TrustTech: Mastering regulatory compliance

Utter the word “regulation” in most boardrooms and you will likely be met with groans and sighs. For many companies, compliance is a frustrating but necessary evil that slows innovation and distracts from core business priorities. 

But this reputation is undeserved. Regulation is not designed to overwhelm companies with red tape; rather, it exists to keep society safe from harm. It’s what keeps toxic chemicals out of our water and food supply. It’s what ensures airplanes meet safety standards and the car you drive to work is roadworthy. And in the digital world, in which so much of our lives are now enmeshed, it’s what keeps our personal data safe. 

While new technologies unlock almost limitless opportunities for innovation and growth, they also introduce security risks and compliance challenges that organizations must carefully navigate. Safeguarding data has become essential to sustaining trust in digital systems. 

The cost of non-compliance

One of the motivations behind the General Data Protection Regulation (GDPR), introduced by the European Union in 2018, was to address this issue. Since then, Europe has established itself as a global leader in the regulatory landscape, with other notable frameworks, such as the anti-money-laundering directives (AMLDs) and the Digital Services Act (DSA), seeking to reinforce trust in financial systems and digital platforms. 

In short: if companies want to operate in Europe, they have no choice but to comply – because anyone who disregards the GDPR risks severe penalties.¹

“Europe has laid the blueprint for how to handle regulation,” says Andreas Barthelmes, Investment Manager at InterFund Solutions Ventures. “But rather than seeing it as a burden, forward-thinking companies should view regulation as an opportunity to build trust with consumers, future-proof operations, and scale responsibly.”

Companies that embed trust into their digital infrastructure from the ground up will be far better positioned to scale and adapt to evolving regulatory demands. After all, compliance isn’t a one-time operation – it’s an ongoing cycle of updates and new requirements. According to a Thomson Reuters report, a new regulatory update emerges every seven minutes.² Small wonder, then, that 61% of corporate risk and compliance professionals cite staying on top of regulatory changes as a top priority.³

But given the fast pace of the regulatory landscape, how do these organizations even begin to keep up?

To make or to buy, that is the question

Many of the large corporations tackle compliance challenges in-house. With vast financial and technical resources at their disposal, they can build tailored internal systems and processes to give them full control and visibility of their global regulatory obligations, while keeping pace with the frequent updates. But what works for global tech giants isn’t always feasible for the small and medium-sized companies that make up the backbone of the economy.

Running compliance in-house requires a lot of time, money, and expertise. It means hiring legal and technical teams, while investing in expensive monitoring tools to keep on top of policy updates. To avoid these extra burdens and costs, a better alternative for organizations is to partner with a specialized TrustTech company.

TrustTech is an umbrella term for technologies that help organizations secure and restore trust across all layers of the digital ecosystem: infrastructure, identity, regulation, and ethics. While each layer plays a role in safeguarding digital interactions, it is often the regulatory layer where businesses struggle most. This is where RegTech (regulatory tech) startups are having a big impact, helping companies tackle the complex compliance challenges quickly and at scale with innovative, automated solutions. This frees them from the burden of having to figure it out for themselves and gives them space to focus on other business priorities.

TrustTech in action

Let’s take the financial industry – one of the most heavily regulated sectors – as an example. The EU’s anti-money-laundering directives (AMLDs) boosted prevention of financial crime within the EU; however, inconsistent enforcement across member states has at times led to varied outcomes. To address this, the new anti-money- laundering regulation (AMLR) – which came into effect in July 2024 and will apply from July 2027 – and the newly established anti-money-laundering authority (AMLA) aim to harmonize rules and ensure a more consistent application of compliance standards across the EU.

While this should bring more clarity, implementation remains a challenge. Salv, an Estonia-based startup, helps banks and fintechs meet such compliance challenges. Its modular platform enables automated transaction monitoring, real-time risk scoring, and cross-institutional data sharing to help banks exchange intelligence and detect suspicious activity (without violating data privacy regulations like GDPR) once an initial red flag is raised internally.

For example, if Bank A detects suspicious activity potentially linked to Bank B, it can use Salv’s Bridge network to query Bank B (and potentially others in the network) for related information in an encrypted, privacy-preserving manner. This helps institutions piece together larger and international criminal networks far more effectively than they could in isolation, while ensuring compliance at every step.

Another major piece of regulation impacting all businesses with a digital presence in the EU – not just those in the financial sector – is the Digital Services Act (DSA), which came into force in 2024. This regulation applies to every organization and every type of online activity (website, social media, etc.). The DSA mandates how online platforms must manage content, transparency, and user safety in the EU. Unlike GDPR, which governs data protection, the DSA focuses on platform accountability, imposing obligations that range from removing illegal content within tight deadlines to disclosing moderation practices and publishing risk assessments. Crucially, the DSA introduces enforcement powers with significant financial penalties for non-compliance, reinforcing the EU’s broader message: digital spaces must be safer, more transparent, and more accountable.

But once again, unless you’re a very large online platform (VLOP) with 45 million monthly users and a robust internal compliance team, staying on top of all DSA requirements is an operational nightmare. That’s where Tremau, a Paris-based startup, comes in. Tremau’s Trust & Safety platform, Nima, is purpose-built to help platforms meet DSA obligations efficiently and at scale. 

Its orchestration engine integrates various content detection tools into a unified system, enabling platforms to identify and act on harmful content more effectively. This also helps platforms stay on top of reporting obligations, for example, by documenting why a piece of content was removed, what laws or policies it violated, and how long it took to moderate – all necessary information required by the regulator. By simplifying complex compliance tasks like reporting and scaling moderation capabilities, Tremau provides a critical infrastructure layer for any platform operating under the EU’s new regulatory regime.

These are just two examples of the many RegTech companies innovating in this space and helping businesses of all sizes navigate Europe’s increasingly complex regulatory environment. For smaller companies without the infrastructure or in-house experts to keep pace with regulatory changes, partnering with such specialist providers is a practical way to stay compliant. But even big business stands to benefit too, as TrustTech can help streamline internal teams and reduce costs. By offloading the compliance burden to trusted experts, businesses can refocus efforts on growth-driven priorities. Rather than being a headache, compliance becomes a competitive edge.

Salv and Tremau are backed by InterFund Solutions Ventures, a venture capital fund backed by InterFund Solutionsand the European Investment Bank. The theme-driven fund invests in early-stage companies whose innovations promote and protect trust in digital ecosystems.

Published: 15/07/2025