Frameworks explorer.
Shariah
2 frameworksIslamic governance + product permissibility under AAOIFI + IFSB.
AAOIFI
Shariah Standards SS-8 — SS-39
Related
Shariah Standards + prudential standards work as a paired regime.
IFSB
Prudential standards & capital adequacy
Security
2 frameworksInformation security, posture, and audit controls (SOC 2, ISO 27001).
SOC 2 Type II
Security, availability, confidentiality
Related
Security control set heavily overlaps; certification reuses ~80% evidence.
ISO 27001
Information security management
Privacy
1 frameworkData protection, subject rights, lawful basis (GDPR).
GDPR
EU data protection & subject rights
Related
Personal-data processing in high-risk AI systems triggers a joint DPIA + FRIA.
Financial
6 frameworksPayment + financial messaging + capital adequacy (PSD2/3, ISO 20022, Basel III).
PSD2
Strong customer authentication (SCA)
Related
PSD3 / PSR is the successor; ISO 20022 is the message backbone for both.
PSD3 / PSR
Open Finance + enhanced SCA, IBAN-name match, instant-payment fraud framework
ISO 20022
Financial messaging (pacs.008, pacs.003)
Basel III
Liquidity coverage & capital ratios
FATF
AML, CFT, sanctions screening
MiCA
Crypto-asset markets (where applicable)
AI
1 frameworkAI conformity + risk classification (EU AI Act).
EU AI Act
AI system registry & conformity (2024/1689)
Related
AI conformity intersects with privacy + operational resilience for financial AI.
Resilience
1 frameworkOperational resilience, third-party risk (DORA, IFSB-21).
DORA
Digital operational resilience (EU)
Run a readiness self-test
Want to see how your organisation maps against these frameworks? Run the IOF Readiness Self-Test — 12 questions, 10 minutes, actionable result.