Skills
skills/zircote/sigint/Regulatory Review

Regulatory Review

SKILL.md

Regulatory Review

Overview

Regulatory review assesses the legal and compliance landscape affecting markets and products. This skill covers frameworks for understanding regulatory requirements, risks, and trends.

Regulatory Dimensions

Direct Regulations

  • Industry-specific rules (fintech, healthcare, etc.)
  • Product safety requirements
  • Licensing and certification
  • Operational standards

Data & Privacy

  • Data protection laws (GDPR, CCPA, etc.)
  • Cross-border data transfer
  • Consent requirements
  • Breach notification

Consumer Protection

  • Advertising standards
  • Fair trading practices
  • Warranty requirements
  • Dispute resolution

Competition/Antitrust

  • Market dominance rules
  • M&A restrictions
  • Pricing practices
  • Distribution agreements

Major Regulatory Frameworks

Data Privacy

Framework Jurisdiction Key Requirements
GDPR EU Consent, data rights, DPO, breach notification
CCPA/CPRA California Disclosure, opt-out, deletion rights
LGPD Brazil Similar to GDPR, local DPO
PIPL China Consent, localization, cross-border rules

Financial Services

Framework Jurisdiction Scope
Dodd-Frank US Banking, consumer protection
PSD2 EU Payment services, open banking
MiCA EU Crypto assets
SOX US Public company reporting

Healthcare

Framework Jurisdiction Scope
HIPAA US Health information privacy
FDA 21 CFR US Medical devices, pharma
MDR EU Medical devices
HITECH US Health IT security

AI/Technology

Framework Jurisdiction Scope
EU AI Act EU AI risk classification, requirements
NYC Local Law 144 NYC AI in employment decisions
State AI bills Various US Emerging requirements

Regulatory Risk Assessment

Risk Categories

Compliance Risk

  • Failure to meet existing requirements
  • Likelihood: Based on current gaps
  • Impact: Fines, operational restrictions

Regulatory Change Risk

  • New or changing regulations
  • Likelihood: Based on legislative trends
  • Impact: Cost of compliance, market access

Enforcement Risk

  • Increased regulatory scrutiny
  • Likelihood: Based on enforcement patterns
  • Impact: Investigations, penalties

Reputational Risk

  • Public perception of compliance
  • Likelihood: Based on sensitivity of issues
  • Impact: Customer trust, brand damage

Risk Matrix

Risk Likelihood Impact Trend Mitigation
[Risk] H/M/L H/M/L INC/DEC/CONST [Action]

Regulatory Trend Analysis

Trend Indicators

INC (Increasing regulation)

  • New legislation proposed/passed
  • Increased enforcement actions
  • Growing public/political attention
  • International coordination

DEC (Decreasing regulation)

  • Deregulation initiatives
  • Reduced enforcement
  • Political shift toward less oversight

CONST (Stable regulation)

  • Established framework
  • Predictable enforcement
  • No major changes pending

Current Global Trends

Area Direction Key Developments
Data Privacy INC More countries adopting GDPR-style laws
AI/ML INC EU AI Act, emerging US frameworks
Crypto/Fintech INC Global frameworks emerging
Competition/Big Tech INC Antitrust scrutiny increasing
ESG/Sustainability INC Disclosure requirements expanding
Cybersecurity INC Mandatory breach reporting

Compliance Assessment

Gap Analysis Framework

Requirement Current State Gap Priority Remediation
[Req 1] Compliant/Partial/Non Description H/M/L Action needed

Compliance Cost Estimation

Component One-Time Ongoing Annual
Technology $X $X
Personnel $X $X
Legal/Consulting $X $X
Training $X $X
Audit/Certification $X $X
Total $X $X

Jurisdiction Analysis

Market Entry Considerations

Jurisdiction Key Regulations Complexity Barrier Level
US Federal + 50 states High Medium
EU GDPR + sector regs High High
UK Post-Brexit regime Medium Medium
APAC Varies widely Variable Variable

Cross-Border Considerations

  • Data localization requirements
  • Licensing reciprocity
  • Contractual restrictions
  • IP protection differences

Output Structure

## Regulatory Review Summary

### Regulatory Landscape
[Overview of applicable regulations]

### Key Frameworks
| Framework | Applicability | Status |
|-----------|---------------|--------|
| [Name] | Direct/Indirect | Applicable/Monitor |

### Compliance Assessment
| Area | Status | Gap | Priority |
|------|--------|-----|----------|
| Data Privacy | ✓/△/✗ | [Gap] | H/M/L |
| [Other] | ✓/△/✗ | [Gap] | H/M/L |

### Regulatory Risk Matrix
| Risk | Likelihood | Impact | Trend |
|------|------------|--------|-------|
| [Risk] | H/M/L | H/M/L | INC/DEC/CONST |

### Trend Analysis
- Data Privacy: INC/DEC/CONST - [Evidence]
- Industry-Specific: INC/DEC/CONST - [Evidence]
- Enforcement: INC/DEC/CONST - [Evidence]

### Estimated Compliance Costs
[Cost breakdown]

### Recommendations
1. [Immediate action]
2. [Medium-term action]
3. [Monitoring action]

### Monitoring Indicators
- [Regulatory body announcements]
- [Legislative calendars]
- [Enforcement actions]

Best Practices

  • Consult legal experts for specific advice
  • Monitor regulatory developments continuously
  • Consider both current and proposed regulations
  • Assess both direct and indirect impacts
  • Factor compliance costs into business planning

Disclaimer

This skill provides research frameworks only. Consult qualified legal counsel for compliance decisions.

Additional Resources

For detailed frameworks, see:

  • references/privacy-frameworks.md - Data privacy details
  • references/compliance-checklist.md - Compliance templates
  • examples/regulatory-analysis.md - Sample analysis
Weekly Installs
0
Repository
zircote/sigint
GitHub Stars
3
First Seen
Jan 1, 1970
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass