tika
Get started
Solutions

Built for the regulations that govern your sector.

Radar ships pre-mapped control libraries for the EU instruments that apply to your industry - from DORA in banking to MiCA in crypto and the EU Health Data Space in healthcare.

Banking & Fintech
Headline obligation

DORA, in application since 17 January 2025

Instruments in scope
  • DORA - Reg. (EU) 2022/2554
  • PSD2 - Dir. (EU) 2015/2366 (PSD3 / PSR in trilogue)
  • AMLR - Reg. (EU) 2024/1624
  • EBA Guidelines on ICT & security risk management
  • GDPR - Reg. (EU) 2016/679
Where Radar focuses

Register of information for ICT third parties, threat-led penetration testing every three years, and the 4-hour major-incident classification clock.

Crypto & MiCA
Headline obligation

MiCA - CASP rules in application since 30 December 2024

Instruments in scope
  • MiCA - Reg. (EU) 2023/1114
  • ESMA Supervisory Briefing on CASP authorisation (Jan 2025)
  • EBA RTS on ART/EMT reserves
  • Travel Rule - Reg. (EU) 2023/1113
  • DORA (CASPs are in scope)
Where Radar focuses

CASP authorisation files, white-paper notifications, reserve composition and segregation, and market-abuse monitoring across token venues.

Insurance
Headline obligation

Solvency II + DORA + EIOPA digitalisation guidance

Instruments in scope
  • Solvency II - Dir. 2009/138/EC (review adopted 2024)
  • DORA - Reg. (EU) 2022/2554
  • IDD - Dir. (EU) 2016/97
  • EIOPA Guidelines on ICT security & governance
  • GDPR (special-category health data)
Where Radar focuses

Outsourcing notifications, ICT third-party register alignment with Solvency II, and AI-driven pricing under the AI Act high-risk classification.

Healthcare & MedTech
Headline obligation

GDPR special-category data + AI Act + NIS2

Instruments in scope
  • GDPR Art. 9 - health data
  • EHDS - Reg. (EU) 2025/327 (European Health Data Space)
  • MDR - Reg. (EU) 2017/745
  • AI Act - high-risk for clinical decision support (Annex III §5)
  • NIS2 - health sector is essential (Annex I)
Where Radar focuses

Secondary-use permits under EHDS, conformity assessment for AI-enabled medical devices, and the NIS2 24-hour early warning for clinical incidents.

Critical Infrastructure & SaaS
Headline obligation

NIS2 - transposition deadline was 17 October 2024

Instruments in scope
  • NIS2 - Dir. (EU) 2022/2555
  • CER Directive - Dir. (EU) 2022/2557
  • Cyber Resilience Act - Reg. (EU) 2024/2847
  • Data Act - Reg. (EU) 2023/2854
  • ISO/IEC 27001:2022
Where Radar focuses

Determining essential vs important status across 18 sectors, the 24h / 72h / 1-month reporting cadence, and management-body accountability under Art. 20.

AI-first companies
Headline obligation

EU AI Act - staged through 2 August 2027

Instruments in scope
  • AI Act - Reg. (EU) 2024/1689
  • Prohibitions & AI literacy - applied 2 Feb 2025
  • GPAI obligations - applied 2 Aug 2025
  • High-risk obligations - apply 2 Aug 2026
  • Product-safety regimes for AI-embedded products
Where Radar focuses

Annex III risk classification, the Art. 11 technical file, post-market monitoring, and GPAI model evaluations / serious-incident reporting.

Talk to a specialist