_controls/policy_test.rego |
Standards (ISO/IEC) |
ISO/IEC QMS, Risk, Software Lifecycle, Usability, ISMS | medtech.iec_62304_scm_prp_processes, medtech.iec_62304_software_safety_class, medtech.iec_62366_usability_summative_eval, medtech.iso_13485_document_control, medtech.iso_14971_risk_management_file, medtech.iso_27001_isms_scope_and_controls | OK | medtech.iec_62304_scm_prp_processes: OK policies/medtech/iec_62304_scm_prp_processes/policy.rego, OK policies/medtech/iec_62304_scm_prp_processes/policy_test.rego; medtech.iec_62304_software_safety_class: OK policies/medtech/iec_62304_software_safety_class/policy.rego, OK policies/medtech/iec_62304_software_safety_class/policy_test.rego; medtech.iec_62366_usability_summative_eval: OK policies/medtech/iec_62366_usability_summative_eval/policy.rego, OK policies/medtech/iec_62366_usability_summative_eval/policy_test.rego; medtech.iso_13485_document_control: OK policies/medtech/iso_13485_document_control/policy.rego, OK policies/medtech/iso_13485_document_control/policy_test.rego; medtech.iso_14971_risk_management_file: OK policies/medtech/iso_14971_risk_management_file/policy.rego, OK policies/medtech/iso_14971_risk_management_file/policy_test.rego; medtech.iso_27001_isms_scope_and_controls: OK policies/medtech/iso_27001_isms_scope_and_controls/policy.rego, OK policies/medtech/iso_27001_isms_scope_and_controls/policy_test.rego |
Technical & Operational Controls |
Operational and Technical Controls | medtech.backup_and_recovery_rto_rpo, medtech.device_data_integrity_hashing, medtech.dicom_network_security_basic, medtech.fhir_smart_app_authz, medtech.log_retention_for_clinical_events | OK | medtech.backup_and_recovery_rto_rpo: OK policies/medtech/backup_and_recovery_rto_rpo/policy.rego, OK policies/medtech/backup_and_recovery_rto_rpo/policy_test.rego; medtech.device_data_integrity_hashing: OK policies/medtech/device_data_integrity_hashing/policy.rego, OK policies/medtech/device_data_integrity_hashing/policy_test.rego; medtech.dicom_network_security_basic: OK policies/medtech/dicom_network_security_basic/policy.rego, OK policies/medtech/dicom_network_security_basic/policy_test.rego; medtech.fhir_smart_app_authz: OK policies/medtech/fhir_smart_app_authz/policy.rego, OK policies/medtech/fhir_smart_app_authz/policy_test.rego; medtech.log_retention_for_clinical_events: OK policies/medtech/log_retention_for_clinical_events/policy.rego, OK policies/medtech/log_retention_for_clinical_events/policy_test.rego |
Country/Region-specific |
National and Regional Healthcare Regulations | medtech.au_myr_health_privacy, medtech.ca_phipa_health_data, medtech.sg_hcsa_pdpa_health_data, medtech.uk_dtac_compliance, medtech.uk_mhra_post_market_surveillance | OK | medtech.au_myr_health_privacy: OK policies/medtech/au_myr_health_privacy/policy.rego, OK policies/medtech/au_myr_health_privacy/policy_test.rego; medtech.ca_phipa_health_data: OK policies/medtech/ca_phipa_health_data/policy.rego, OK policies/medtech/ca_phipa_health_data/policy_test.rego; medtech.sg_hcsa_pdpa_health_data: OK policies/medtech/sg_hcsa_pdpa_health_data/policy.rego, OK policies/medtech/sg_hcsa_pdpa_health_data/policy_test.rego; medtech.uk_dtac_compliance: OK policies/medtech/uk_dtac_compliance/policy.rego, OK policies/medtech/uk_dtac_compliance/policy_test.rego; medtech.uk_mhra_post_market_surveillance: OK policies/medtech/uk_mhra_post_market_surveillance/policy.rego, OK policies/medtech/uk_mhra_post_market_surveillance/policy_test.rego |
Coverage: 38/38 (100%)
PCI DSS 4.0¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
3.4 |
Protect stored cardholder data | pci.ebs_encryption, pci.storage_encryption | OK | pci.ebs_encryption: OK policies/pci/ebs_encryption/policy.rego, OK policies/pci/ebs_encryption/policy_test.rego; pci.storage_encryption: OK policies/pci/storage_encryption/policy.rego, OK policies/pci/storage_encryption/policy_test.rego |
4.2 |
Use strong cryptography for transmission | pci.https_only | OK | pci.https_only: OK policies/pci/https_only/policy.rego, OK policies/pci/https_only/policy_test.rego |
8.2 |
Strong authentication | pci.iam_password_policy | OK | pci.iam_password_policy: OK policies/pci/iam_password_policy/policy.rego, OK policies/pci/iam_password_policy/policy_test.rego |
10.2 |
Logging & monitoring | pci.logging_enabled | OK | pci.logging_enabled: OK policies/pci/logging_enabled/policy.rego, OK policies/pci/logging_enabled/policy_test.rego |
12.10 |
Incident response monitoring | WARN |
Coverage: 5/5 (100%)
AU iGaming Hosting placeholder¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
Audit |
Audit trails & secure hosting | rg.au_audit_trails | OK | rg.au_audit_trails: OK policies/rg/au_audit_trails/policy.rego, OK policies/rg/au_audit_trails/policy_test.rego |
Coverage: 1/1 (100%)
UKGC/MGA placeholder¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
RG-1 |
Self-exclusion controls | rg.self_exclusion_enforced | OK | rg.self_exclusion_enforced: OK policies/rg/self_exclusion_enforced/policy.rego, OK policies/rg/self_exclusion_enforced/policy_test.rego |
Coverage: 1/1 (100%)
UIGEA 31 USC 5361¶
| Section | Title | Policies | Coverage | Paths |
|---|---|---|---|---|
Payments |
Payment blocks for unlawful internet gambling | rg.uigea_payment_blocks | OK | rg.uigea_payment_blocks: OK policies/rg/uigea_payment_blocks/policy.rego, OK policies/rg/uigea_payment_blocks/policy_test.rego |
Coverage: 1/1 (100%)
Policy Test Coverage (Gatekeeper Rego)¶
Policies with tests: 283/283 (100.0%)