Expanding commitments to help global Financial Services customers compliantly adopt the latest agentic AI tools

As a global industry, Financial Services faces increased pressure due to market volatility, escalating cyber threats, and ever-increasing demand from employees for the latest AI tools. While essential to individual productivity and business innovation, these tools also introduce new complexities for governance and compliance that IT and compliance teams must address.

Financial Services customers around the world, like Equifax and ATB Financial, trust Google Workspace with Gemini to get their work done in a collaborative, efficient, and compliant manner. Workspace is uniquely positioned to combine industry-leading generative AI capabilities backed by Google’s full stack approach to AI innovation with the latest in regulatory compliance adherence for the Financial Services industry.

Today, in addition to the already supported FINRA regulations, we’re expanding compliance capabilities by supporting a range of international regulations across 13 different markets, including the specific mandates from the U.S. SEC and FINRA and the EU's Digital Operational Resilience Act (DORA). These compliance offerings help customers adopt the AI-enhanced capabilities built into Workspace while meeting rigorous international standards and guidelines. Delivering capabilities that help customers meet compliance standards across the globe requires a scalable cloud-native foundation that Workspace is uniquely positioned with and was originally built for. Our advantage starts with reliable, purpose-built AI infrastructure, and is powered by the pioneering research of Google DeepMind, and our versatile Gemini family of models.

Our expanded commitment to compliance with international standards

Our solutions are designed to help you build with confidence, knowing that you have the tools to address your global security and compliance needs. We’re announcing industry-leading capabilities to cover the following regulations and jurisdictions:

• Australia: Australian Prudential Regulation Authority (APRA)
• Canada: Office of the Superintendent of Financial Institutions (OSFI)
• Denmark: Danish Financial Supervisory Authority (FSA)
• European Union: European Banking Authority (EBA) and the new Digital Operational Resilience Act (DORA)
• France: Autorité des Marchés Financiers (AMF) + Autorité de Contrôle Prudentiel et de Résolution (ACPR)
• India: Insurance Regulatory and Development Authority of India (IRDAI)
• Japan: Financial Industry Information Systems (FISC)
• Netherlands: Netherlands Authority for the Financial Markets (AFM) + De Nederlandsche Bank (DNB)
• Poland: Polish Financial Supervision Authority (KNF)
• Singapore: Outsourced Service Provider Audit Report (OSPAR)
• Switzerland: Swiss Financial Market Supervisory Authority (FINMA)
• United Kingdom: Financial Conduct Authority (FCA) + Prudential Regulation Authority (PRA)
• United States: Federal Financial Institutions Examination Council (FFIEC), Gramm-Leach-Bliley Act (GLBA), Know Your Third Party (KY3P), Sarbanes-Oxley Act (SOX), and the new U.S. Securities and Exchange Commission (SEC) 17a-4, SEC 18a-6, Financial Industry Regulatory Authority (FINRA) 4511, FINRA 3170, & Commodity Futures Trading Commission (CFTC) 1.31

Our commitment extends beyond today's regulations. We’re proactively engaging with regulators and industry leaders to help shape the compliance landscape for the future. We're at the table, thinking ahead about how agentic AI will impact regulatory obligations, ensuring our platform and our guidance evolve to meet tomorrow's challenges before they arrive.

Workspace support for new regulations

In addition to the expanded compliance capabilities above, we’re proud to introduce for two new key regulations:

• U.S. Securities and Exchange Commission (SEC) 17a-4, SEC 18a-6, Financial Industry Regulatory Authority (FINRA) 4511, FINRA 3170, & Commodity Futures Trading Commission (CFTC) 1. These regulations in the United States set out requirements for the retention of electronic records for firms in the securities industry. Our new solution enables compliance with these key rules, which you can read more about here. As part of this, we've obtained a Cohasset Attestation document, which assesses that our solution meets the FINRA requirements for record-keeping.
  
  
• The Digital Operational Resilience Act (DORA). This new framework for the European Union will help ensure the financial sector in Europe is resilient to cyber threats and IT disruptions. To help our customers strengthen their business continuity plans, we've introduced two new plans that provide access to Workspace at a low cost in the event of an outage.

How Workspace helps you meet your compliance needs

At the core of Workspace, and by extension Workspace with Gemini, is a foundational platform architectured to meet regulatory requirements across diverse geographies and industries. Unlike other solutions that rely on complex and isolated clouds for different regulatory regimes, Workspace provides a unified environment. This eliminates the operational burden and complexity of managing disparate systems, allowing you to:

• Streamline compliance: Manage your obligations for several stringent standards like FINRA, SOC 1/2/3, ISO 42001, FedRAMP High, HIPAA, and more from a single, consistent cloud platform.
• Reduce overhead: Lower the administrative costs and effort associated with maintaining multiple, isolated legacy cloud instances.
• Foster trust in development: Adhere to international regulations across 13 markets to foster trust; Workspace has expanded its commitment to supporting the compliant integration of agentic AI for financial services.

As you look to the future, our platform is designed to help you navigate the next wave of innovation. We are actively developing our capabilities to help you address the unique compliance challenges that arise from emerging technologies like agentic AI, ensuring you can adopt them responsibly and with confidence.

Go beyond compliance with digital sovereignty

We understand that for the Financial Services sector, control over data location and access is non-negotiable. Workspace delivers on the promise of digital sovereignty through capabilities like Data Regions, which allows you to choose the geographic location where your covered data is processed and stored at rest, and Access Management, which helps you control and limit cloud provider access to your data. These features and more are available in the Assured Controls add-on SKU.

Learn more

To explore our newly updated compliance resources, visit the Google Workspace for Financial Services webpage. Get detailed information on our compliance capabilities across the regulations discussed above, including our compliance cards and guidance for customers by visiting the Compliance offerings hub.

As you navigate this evolving world, we’re committed to being your trusted partner. We will continue to invest not only in your immediate compliance needs but also in pioneering emerging solutions like agentic AI for the future.