Industries we work in.

Compliance reads differently depending on the regulator and the operational reality. Each sector below has its own playbook — built from years of audit-side and supervisory-facing work.

01 / SECTORS

I-01↗

Healthcare & life sciences.

Patient data under GDPR Article 9, MDR/IVDR, eIDAS, HIPAA when EU operations span the US.

AZOP · HALMED · GDPR · MDR

I-02↗

Financial services.

DORA operational resilience, CRD/CRR, AML/CFT, MiFID II, ECB SREP cycle and PSD2.

ECB · EBA · HNB · DORA

I-03↗

Technology & AI.

EU AI Act conformity, foundation-model duties, GDPR Article 28 vendor risk, NIS2 essential entities.

EU AI Office · GDPR · NIS2

I-04↗

Energy & utilities.

NIS2 essential entity scope, CER directive, ENISA reporting, grid-operator obligations.

ENISA · NIS2 · CER · HERA

I-05↗

Telecommunications.

NIS2, EECC, eIDAS trust services, lawful interception, data retention, cross-border data flows.

BEREC · HAKOM · NIS2 · EECC

I-06↗

Retail & e-commerce.

GDPR consent + ePrivacy, marketplace duties, DSA/DMA obligations for VLOPs, cross-border consumer rights.

GDPR · DSA · DMA · ePrivacy

I-07↗

Transport & logistics.

NIS2 transport sector, eFTI digital freight, ADR/IMDG hazardous cargo, port-state cyber requirements.

NIS2 · eFTI · IMO · CER

I-08↗

Manufacturing & industrial.

Cyber Resilience Act, machinery regulation, product liability, NIS2 important entity for critical manufacturing.

CRA · Machinery Reg · NIS2

BRING US IN

Not sure which playbook fits?

30 minutes with a senior advisor. We'll triangulate the regulators in scope, the deadlines, and the right place to start.