Finance & Banking
(79 standards)Industries: Finance & Banking
ISO/IEC 27001:2022
Information security, cybersecurity and privacy protection — Information security management systems — Requirements
SOC 2 Type II
Service Organization Control - Trust Services Criteria
GDPR
General Data Protection Regulation — EU Regulation (EU) 2016/679
PCI DSS 4.0.1
Payment Card Industry Data Security Standard
CCPA/CPRA
California Consumer Privacy Act & California Privacy Rights Act
LGPD
Lei Geral de Proteção de Dados Pessoais — Brazil's General Data Protection Law (Law No. 13,709/2018)
PIPL
Personal Information Protection Law — 中华人民共和国个人信息保护法
ISO/IEC 27017:2015
Code of practice for information security controls based on ISO/IEC 27002 for cloud services
ISO/IEC 27018:2025
Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
ISO/IEC 27701:2025
Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management
ISO/IEC 42001:2023
Information technology — Artificial intelligence — Management system
ISO 9001:2015
Quality management systems — Requirements
ISO 31000:2018
Risk management — Guidelines
EU AI Act
Regulation (EU) 2024/1689 — Artificial Intelligence Act
ISO 22301:2019
Security and resilience — Business continuity management systems — Requirements
NIST CSF 2.0
Cybersecurity Framework 2.0 — Framework for Improving Critical Infrastructure Cybersecurity
DORA
Digital Operational Resilience Act — EU Regulation (EU) 2022/2554
NIS2 Directive
Directive (EU) 2022/2555 — Measures for a High Common Level of Cybersecurity Across the Union
SOX
Sarbanes-Oxley Act of 2002 — U.S. Public Company Accounting Reform and Investor Protection Act
ISO/IEC 20000-1:2018
Information technology — Service management — Part 1: Service management system requirements
ISO 37001:2025
Anti-bribery management systems — Requirements with guidance for use
CSA STAR
Cloud Security Alliance Security, Trust, Assurance and Risk Program
Cyber Essentials
UK Government-Backed Cyber Security Certification Scheme
SWIFT CSP
SWIFT Customer Security Programme — Customer Security Controls Framework
ISO/IEC 27002:2022
Information security, cybersecurity and privacy protection — Information security controls
ISO 37301:2021
Compliance management systems — Requirements with guidance for use
ISO 26000:2010
Guidance on social responsibility
ISO 4217:2015
Codes for the representation of currencies
ISO 8601-1:2019 / ISO 8601-2:2019
Date and time — Representations for information interchange
ISO 3166-1/2/3:2020
Codes for the representation of names of countries and their subdivisions
ISO/IEC 27706:2025
Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of privacy information management systems
ISO/IEC 42006:2025
Information technology — Artificial intelligence — Requirements for bodies providing audit and certification of artificial intelligence management systems
ISO/IEC 27006-1:2024
Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems — Part 1: General
ISO/IEC 27003:2017
Information technology — Security techniques — Information security management systems — Guidance
ISO/IEC 27007:2020
Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing
ISO/IEC 27013:2021
Information security, cybersecurity and privacy protection — Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1
ISO 37003:2025
Fraud control management systems — Guidance for organizations managing the risk of fraud
ISO 30201:2026
Human resources management systems — Requirements
ISO 56001:2024
Innovation management system — Requirements
ISO 55001:2024
Asset management — Asset management system — Requirements
ISO 41001:2018
Facility management — Management systems — Requirements with guidance for use
ISO/IEC 27010:2015
Information technology — Security techniques — Information security management for inter-sector and inter-organizational communications
ISO 10014:2021
Quality management systems — Managing an organization for quality results — Guidance for realizing financial and economic benefits
ISO 34101-2:2019
Sustainable and traceable cocoa — Part 2: Requirements for performance (related to economic, social and environmental aspects)
ISO 32210:2022
Sustainable finance — Guidance on the application of sustainability principles for organizations in the financial sector
ISO 37116:2026
Sustainable cities and communities — Disaster risk finance — Principles and general requirements for financing ex-ante investment in risk reduction
ISO 14100:2022
Guidance on environmental criteria for projects, assets and activities to support the development of green finance
ISO 32212:2026
Sustainable finance — Net zero transition planning for financial institutions
NYDFS 23 NYCRR 500
New York Department of Financial Services — Cybersecurity Requirements for Financial Services Companies
PDPA (Singapore)
Personal Data Protection Act 2012 — Singapore Data Protection Law
APPI
Act on the Protection of Personal Information — 個人情報の保護に関する法律
PIPEDA
Personal Information Protection and Electronic Documents Act — Canadian Federal Privacy Law
HITRUST CSF
HITRUST Common Security Framework — Healthcare-Focused Certifiable Security & Privacy Framework
NIST AI RMF 1.0
AI Risk Management Framework — NIST AI 100-1
CSRD
Corporate Sustainability Reporting Directive — Directive (EU) 2022/2464
IFRS S1 / IFRS S2
ISSB Sustainability Disclosure Standards — General and Climate-related Disclosures
MiCA
Markets in Crypto-assets Regulation — Regulation (EU) 2023/1114
Colorado ADMT Act
Consumer Protections for Automated Decision-Making Technology — SB24-205 as amended by SB26-189
SOC 1 Type II
Service Organization Control 1 — Internal Controls over Financial Reporting (SSAE 18)
EU AMLA & AML Package
AML Authority and AMLR/AMLD6 — Regulations (EU) 2024/1620, 2024/1624 and Directive (EU) 2024/1640
FATF Travel Rule
FATF Recommendation 16 — Information Sharing for Wire and Virtual Asset Transfers
India DPDP Act
Digital Personal Data Protection Act 2023 and DPDP Rules 2025
EU ESG Ratings Regulation
Transparency and Integrity of ESG Rating Activities — Regulation (EU) 2024/3005
US Corporate Transparency Act
Beneficial Ownership Information Reporting — 31 U.S.C. 5336 and 31 CFR 1010.380
WCAG 2.2
Web Content Accessibility Guidelines (WCAG) 2.2 — W3C Recommendation (also ISO/IEC 40500:2025)
European Accessibility Act (EAA)
Directive (EU) 2019/882 — Accessibility requirements for products and services
US Bank Secrecy Act / AML
Bank Secrecy Act (Currency and Foreign Transactions Reporting Act) — 31 U.S.C. 5311 et seq. and 31 CFR Chapter X
NIST SP 800-53
Security and Privacy Controls for Information Systems and Organizations — NIST SP 800-53 Rev. 5 (Release 5.2.0)
GHG Protocol Corporate Standard
The Greenhouse Gas Protocol — A Corporate Accounting and Reporting Standard (Revised Edition, with 2015 Scope 2 Guidance)
PSD2
Revised Payment Services Directive — Directive (EU) 2015/2366
OFAC Sanctions Compliance (SDN Screening)
A Framework for OFAC Compliance Commitments — Economic Sanctions Regulations, 31 CFR Chapter V (SDN List screening under IEEPA/TWEA)
CSDDD
Corporate Sustainability Due Diligence Directive — Directive (EU) 2024/1760 (as amended by the Omnibus I Directive (EU) 2026/470)
California SB 253
Climate Corporate Data Accountability Act — SB 253 (Chapter 382, Statutes of 2023; Health & Safety Code §38532), as amended by SB 219
ESRS
European Sustainability Reporting Standards — Commission Delegated Regulation (EU) 2023/2772
MLPS 2.0
Cybersecurity Multi-Level Protection Scheme — GB/T 22239-2019 Information Security Technology, Baseline for Classified Protection of Cybersecurity
GLBA Safeguards Rule
Standards for Safeguarding Customer Information — 16 CFR Part 314 (Gramm-Leach-Bliley Act)
Essential Eight
ASD Essential Eight Maturity Model — Strategies to Mitigate Cyber Security Incidents
Basel III / Basel III Endgame
Basel III: Finalising post-crisis reforms (BCBS d424) — Global bank capital, leverage and liquidity framework
eIDAS 2.0
European Digital Identity Regulation (EU) 2024/1183 — amending Regulation (EU) No 910/2014