Canada AI & Financial-Sector Regulatory References
Canadian regulatory framework for AI in capital markets and financial services, spanning securities, prudential, privacy and human rights obligations.
EU AI Act
Regulation (EU) 2024/1689 establishing harmonised rules on artificial intelligence across the European Union.
FFIEC IT Examination Handbook
The FFIEC IT Examination Handbook booklets covering architecture, development, management, and security of financial institution IT systems.
ISO/IEC 42001
International standard specifying requirements for establishing, implementing, maintaining and continually improving an AI management system.
NIST AI 600-1
NIST's framework for managing risks specific to generative AI, covering twelve risk categories from CBRN information to value chain integrity.
NIST SP 800-53 Rev 5
NIST's catalogue of security and privacy controls for information systems and organisations.
OWASP LLM Top 10
The ten most critical security risks for applications built on large language models, published by OWASP.
OWASP ML Security Top 10
The ten most critical security risks for machine learning systems, published by OWASP.
SR 11-7: Model Risk Management
Federal Reserve and OCC supervisory guidance on model risk management, covering development, validation, and governance of models.