Vanta Introduces EU AI Act Support for the Ethical Development and Use of AI in Europe

Providing European companies with support for local regulations and security best practices including the Digital Operational Resilience Act (DORA) and NIS 2

Accelerating European momentum with product enhancements and London office

LONDON--()--Vanta, the leading trust management platform, today announced new investments in the United Kingdom and Ireland, including new compliance frameworks, product features and the opening of its London office. These initiatives reflect Vanta’s ongoing commitment to help UKI and European businesses easily achieve compliance and scale security programmes by providing the technology, local expertise and trusted partnerships needed to compete on a global stage.

Support for the EU AI Act

The rapid adoption of AI technologies presents both opportunities and risks for organisations. According to Vanta’s new State of Trust 2024 report, nearly half (49%) of UK companies are concerned about the risks AI poses to their security.

Vanta’s support for the EU AI Act includes all AI-specific controls, policies, tests and documents mandated by the act, helping companies meet emerging regulations and avoid significant penalties. Vanta categorises AI systems as “high-risk” or “low-risk” based on regulatory criteria and automates collection of the evidence needed to prove compliance, enabling continuous compliance monitoring while also automating AI risk assessments. The new offering also ensures that customers have the necessary documentation for external auditors—making compliance with the EU AI Act seamless.

Added support for DORA and NIS 2

In addition to the EU AI Act, Vanta has expanded its offerings to support DORA and NIS 2 for European businesses. DORA, which takes effect in January 2025, requires financial institutions to strengthen their digital operational resilience, ensuring that they can withstand, respond to and recover from information and communication technology (ICT) disruptions. With Vanta’s support for the DORA framework, financial services firms in Europe can automate compliance efforts to ensure operational resilience by the January deadline.

Vanta’s newly added support for the NIS 2 directive is designed to help organisations across sectors like energy, banking and manufacturing to improve their resilience and response to cyber threats. The NIS 2 directive raises standards for risk management, incident reporting and control verification. Vanta’s support for this framework provides a cross-regional control set that allows companies to meet NIS 2 compliance regardless of where they are based, helping them to prepare ahead of local NIS 2 law being released.

Vanta’s automated frameworks keep businesses up-to-date with the latest regulations, enabling them to move from point-in-time checks to a continuous, proactive approach to security and compliance,” said Jeremy Epling, Chief Product Officer, Vanta. “By automating evidence collection, streamlining workflows and intelligently mapping requirements across multiple frameworks, Vanta helps companies achieve compliance faster and more efficiently—allowing them to focus on innovation and growth.”

Additional European frameworks and free penetration testing

Organisations in the UK spend an average of 12 weeks a year on compliance tasks1—more than the U.S. and Australia —highlighting the critical need for automation. By simplifying the implementation of new controls and policies, Vanta enables customers to meet local regulations and international standards with one platform.

Instead of hiring two full-time consultants and spending a year on the process, [with Vanta] we achieved compliance in just seven months, saving time and costs,” Magnus Sparf, CISO, Sitoo.

Announced earlier this year, Vanta’s ISO 42001 solution helps organisations responsibly develop and use AI. By satisfying ISO 42001, organisations are better positioned to meet and exceed AI Act requirements. Vanta also enables compliance with the UK Cyber Essentials framework, a widely adopted cybersecurity framework critical for any company seeking to improve their overall security posture or bid on UK government contracts. Vanta’s cross-mapping of controls across frameworks enables customers to leverage already completed work to achieve compliance with these, and other, frameworks faster.

As part of these offerings, Vanta now provides free penetration testing for UKI and European customers through Cognisys. These tests, which include external scans and black-box assessments, are integrated into Vanta’s platform simplifying the compliance process for European businesses.

Expanded in-region presence with new London office

To better serve its customers in Europe, Vanta is expanding its local presence with an office in London. This is the latest investment by Vanta in the region, which includes a Frankfurt-based data centre providing customers with an option for meeting internal policies on data storage location and regulatory requirements, and its European headquarters in Dublin, which opened in 2022.

Throughout the upcoming year, Vanta will expand its support in London and Dublin to ensure European businesses have the technology and guidance to establish and scale their security and compliance programmes, and demonstrate trust with Vanta.

About Vanta

Vanta is the leading trust management platform that helps simplify and centralise security for organisations of all sizes. Over 8,000 companies including Atlassian, Omni Hotels, Quora, and ZoomInfo rely on Vanta to build, maintain and demonstrate their trust—all in a way that's real-time and transparent. Founded in 2018, Vanta has customers in 58 countries with offices in Dublin, London, New York, San Francisco and Sydney. For more information, visit www.vanta.com.

1Vanta State of Trust 2024

Contacts

press@vanta.com