Regulatory export packs
Pre-curated bundles of attestations, evidence-pack templates, and jurisdictional notes — ready for your compliance team. Pick the jurisdiction closest to your operating perimeter.
EU / EEA
European Union
Attestations included (13)
Evidence-pack templates
- GDPR Art. 30 record of processing
- PSD2 SCA RTS evidence pack
- PSD3 / PSR readiness pack (designed-for)
- DORA ICT risk register
- EU AI Act Annex IV technical documentation
- Schrems II Transfer Impact Assessment
Notes
- PSD3 status is 'designed-for' — not yet certified pending entry into force
- Default data residency: AWS eu-west-1 + Cloudflare EU-resident edge
UK
United Kingdom
Attestations included (10)
Evidence-pack templates
- UK GDPR Art. 30 record
- FCA Operational Resilience playbook
- PRA SS1/21 + SS2/21 alignment notes
- PSD2 RTS evidence pack
Notes
- Post-Brexit adequacy: relies on EU-UK Data Adequacy Decision
- FCA Sandbox compatibility on request
Gulf Cooperation Council
GCC (Bahrain, KSA, UAE, Qatar, Kuwait, Oman)
Attestations included (7)
Evidence-pack templates
- AAOIFI Shariah audit pack (annual)
- CBB / SAMA / CBUAE reporting templates
- AAOIFI SS-8 to SS-39 contract evidence
- PDPL data-localisation attestation (KSA, BH, UAE)
Notes
- Shariah primary audit jurisdiction lives in this region
- Default data residency: AWS me-south-1 (Bahrain)
South-East Asia
APAC (Singapore, Malaysia, Indonesia, Brunei)
Attestations included (7)
Evidence-pack templates
- MAS Notice 644 + Cyber Hygiene attestation
- BNM PDPA evidence pack
- BNM Shariah Governance Framework (SGF) alignment
- OJK reporting templates (Indonesia)
Notes
- Default data residency: AWS ap-southeast-1 (Singapore)
- Indonesia OJK requires data localisation — separate tenant region