www.regology.com Open in urlscan Pro
35.164.56.88  Public Scan

Form analysis
1 forms found in the DOM

Name: wf-form-Footer-Newsletter-Input — GET

<form id="wf-form-Footer-Newsletter-Input" name="wf-form-Footer-Newsletter-Input" data-name="Footer Newsletter Input" method="get" class="form inside-input" data-wf-page-id="6568aa447fa27d2bb421c935"
  data-wf-element-id="16fd087d-8f14-7ad5-37b1-44bf8f87cd2e" aria-label="Footer Newsletter Input" data-hs-cf-bound="true">
  <div class="position-relative"><input type="email" class="input-2 button-inside w-input" maxlength="256" name="Email" data-name="Email" placeholder="Enter your email address" id="Footer-Email" required=""><input type="submit" value="Subscribe"
      data-wait="Please wait..." id="w-node-_16fd087d-8f14-7ad5-37b1-44bf8f87cd31-b421c935" class="btn-primary-2 inside-input default---small w-button"></div>
</form>

Text Content

This website stores cookies on your computer. These cookies are used to collect
information about how you interact with our website and allow us to remember
you. We use this information in order to improve and customize your browsing
experience and for analytics and metrics about our visitors both on this website
and on other media. To find out more about the cookies we use, see our Privacy
Policy

If you decline, your information won’t be tracked when you visit this website. A
single cookie will be used in your browser to remember your preference not to be
tracked.

AcceptDecline
Reggi AI
Meet Reggi - Your Free Generative AI Regulatory Compliance Assistant
Features & Benefits

TRENDING QUESTIONS:
WHAT ARE THE REGULATORY REQUIREMENTS FOR . . .
CAN YOU BUILD ME A COMPLIANCE POLICY FOR . . .


Get Started Now ->
Platform
PLATFORM

Overview
Integrations

SMART LAW LIBRARY

BUILD OR TRANSFORM YOUR REGULATORY CONTENT INTO A DYNAMIC DATABASE

 * Bring your own library
 * Create or enhance a library
 * Leverage one of our out-of-the-box law libraries

REGULATORY CHANGE

TRACK REGULATORY CHANGES IN REAL-TIME BASED ON YOUR REGULATORY TOPICS

 * Regulatory change alerts
 * Horizon scanning & bill tracking
 * Regulatory dashboards

COMPLIANCE

DEVELOP WORKFLOWS TO COMPLY WITH ALL REQUIRED LAWS & REGULATIONS

 * Build compliance policies
 * Map risks & controls
 * Integrate with your GRC solution

Industries & Topics
Industries

Regology is the only industry-agnostic regulatory intelligence platform:


All Industries

Banking & Financial Services

Cryptocurrency & Digital Assets

Gaming & Sports Betting

Healthcare & Life Sciences

Software & Technology
Regulatory Topics

Ready-to-go regulatory content packages by topic including:


All Topics

ESG

Labor & HR

Privacy & Information Security

AML & BSA

Money Transmitter

Tax
Pricing
Resources
Learn
Blog
Resource Center
Generative AI Prompt Training
Implement
Implementation Process
Migrate or Build Your Law Library
Integrating Your GRC Platform
About Regology
Who We Are
Who We Serve
Our Partners
Contact Us

Featured Resource

EBOOK - GENERATIVE AI FOR REGULATORY COMPLIANCE

Download Now
Request a Demo


Compliance
December 15, 2023


GEARING UP FOR 2024: REGULATORY DEVELOPMENTS TO WATCH

As the year draws to a close, we find ourselves at an important time in the
compliance sector—a time to pause and take stock of the year's most impactful
developments. This year-end wrap-up is more than just a retrospective; it's a
critical lens through which we can forecast the trends and challenges that await
us in 2024. From the escalating importance of environmental, social, and
governance (ESG) initiatives to the transformative role of AI in compliance
strategies, let's prepare for the emerging compliance landscape of the coming
year. 


KEY TOPICS TO WATCH IN 2024


ARTIFICIAL INTELLIGENCE (AI) AND LARGE LANGUAGE MODELS

Generative AI made a big splash in 2023, quickly becoming part of business
solution suites and is now increasingly used in a variety of tasks. However, it
also raises ethical questions, such as data privacy, algorithmic bias, and job
displacement, that need to be addressed. In light of the recent Executive Order
and the EU AI Act, there will be a spike in regulatory response around the use
of AI in 2024 internationally, and compliance teams need to be prepared.

First AI Law: On December 9, 2023, the European Union (EU) reached a provisional
agreement on the EU AI Act, which is considered the world's first dedicated law
on artificial intelligence. This legislation establishes a comprehensive
regulatory framework aimed at ensuring the safety, legality, trustworthiness,
and protection of fundamental rights within AI systems. The EU intends to set
global standards for AI regulation, similar to the impact of the General Data
Protection Regulation (GDPR) on data privacy. The law categorizes AI systems
into different risk levels and imposes varying degrees of regulation, from
minimal or no risks to unacceptable risks. It bans AI systems with unacceptable
risks, including cognitive manipulation, predictive policing, emotion
recognition in workplaces and schools, social scoring, and certain remote
biometric identification systems. 

Multi-Level Regulatory Responses: In the US, following Biden’s Executive Order
in October, various federal agencies are conducting assessments on AI, which
will lead to a multitude of recommendations and guidelines. This will likely
result in a cascade of new federal legislation and regulations. In parallel,
states may enact their own AI regulations, similar to the diverse approaches
seen in privacy laws like California's CCPA or Virginia's CDPA. Navigating this
patchwork of federal and state regulations will require efficient systems for
tracking, analyzing, and implementing these guidelines.

Inter-agency and Inter-state Coordination: As different agencies and states roll
out their recommendations and regulations, there will be a need for coordination
to avoid contradictory policies. Compliance professionals will need to monitor
these developments closely and participate in industry discussions to understand
and influence the regulatory landscape.

Adaptive Compliance Programs: Compliance programs will need to be adaptable and
agile, capable of quickly responding to new regulations and guidelines around
AI, particularly around Privacy and Information Security. This may involve
investing in technology solutions that can assist in managing complex compliance
requirements.

Risk Assessment and Management: Comprehensive risk assessments will be critical
in identifying areas of potential non-compliance. Regular audits and reviews of
AI systems and practices will become more common to ensure ongoing compliance.


SUSTAINABILITY AND ESG DIRECTIVES

The year 2023 was a pivotal one for sustainability and ESG (Environmental,
Social, and Governance) reporting. As of September 2023, various U.S. states
actively drafted and implemented ESG regulations. However, there was controversy
surrounding ESG investing and business decisions in the US, prompting a
significant focus on anti-ESG efforts. This makes for a very diverse and
evolving regulatory landscape in 2024:

Anti-ESG Rules: 20 states have enacted "anti-ESG" rules. These rules generally
aim to limit the influence of ESG factors in investment decisions and discourage
ESG-related investments.

Pro-ESG Rules: 8 states have implemented "pro-ESG" rules, which are designed to
protect and sometimes incentivize ESG-related investments.

Disclosure-Related ESG Regulations: 3 states have enacted regulations related to
ESG disclosures.

Pending Legislation: More than 75 additional anti- or pro-ESG bills are pending
across various state legislative sessions. In total, 41 states have either
effective or pending ESG investing rules.

Federal Regulations: At the federal level, the regulatory environment has also
been dynamic. The Draft Rule, issued in 2022 and proposed by the Securities and
Exchange Commission (SEC), aims to enhance and standardize climate-related
disclosures for investors. The focus is on providing detailed and consistent
information about climate-related risks and impacts. When finalized (anticipated
in 2024), companies would be required to disclose information about their
greenhouse gas emissions, climate-related risks, and how these risks are
managed. At the same time, the U.S. Department of Labor has eased paths for
ERISA-regulated retirement plan fiduciaries to consider certain ESG factors in
making investment decisions.

The scope, structure, and effects of these state-level rules vary widely and
frequently require interpretive analysis for compliance. ESG has become a top
area of focus for CEOs, boards, investors, regulators, and customers. Many
companies are now in various stages of implementing controls and governance
processes over the collection, review, and reporting of sustainability
information. This includes creating multifunctional teams that bring together
finance, risk management, legal, and internal audit professionals. 

As we look toward 2024, compliance professionals should prepare for a number of
key developments in ESG-related regulations:

Enhanced Reporting and Data Management: The need for accurate data collection
and reporting will increase significantly. Compliance professionals must ensure
robust systems for tracking and reporting environmental data and climate-related
financial risks.

Third-Party Assurance and Verification: As regulations like California’s SB 253
require third-party assurance for emissions reporting, organizations will need
to engage with external auditors or assurance providers.

Here are the key provisions of the act summarized by Reggi:

‍


Generated by Reggi, Regology's Generative AI compliance assistant

‍

Understanding of Scope 1, 2, and 3 Emissions: Organizations must understand the
differences between these emission scopes and how to accurately calculate and
report them.

Risk Assessment and Strategy Development: Understanding and reporting on
climate-related risks will require a comprehensive assessment of how these risks
impact business operations and financial performance.


DATA PRIVACY REGULATIONS

There is a lot of regulatory response to the latest technological developments,
addressing cybersecurity, data privacy, eCommerce, digital assets (like
cryptocurrencies and NFTs), and AI. The capability to process vast amounts of
personal data will likely prompt specific privacy regulations, focusing on
consent, data minimization, and algorithmic transparency. 

Data privacy regulations like the GDPR in the European Union (EU) and
state-level legislation like CCPA (amended by the CPRA) in the US are expected
to evolve, with potential new laws that could be more stringent. There may also
be movements toward a federal privacy law to unify these state-level
regulations.

Here's an overview of some key regulations in the US:

 * The California Privacy Rights Act (CPRA), effective from January 1, 2023,
   builds on the CCPA. It gives residents the right to prevent businesses from
   sharing their personal data, request correction of inaccuracies, and restrict
   the use of sensitive data.

 * The Colorado Privacy Act, effective from July 1, 2023, adds specific
   provisions regarding the collection, processing, and dissemination of
   personal data to the existing Colorado Consumer Protection Act.

 * The Connecticut Personal Data Privacy and Online Monitoring Act, effective
   from July 1, 2023, regulates how personal data is protected, collected, and
   processed, and outlines penalties for noncompliance.

 * The Utah Consumer Privacy Act, effective from December 31, 2023, will protect
   the collection, processing, and distribution of personal data.

 * The Virginia Consumer Data Protection Act, effective from January 1, 2023,
   provides guidelines and penalties regarding the collection, processing, and
   distribution of personal data, affecting both government and non-government
   organizations.

In the EU, there may be more clarity in the GDPR around consent, data subject
rights, and cross-border data transfers, especially in light of recent court
rulings and technological changes.


 * EU’s Digital Markets Act


Generated by Reggi
 * EU’s Digital Services Act
   


Generated by Reggi

Countries outside the European Union are also enacting their own data privacy
laws, adding another layer of complexity to compliance. Due to jurisdictional
variation, compliance teams will need in 2024:

Comprehensive Risk Management: Incorporating privacy risks into the overall risk
management framework, especially concerning new technologies.

Cross-Jurisdictional Compliance: Navigating a potentially complex landscape of
varying regulations across different jurisdictions.

Technology-Driven Compliance Solutions: Leveraging technology to manage
compliance, especially in areas like policies and control mapping and real-time
monitoring of regulatory updates.


INTERNATIONAL REGULATORY HARMONIZATION INITIATIVES IN HEALTHCARE

There are international regulatory harmonization initiatives on the move,
particularly in healthcare. They seek to advance regulations and standards
across the globe. Today, there are several organizations, task forces, and
initiatives that seek to advance international harmonization, convergence, and
reliance on the regulation of medical devices. These initiatives aim to
streamline regulations and standards globally, making it easier for medical
device manufacturers to enter and operate in different markets.

Compliance professionals must navigate this environment with a deep
understanding of harmonization, convergence, and reliance processes. Staying
informed and engaged with key agencies and forums like the CDRH and IMDRF will
be essential.

KEY REGULATORY PROCESSES

 * Regulatory Harmonization: This refers to the process whereby technical
   guidelines are developed to be uniform across participating regulatory
   authorities in multiple countries.

 * Regulatory Convergence: This is a voluntary process whereby the regulatory
   requirements in different countries or regions become more similar or
   "aligned" over time.

 * Regulatory Reliance: This refers to the act whereby a regulatory authority in
   one jurisdiction may take into account and give significant weight to
   assessments performed by another or trusted institution in reaching its own
   decision.

KEY AGENCIES AND FORUMS

Center for Devices and Radiological Health (CDRH) of the U.S. Food and Drug
Administration (FDA)

 * Role: The CDRH regulates firms manufacturing, repackaging, relabeling, and/or
   importing medical devices in the United States.
   
   
 * Contribution: It plays a pivotal role in shaping and implementing globally
   harmonized regulatory standards for medical devices.

International Medical Device Regulators Forum (IMDRF)

 * Role: A global group comprising medical device regulators from several
   countries, including the U.S., E.U., Japan, Canada, and others.
   
   
 * Function: Facilitates international harmonization and convergence of medical
   device regulation.
   
   
 * Activities: Develops guidance, tools, and strategies to synchronize
   regulatory approaches and promote regulatory convergence.


IN SUMMARY

The year 2024 will likely be marked by an increased focus on technological and
ethical considerations in AI, with a heightened awareness around data privacy
and the potential for new, more stringent laws. The patchwork of state-level ESG
regulations, both pro- and anti-ESG, will require a nuanced approach to
compliance, as will the evolving landscape of data privacy laws across the US
and EU. In healthcare, the trend towards regulatory harmonization will continue,
simplifying the global market for medical devices but also demanding a deeper
understanding of international standards.

Compliance teams must be prepared to adapt to these changes fast. This means
investing in technology to manage complex compliance requirements, engaging in
ongoing education and training, and participating actively in industry
discussions. By staying informed and agile, compliance professionals can not
only navigate these changes effectively but also leverage them to drive
strategic growth and ethical business practices.

Looking ahead, the role of the compliance professional is more crucial than
ever. In a world where regulatory landscapes shift with increasing speed and
complexity, those equipped with the latest knowledge, tools, and a
forward-thinking mindset will be the ones leading their organizations into a
successful and compliant 2024.


LATEST BLOG POSTS

Browse all posts
Compliance

December 15, 2023


GEARING UP FOR 2024: REGULATORY DEVELOPMENTS TO WATCH

Read more

Artificial Intelligence

27 November 2023


UNDERSTANDING THE LIMITATIONS OF GENERATIVE AI AS A COMPLIANCE TOOL

Read more

Artificial Intelligence

11-7-2023


OPTIMIZING RISK MANAGEMENT: THE STRATEGIC EDGE OF GENERATIVE AI

Read more


Copyright © 2023 Regology. All rights reserved.

Subscribe to our newsletter

Thanks for joining our newsletter.
Oops! Something went wrong while submitting the form.

SOLUTIONS

RegIntel – Free Generative AI SolutionRegulatory Change ManagementRegulatory
Compliance Management

WHO WE SERVE

Chief Compliance OfficersCompliance and Risk ManagersGeneral CounselsAML and BSA
LeadersExecutive Leadership and BoardsConsultants and Lawyers

INDUSTRIES

All IndustriesBanking & Financial ServicesDigital Assets &
CryptocurrencyGambling & GamingHealthcare & Life SciencesSoftware & Technology

PRICING

Pricing & Features

RESOURCES

Resource CenterBlog

COMPANY

About UsContact UsPartners

PRIVACY POLICY

CopyrightCCPATerms of Use

Pages
 * Home (sales)
 * Home v1
 * Home v2
 * Home v3
 * About
 * Blog v1
 * Blog v2
 * Blog v3
 * Blog post
 * Blog category

 * Features v1
 * Features v2
 * Features v3
 * Pricing
 * Pricing single
 * Contact
 * Integrations
 * Integration single
 * Careers

 * Career single
 * Help center
 * Help center category
 * Help center single
 * More Webflow Templates

Utility pages
 * Sign in
 * Sign up
 * Forgot password
 * Reset password
 * Terms and conditions
 * Confirm your email
 * Demo
 * Landing page
 * Coming soon

Template pages
 * Start here
 * Styleguide
 * Password protected
 * 404 Not found
 * Licenses
 * Changelog

Copyright © 2023 Regology. All rights reserved.



