{ "version": "https://jsonfeed.org/version/1.1", "title": "Sia RegAI — Blog", "home_page_url": "https://siareg.ai/blog", "feed_url": "https://siareg.ai/feed.json", "description": "Practical, working-day guides on regulatory compliance — DORA, EU AI Act, MAS, HKMA, OCC, FCA, FDA, EMA, NERC CIP, NAIC, Solvency II, NIST AI RMF, ISO 42001 — written from real Sia engagements with GSIBs, insurers, hyperscalers, pharma, and utilities.", "icon": "https://siareg.ai/assets/logos/sia_logo_dark.png", "favicon": "https://siareg.ai/assets/logos/sia_logo_dark.png", "language": "en-US", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "items": [ { "id": "https://siareg.ai/blog/thick-vs-thin-wrapper", "url": "https://siareg.ai/blog/thick-vs-thin-wrapper", "title": "Thick wrapper vs thin wrapper — why regulatory AI needs a purpose-built system", "summary": "Why ChatGPT, Claude, Perplexity, and horizontal AI tools like Harvey can't replace a purpose-built regulatory system. The thick-wrapper case, the five-question vendor test, and what \"trained on tens of thousands of SME annotations\" actually means.", "date_published": "2026-04-26T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Engineering", "Point of view"] }, { "id": "https://siareg.ai/blog/citation-graphs", "url": "https://siareg.ai/blog/citation-graphs", "title": "Citation graphs for compliance — why every AI output needs receipts", "summary": "The mechanic that turns AI output from \"memo\" into \"audit-ready artifact.\" How a citation graph is built, why it's the moat, and the five-property checklist for any vendor that claims defensibility.", "date_published": "2026-04-26T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Engineering", "Defensibility"] }, { "id": "https://siareg.ai/blog/regulatory-change-management-software", "url": "https://siareg.ai/blog/regulatory-change-management-software", "title": "Regulatory Change Management Software — A Buyer's Guide", "summary": "The eight capabilities that matter, the four categories of vendor (regulatory feeds, GRC platforms, pure regulatory intelligence, consulting deliverables), and the seven questions to ask before signing.", "date_published": "2026-04-30T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Buyer's guide"] }, { "id": "https://siareg.ai/blog/grc-vs-regulatory-intelligence", "url": "https://siareg.ai/blog/grc-vs-regulatory-intelligence", "title": "GRC vs Regulatory Intelligence — Why They're Not the Same Tool", "summary": "GRC platforms (Archer, ServiceNow GRC, MetricStream, OneTrust) store controls. Regulatory intelligence platforms (Sia RegAI, Compliance.ai, Norm AI) do the reading, mapping, and drafting. The category-distinction guide for compliance buyers.", "date_published": "2026-04-30T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Buyer's guide"] }, { "id": "https://siareg.ai/blog/eu-ai-act-high-risk", "url": "https://siareg.ai/blog/eu-ai-act-high-risk", "title": "EU AI Act High-Risk Classification — A Decision Tree for AI Builders", "summary": "An eight-step decision tree for classifying AI systems under the EU AI Act: definition, prohibited practices (Article 5), Annex III high-risk categories, the Article 6(3) exception, Annex I product-safety integration, GPAI track, limited-risk transparency.", "date_published": "2026-04-30T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Tech", "AI governance"] }, { "id": "https://siareg.ai/blog/fda-21-cfr-part-11", "url": "https://siareg.ai/blog/fda-21-cfr-part-11", "title": "FDA 21 CFR Part 11 Compliance with AI — Records, Signatures, Audit Trail", "summary": "How to add AI to GxP-validated workflows without breaking the validated state. CSA-aligned, audit-trail-grade. The five Part-11 control objectives mapped to AI integration.", "date_published": "2026-04-30T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Pharma"] }, { "id": "https://siareg.ai/blog/eu-mdr-ivdr-technical-documentation", "url": "https://siareg.ai/blog/eu-mdr-ivdr-technical-documentation", "title": "EU MDR & IVDR — Automating Technical Documentation", "summary": "MDR and IVDR Annex II structure, Annex VIII classification rules (Rule 11 software, IVDR Rule 3), GSPR conformity matrix, clinical evaluation, post-market surveillance — and where AI cuts drafting time without breaking notified-body acceptance.", "date_published": "2026-04-30T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Pharma"] }, { "id": "https://siareg.ai/blog/pharmacovigilance-automation", "url": "https://siareg.ai/blog/pharmacovigilance-automation", "title": "Pharmacovigilance Automation — Cutting ICSR & PSUR Cycle Times", "summary": "EMA GVP and ICH E2 framework. ICSR triage, MedDRA coding, narrative drafting, signal management, PBRER drafting. Where AI fits without breaking the QPPV's sign-off.", "date_published": "2026-04-30T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Pharma"] }, { "id": "https://siareg.ai/blog/nerc-cip-compliance", "url": "https://siareg.ai/blog/nerc-cip-compliance", "title": "NERC CIP Compliance with AI — From CIP-002 Asset Inventory to Audit-Ready Evidence", "summary": "The five-phase Sia RegAI workflow for utilities: BES Cyber System categorization, requirement mapping, evidence inventory, policy drafting, audit-pack assembly. Common findings and how to avoid them.", "date_published": "2026-04-30T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Utilities"] }, { "id": "https://siareg.ai/blog/orsa-solvency-ii-pillar-2", "url": "https://siareg.ai/blog/orsa-solvency-ii-pillar-2", "title": "ORSA in Practice — Automating Solvency II Pillar II", "summary": "The Article 45 ORSA's three core questions (overall solvency needs, continuous compliance, deviation from SCR assumptions). Country-specific NCA expectations. Where AI compresses the cycle and what stays human.", "date_published": "2026-04-30T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Insurance"] }, { "id": "https://siareg.ai/blog/naic-model-laws-multi-state", "url": "https://siareg.ai/blog/naic-model-laws-multi-state", "title": "NAIC Model Laws — US Insurance Compliance for Multi-State Carriers", "summary": "How NAIC's Model Laws (Model Audit Rule #205, ORSA Model Act #505, IDSML #668, AI Model Bulletin) differ across the 50 states, and how AI compresses 30+ jurisdictional comparisons into one matrix.", "date_published": "2026-04-30T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Insurance"] }, { "id": "https://siareg.ai/blog/iso-42001-vs-nist-ai-rmf", "url": "https://siareg.ai/blog/iso-42001-vs-nist-ai-rmf", "title": "ISO 42001 vs NIST AI RMF — Which AI Governance Framework Should You Adopt?", "summary": "Side-by-side comparison: certifiable management system (ISO 42001) vs. operational framework (NIST AI RMF). Scope, structure, certification, jurisdictional alignment, cost. When to pick one or run both.", "date_published": "2026-04-30T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Tech", "AI governance"] }, { "id": "https://siareg.ai/blog/occ-heightened-standards", "url": "https://siareg.ai/blog/occ-heightened-standards", "title": "OCC Heightened Standards — Mapping 12 CFR §30 with AI", "summary": "For state-chartered banks moving to OCC supervision, or any large bank under heightened-standards scrutiny. The clause-level mapping playbook from a recent charter conversion.", "date_published": "2026-04-26T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Banking"] }, { "id": "https://siareg.ai/blog/solvency-ifrs17", "url": "https://siareg.ai/blog/solvency-ifrs17", "title": "Solvency II + IFRS 17 — Two Frameworks, One Compliance Workflow", "summary": "How insurers can map both Solvency II and IFRS 17 once with a shared product taxonomy, AI-assisted gap analysis, and a single audit trail.", "date_published": "2026-04-26T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Insurance"] }, { "id": "https://siareg.ai/blog/nist-ai-rmf-tech", "url": "https://siareg.ai/blog/nist-ai-rmf-tech", "title": "NIST AI RMF for Tech — From Govern to Measure in 30 Days", "summary": "The NIST AI Risk Management Framework applied to AI-first tech companies. Govern, Map, Measure, Manage — what each function actually demands, and a 30-day onboarding plan.", "date_published": "2026-04-26T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Tech", "AI governance"] }, { "id": "https://siareg.ai/blog/mas-vs-hkma", "url": "https://siareg.ai/blog/mas-vs-hkma", "title": "MAS Notice 626 vs HKMA SPM — Side-by-Side Compliance Map", "summary": "70% of obligations map cleanly between Singapore's MAS Notice 626 and Hong Kong's HKMA SPM. The remaining 30% — PEP scope, BO thresholds, STR timing — is where multi-jurisdictional banks burn budget.", "date_published": "2026-04-26T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Banking", "APAC"] }, { "id": "https://siareg.ai/blog/eu-ai-act-banks", "url": "https://siareg.ai/blog/eu-ai-act-banks", "title": "EU AI Act Compliance for Banks — Obligations Decoded", "summary": "Where banks land in the four risk tiers. What Annex IV documentation actually needs. The August 2026 timeline you can't miss.", "date_published": "2026-04-26T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Banking", "AI governance"] }, { "id": "https://siareg.ai/blog/dora-gap-analysis", "url": "https://siareg.ai/blog/dora-gap-analysis", "title": "Automating DORA Gap Analysis — A Practical Guide for Financial Entities", "summary": "Six phases — scope, obligation extraction, applicability triage, gap analysis, control drafting, evidence pack — from real GSIB engagements. Written so a compliance lead with no AI background can run it themselves.", "date_published": "2026-04-26T09:00:00+00:00", "authors": [ { "name": "Cyril Sayada", "url": "https://www.linkedin.com/in/cyrilsayada/" } ], "tags": ["Banking"] } ] }