Posted on: July 31, 2025May 27, 2026

Data Compliance: Regulations, Risks and Best Practices

The US Treasury Department is actively working on final regulations for GENIUS Act implementation after a period of industry engagement. Driven by the view that stablecoins could become true mediums of exchange on public blockchains due to their stability in value, numerous regulators have acknowledged the importance of a bespoke regulatory framework for stablecoins. From the US’ GENIUS Act to the EU’s MiCA rollout and new regimes making progress in Hong Kong, Japan, Singapore and the UAE, regulators articulated standards in key areas like issuance, reserves, and redemption. PCI DSS is a set of requirements and guidelines designed to help ensure secure business transactions and protect cardholder data, including credit card numbers, expiration dates and security codes.

• We issue general guidance (including guidelines, recommendations and best practice) to clarify the law and to promote common understanding of EU data protection laws.
• Some of the key best practices for supporting effective and sustainable data compliance are outlined below.
• The GENIUS Act on stablecoins has passed, establishing a federal regime for issuance, reserves, audits, and oversight.
• The intersection of these two concepts is critical, as effective data governance is a cornerstone of achieving and maintaining regulatory compliance.

PRACTICES

Join the thousands of organizations who are confident in how they exchange private data between people, machines, and systems. You cannot comply with regulations you don’t understand, and you cannot implement controls for data you can’t track. Comprehensive data classification—knowing what data you have, where it lives, how it moves, and who accesses it—is foundational. SB 53 targets large AI developers directly, requiring publication of risk-management frameworks and mandatory reporting of catastrophic safety incidents to the state.

Podcast: How an Ohio banker talks with policymakers about stablecoin issues

It establishes a set of controls—or data compliance standards—that organizations and individuals https://caribbean21.com/how-to-ensure-the-security-of-computer-systems.html must follow when handling data. The purpose of these compliance requirements is to create safeguards that protect data privacy and prevent data misuse. Data compliance can also help organizations and individuals develop policies and procedures to more responsibly handle data.

Data Security & Privacy Compliance

With the new regime coming into effect, CIMA also encouraged VASPs to review their current operations and controls to ensure they comply with the additional requirements. In 2025, about 80% of our reviewed jurisdictions saw financial institutions announce digital asset initiatives. In particular, markets with clear, innovation-friendly regulation — such as the US, EU, and parts of Asia — became catalysts for global institutional participation. Notably, we saw financial institutions engaging more with public blockchains, in step with more conducive regulatory climates in some key jurisdictions.

• Organisations will be required to provide individuals with a way to raise data protection complaints, acknowledge receipt of those complaints within 30 days, and investigate them without undue delay.
• For instance, in May 2023, Ireland’s data protection authority imposed a fine of USD 1.3 billion on the California-based Meta for GDPR violations.
• To support implementation work, FATF released a toolkit for AML National Risk Assessments in August 2025.
• The standards outline recommended controls and policies to monitor, regulate, manage and maintain the security of critical infrastructure systems.
• Discover the right expert for you with Lexology Index (formerly Who’s Who Legal), comprehensive data-led research into the leading lawyers and experts, used by law firms and companies globally.

The Utah Consumer Privacy Act is the most recent of the state-specific privacy regulations to be passed in the United States. Therefore, it has also drawn most of its policy specifications from the regulations that have preceded it. In fact, 157 countries enacted some form of data privacy law through the first half of 2022, most inspired and/or influenced by the prevalence of GDPR.

Posted on: July 31, 2025May 27, 2026

Data Compliance: Regulations, Risks and Best Practices

The US Treasury Department is actively working on final regulations for GENIUS Act implementation after a period of industry engagement. Driven by the view that stablecoins could become true mediums of exchange on public blockchains due to their stability in value, numerous regulators have acknowledged the importance of a bespoke regulatory framework for stablecoins. From the US’ GENIUS Act to the EU’s MiCA rollout and new regimes making progress in Hong Kong, Japan, Singapore and the UAE, regulators articulated standards in key areas like issuance, reserves, and redemption. PCI DSS is a set of requirements and guidelines designed to help ensure secure business transactions and protect cardholder data, including credit card numbers, expiration dates and security codes.

• We issue general guidance (including guidelines, recommendations and best practice) to clarify the law and to promote common understanding of EU data protection laws.
• Some of the key best practices for supporting effective and sustainable data compliance are outlined below.
• The GENIUS Act on stablecoins has passed, establishing a federal regime for issuance, reserves, audits, and oversight.
• The intersection of these two concepts is critical, as effective data governance is a cornerstone of achieving and maintaining regulatory compliance.

PRACTICES

Join the thousands of organizations who are confident in how they exchange private data between people, machines, and systems. You cannot comply with regulations you don’t understand, and you cannot implement controls for data you can’t track. Comprehensive data classification—knowing what data you have, where it lives, how it moves, and who accesses it—is foundational. SB 53 targets large AI developers directly, requiring publication of risk-management frameworks and mandatory reporting of catastrophic safety incidents to the state.

Podcast: How an Ohio banker talks with policymakers about stablecoin issues

It establishes a set of controls—or data compliance standards—that organizations and individuals https://caribbean21.com/how-to-ensure-the-security-of-computer-systems.html must follow when handling data. The purpose of these compliance requirements is to create safeguards that protect data privacy and prevent data misuse. Data compliance can also help organizations and individuals develop policies and procedures to more responsibly handle data.

Data Security & Privacy Compliance

With the new regime coming into effect, CIMA also encouraged VASPs to review their current operations and controls to ensure they comply with the additional requirements. In 2025, about 80% of our reviewed jurisdictions saw financial institutions announce digital asset initiatives. In particular, markets with clear, innovation-friendly regulation — such as the US, EU, and parts of Asia — became catalysts for global institutional participation. Notably, we saw financial institutions engaging more with public blockchains, in step with more conducive regulatory climates in some key jurisdictions.

• Organisations will be required to provide individuals with a way to raise data protection complaints, acknowledge receipt of those complaints within 30 days, and investigate them without undue delay.
• For instance, in May 2023, Ireland’s data protection authority imposed a fine of USD 1.3 billion on the California-based Meta for GDPR violations.
• To support implementation work, FATF released a toolkit for AML National Risk Assessments in August 2025.
• The standards outline recommended controls and policies to monitor, regulate, manage and maintain the security of critical infrastructure systems.
• Discover the right expert for you with Lexology Index (formerly Who’s Who Legal), comprehensive data-led research into the leading lawyers and experts, used by law firms and companies globally.

The Utah Consumer Privacy Act is the most recent of the state-specific privacy regulations to be passed in the United States. Therefore, it has also drawn most of its policy specifications from the regulations that have preceded it. In fact, 157 countries enacted some form of data privacy law through the first half of 2022, most inspired and/or influenced by the prevalence of GDPR.