Basel III & Basel IV – Capital adequacy, IRB, and credit governance

IFRS 9 / CECL (US GAAP) – Expected Credit Loss provisioning and staging

EBA Guidelines on Loan Origination and Monitoring (EBA/GL/2020/06)

OCC Credit Risk Management Handbook

ECB TRIM and Model Risk Validation Requirements

SR 11-7 (Model Risk Management)

BCBS 239 (Data Aggregation for Credit Risk Reporting)

Basel III Pillar 2 – Supervisory Review and Evaluation Process (SREP)

ECL Governance under IFRS 9 / GAAP

Basel III / Basel IV – Banking book treatment, PD/LGD/EAD validation

IFRS 9 & US GAAP (CECL) – Credit loss recognition and impairment

EBA Guidelines on Credit Risk Mitigation

OCC 2011-12 and SR 11-7 (Model Governance for Banks)

EBA SREP and Pillar 2 Reviews

BCBS Principles for Effective Risk Data Aggregation and Reporting (239)

Basel III Endgame – Standardized and IRB Alignment

Basel III Endgame Standards (2025 Implementation)

Basel III Pillar 1–3 Framework

Basel IV Revisions to Credit, Market, and Operational Risk

EBA SREP and Capital Planning Guidelines

Fed / OCC / FDIC Capital Rule (US Implementation)

CRR3 / CRD VI (EU)

ICAAP/ILAAP Supervisory Reviews

FRTB (Fundamental Review of the Trading Book)

BCBS Principles for Effective Risk Data Aggregation (239)

SR 11-7 (U.S.)

ECB TRIM & SSM Model Risk Guidance, including ECB 2024/2025 updates to the Guide to Internal Models

Basel Framework:

• BCBS IRB minimum requirements for internal rating systems (PD/LGD/EAD)

• BCBS Market Risk – FRTB internal models (IMA/SA)

• CCR and ICAAP/Stress Testing model requirements

UK PRA Model Risk Principles (2023)

IFRS 9 / CECL (US GAAP)

EBA SREP Pillar 2 internal model reviews

NIST AI RMF + EU AI Act – AI/ML model governance

BCBS 239

Canada – OSFI Guideline E-23: Model Risk Management

Singapore – MAS AI Model Risk Management

India – RBI Principles for Management of Model Risks in Credit

Hong Kong – HKMA IC-1: Risk Management Framework

Australia – APRA CPS/CPG 220 (Risk Management) & CPS/CPG 230 (Operational Risk & Resilience)

OCC 2011-12 – U.S. supervisory expectations for model validation

IFRS / US GAAP Disclosure Requirements

SEC Regulation S-X and MD&A (Management Discussion & Analysis)

Basel Pillar 3 Disclosure Requirements

FASB ASC Topics on Revenue, Impairment, and Restatement

EBA Transparency and Reporting Guidelines

PCAOB Audit Quality Indicators (AQIs)

SOX (Sarbanes-Oxley) Section 302/404 Internal Controls

COSO Internal Control Framework

ESMA Enforcement Priorities for Financial Reporting

FATF Recommendations and Mutual Evaluation Framework

EU AMLD6 (Anti-Money Laundering Directive)

Bank Secrecy Act (BSA) / USA PATRIOT Act

OCC 2011-12 & SR 11-7 (Model Validation for AML Systems)

FinCEN AML/CFT Guidance

OFAC / UN / EU / UK Sanctions Regimes

FCA Financial Crime Guide (FCG)

Wolfsberg Principles

MAS AML/CFT Notices and Guidelines

Basel Committee on Banking Supervision (Sound Management of ML/TF Risk)

Basel II/III – Pillar 2 Non-Financial Risk Integration

EBA Guidelines on Internal Governance

OCC Heightened Standards for Risk Culture

FCA Conduct Risk and SMCR Framework

IOSCO Principles for Corporate Governance

OECD Principles of Corporate Governance

CSRD / ESRS Governance Pillars (ESG)

ISO 37000 – Governance of Organizations

ISO 37301 – Compliance Management Systems

COSO ERM Integration with ESG Risks

Basel III Operational Risk Framework (Standardized Measurement Approach)

DORA (Digital Operational Resilience Act)

NIS2 Directive

COSO ERM Framework

ISO 22301 – Business Continuity Management

ISO 22316 – Organizational Resilience

ISO 27001 – Information Security

EBA ICT & Security Risk Management Guidelines

OCC Heightened Standards for Risk Governance

APRA CPS 230 / PRA SS1/23

NIST Cybersecurity Framework (CSF 2.0)

DORA (Articles 8–30 on ICT Governance and Incident Reporting)

Basel III Operational Risk Principles

ISO 27001 / ISO 27002 (Information Security Controls)

ISO 22301 (Continuity Management)

COSO ERM

NIS2 Directive (EU)

FFIEC Cybersecurity Assessment Tool (US Banks)

EBA Guidelines on ICT and Security Risk Management

NIST Privacy Framework (NIST-P)

ISO 27701 – Privacy Information Management

ISO 27018 – Protection of PII in Cloud

EU GDPR / UK GDPR

CCPA / CPRA

PDPA (Singapore / Thailand)

APEC Cross-Border Privacy Rules (CBPR)

OECD Privacy Principles

Data Governance Act (EU)

ISO 29100 – Privacy Framework

EU AI Act (2024)

NIST AI Risk Management Framework (AI RMF 1.0)

OECD AI Principles

ISO/IEC 42001 – AI Management System Standard

ISO/IEC 23894 – AI Risk Management

G7 Hiroshima AI Process Principles

Singapore Model AI Governance Framework

BCBS Guidance on AI/ML Model Governance

IMF Financial Stability Framework

Basel Committee – Countercyclical Capital Buffer (CCyB)

OECD Economic Outlook

FSB Global Monitoring Report on Non-Bank Financial Intermediation

NGFS Climate Scenarios on Macroprudential Stress

ECB / Fed Stress Testing Guidelines

IOSCO Market Resilience Principles

World Bank Global Economic Monitor

OFAC / UN / EU / UK Sanctions Regimes

Basel Sovereign Risk (RWA) Framework

NGFS Scenario Framework for Political & Climate Risk

OECD Due Diligence Guidance for Responsible Business Conduct

EU FDI Screening Regulation

World Bank Political Risk Insurance Guidelines

IMF Article IV Consultations (Sovereign Risk Assessments)

WTO Trade Facilitation Agreement

US Trade Expansion Act & Section 301 Tariffs

EU Trade Policy Regulations

OECD Guidelines for Multinational Enterprises

UNCTAD Trade and Development Reports

Basel III Market Risk and Sovereign Exposure Rules

World Customs Organization (WCO) Guidelines

IMF Balance of Payments Manual

TCFD (Task Force on Climate-related Financial Disclosures)

ISSB (IFRS S2 Climate Disclosures)

CSRD / ESRS E1

NGFS Climate Scenarios

Basel III Climate Scenario Analysis

EBA ESG Risk Management Guidelines (EBA/GL/2022/02)

ISO 14091 – Adaptation to Climate Change

UNEP FI Principles for Responsible Banking (PRB)

TCFD (Task Force on Climate-related Financial Disclosures)

ISSB (IFRS S2 Climate Disclosures)

CSRD / ESRS E1 & E2

NGFS Climate Scenarios

EBA ESG Risk Management Guidelines (EBA/GL/2022/02)

Basel III Pillar 2 / ICAAP

OECD Guidelines for Multinational Enterprises

UNEP FI Net-Zero Banking Alliance Framework

ISO 14068 – Climate Change Management: Transition to Net Zero

TNFD (Taskforce on Nature-related Financial Disclosures)

ISSB (IFRS S1/S2 Integrated ESG Disclosures)

CSRD / ESRS E4 (Biodiversity and Ecosystems)

Global Biodiversity Framework (COP15)

OECD Biodiversity Finance Principles

IFC Performance Standard 6 (Biodiversity Conservation)

NGFS Nature Risk Scenarios

Integrates all Weave.AI Beacons into unified, enterprise-wide risk oversight.

Serves as the governance layer aligning financial + non-financial exposures.

Builds on COSO ERM and ISO 31000 for integrated risk governance.

Aligns with Basel III Pillar 2 and BCBS 239 for ICAAP, stress testing, and data aggregation.

Meets DORA, NIS2, and APRA CPS 230 resilience and third-party oversight mandates.

Incorporates EBA Internal Governance, OCC Heightened Standards, FCA/PRA SS1/23.

Leverages ISO 22316, ISO 37301, and OECD Governance for resilience and compliance.

Embeds reputational risk governance via FCA Conduct, BCBS, COSO, ISO 37000.

Integrates climate/transition risk via TCFD, ISSB, CSRD, NGFS.

Acts as the ERM command center—aggregating signals, spotting contagion, and enabling regulator-defensible governance.