Cybersecurity SME
Check Compliance

Cybersecurity for the Trust Services Sector

Certification authorities, identity providers and trust service providers. 20-200 employees.

Applicable Regulations

AI Act

4 guides

EU Regulation 2024/1689

Regulation of artificial intelligence systems in the EU with a risk-based approach. Phased application: prohibited practices from Feb 2, 2025, GPAI obligations from Aug 2, 2025, high-risk systems from Aug 2, 2026

Penalties: Up to €35M or 7% of turnover (prohibited practices); €15M or 3% (other obligations); €7.5M or 1% (inaccurate information). SMEs: proportionate caps
Authority: AI Office (EU Commission) + AgID (Italy)
Deadline: August 2, 2026
Explore guides

eIDAS

2 guides

EU Regulation 910/2014 + EU Regulation 2024/1183 (eIDAS 2.0)

Digital identity and qualified trust services (digital signature, certified email, time stamp)

Penalties: Up to €5M or 2% of annual turnover
Authority: AgID - Agency for Digital Italy
Deadline: May 20, 2026
Explore guides

GDPR

4 guides

EU Regulation 2016/679

Personal data protection in the European Union

Penalties: Up to €20M or 4% of annual global turnover
Authority: Data Protection Authority (Garante per la Protezione dei Dati Personali)
Explore guides

ISO 27001

2 guides

ISO/IEC 27001:2022 - International standard

Information Security Management System (ISMS)

Penalties: N/A (voluntary standard)
Authority: Accredited certification bodies (Accredia in Italy)
Explore guides

NIS2

4 guides

EU Directive 2022/2555 - Legislative Decree 138/2024

Network and information security for essential and important entities

Penalties: Up to €10M or 2% of annual turnover
Authority: ACN - National Cybersecurity Agency
Deadline: October 17, 2024
Explore guides

Discover Your Compliance Level for Trust Services

Check in just a few minutes which regulations apply to your trust services business and the priority actions to become compliant.

Start Free Assessment

Audit your website automatically

Scan your public website for GDPR cookie banner, accessibility (WCAG 2.1 AA), legal transparency and security headers — AI generates copy-pasteable fixes and a PDF report.

Discover the Website Compliance Audit