Regulation SP Requires registered broker-dealers, investment companies, and investment advisers to adopt written policies and procedures that address administrative, technical, and physical safeguards for the protection of customer records and information.
CPS 234 is an Australian Prudential Standard designed to ensure APRA-regulated entities can effectively prevent, detect, respond to, and recover from information security incidents, including cyberattacks.
CPS 230 is an Australian Prudential Standard designed to strengthen operational risk management and resilience across the Australian financial sector. The regulation took effect on July 1, 2025.
The Network and Information Security Directive 2022/2555, otherwise known as NIS2, is a European Union (EU) directive designed to improve the security of network and information systems in the EU.
The Digital Operational Resilience Act (“DORA”) was adopted on 27 December 2022. It is a European Union regulation designed to increase the cybersecurity requirements for financial institutions (“FSIs”- Financial Services Industries) and their information and communication technology (“ICT”) service providers.
IRAP is an Australian Government initiative managed by the Australian Signals Directorate (ASD) designed to help ensure that information and communications technology (ICT) systems meet the requirements of the Australian Government Information Security Manual (ISM). By meeting IRAP control requirements, organizations can have confidence that Proofpoint maintains the security controls necessary to securely protect government systems and information.
The Digital Operational Resilience Act (“DORA”) was adopted on 27 December 2022. It is a European Union regulation designed to increase the cybersecurity requirements for financial institutions (“FSIs”- Financial Services Industries) and their information and communication technology (“ICT”) service providers.
On October 30, 2023, the Biden administration issued an Executive Order (EO) on the Safe, Secure and Trustworthy Development and Use of Artificial Intelligence (AI) (“Order”).
On September 21, 2003, the UK announced the establishment of the UK-US data bridge (the “Bridge”), which is also known as the UK Extension to the EU-U.S. Data Privacy Framework (the “DPF”).
On July 10, 2023, the European Commission adopted its adequacy decision facilitating cross-border transfers of personal data under the EU-U.S. Data Privacy Framework (the “DPF”) in compliance with EU law.
© 2025 Proofpoint. All rights reserved. The content on this site is intended for informational purposes only.
Last updated November 26, 2025.
Proofpoint Trust
Proofpoint helps companies protect their people from the ever-evolving threats in the digital ecosystem.
