Compliant Standards

A descriptive list of frameworks and compliances that Datawarp supports proving its secured capabilities.

Contact Sales
Zone A
Global & Transnational Frameworks
GDPR (EU/EEA)
Full architectural alignment with Art. 25 (Privacy by Design), Art. 32 (Security of Processing), and Art. 44 (Cross-Border Transfers) via local-only processing.
FATF (Global)
Supports Recommendation 10 (Customer Due Diligence), Rec. 11 (Record Keeping), and Rec. 20 (STR Reporting) through immutable audit logs.
Basel III (Banking)
Facilitates Operational Risk Management (Standardized Approach) and enforces strict Internal Control Frameworks for financial institutions.
ISO/IEC Standards
27001:2013: Information Security Management (Asset Management & Access Control).
27701:2019: Privacy Information Management (PIMS).
PCI-DSS
Compliant with Requirement 3 (Protect Stored Account Data). The PII Shield automatically masks PAN and sensitive authentication data upon ingestion.
OECD Guidelines
Adheres to principles regarding the Protection of Privacy and Transborder Flows of Personal Data.
Zone B
Data Sovereignty & Residency
Asia-Pacific (APAC)
India: DPDP Act 2023, RBI Cyber Security Framework.
China: DSL & PIPL (Strict Localization Compliant).
Singapore: PDPA 2012, MAS TRM Guidelines.
Vietnam: Cybersecurity Law (Decree 53).
Japan: APPI. South Korea: PIPA.
Australia: Privacy Act 1988 & APRA CPS 234.
Indonesia: PDP Law. Philippines: Data Privacy Act.
Thailand: PDPA. Malaysia: PDPA 2010.
Middle East & Africa (MEA)
UAE: Federal Decree-Law No. 45, CBUAE Consumer Protection.
Saudi Arabia: PDPL (Personal Data Protection Law).
Qatar: Law No. 13. Bahrain: PDPL.
South Africa: POPIA. Nigeria: NDPR.
Egypt: Law No. 151. Kenya: Data Protection Act.
Americas
USA: GLBA (Financial Privacy), SOX Section 404, CCPA/CPRA.
Canada: PIPEDA.
Brazil: LGPD (Lei Geral de Proteção de Dados).
Mexico: FLPPD.
Europe (Non-EU)
UK: Data Protection Act 2018 (UK GDPR).
Switzerland: FADP (Federal Act on Data Protection).
Turkey: LPPD (Law on Protection of Personal Data).
Zone C
Industry-Specific Regulations
Banking & AML
USA PATRIOT Act: Section 314(a) & 352 (AML Programs).
BSA: Bank Secrecy Act Recordkeeping.
Wolfsberg Group: AML guidance for correspondent banking.
FCPA & UK Bribery Act: Internal accounting controls.
Healthcare & Life Sciences
HIPAA (USA): Security Rule compliance via air-gapped processing.
HITECH Act (USA): Health Information Technology for Economic and Clinical Health.
DISHA (India): Digital Information Security in Healthcare Act (Draft).
Government & Defense
NIST SP 800-171: Protecting Controlled Unclassified Information (CUI).
NIST SP 800-53: Security and Privacy Controls for Information Systems.
FIPS 140-2: Mandatory usage of approved cryptographic modules (AES-256).
Zone D
Technical Security Standards
Application Security
OWASP Top 10: Architecture mitigates Injection (A03) and Sensitive Data Exposure (A04).
CWE/SANS Top 25: Hardened against risky resource management errors.
CIS Benchmarks: Aligned with Application Software Security standards.
Audit & Assurance
SOC 2 Type I/II: System design aligns with Privacy, Confidentiality, and Processing Integrity trust service criteria.

Ready to secure your data?

Request Enterprise Demo