Sector Coverage
Where regulation is
most demanding.
We operate at the convergence of the most complex regulatory environments: eight high-stakes sectors where governance failures do not generate reports. They generate crises. Our sector knowledge is operational, not academic. We have advised inside examination rooms, board crisis sessions, and capital-event due diligence.
// 01
Financial Services
The most examined sector in the global regulatory environment. Capital adequacy, conduct risk, AML/CFT, investor disclosure, and operational resilience obligations converge on financial institutions from multiple regulators simultaneously. We design compliance and risk architectures that hold under that convergence, not systems that satisfy one regulator while leaving the others exposed.
Capital & conduct risk
Basel III/IV capital adequacy, ICAAP, ILAAP, conduct risk framework design, and trader surveillance governance for banks, insurers, and investment managers.
AML/CFT & sanctions
AML program architecture, CDD/EDD design, transaction monitoring governance, sanctions screening, and SAR/STR reporting frameworks.
DORA & operational resilience
EU Digital Operational Resilience Act compliance: ICT risk management, third-party provider oversight, incident reporting, and resilience testing.
Investor & regulatory reporting
SEC reporting obligations, Pillar 3 disclosures, ESG investor reporting, and integrated annual reporting aligned to capital market expectations.
Board & senior management accountability
Senior Managers and Certification Regime (SMCR), accountability frameworks, fit and proper assessments, and board-level oversight structures.
DFI & development finance compliance
AfDB, IFC, World Bank lending conditionality, development finance governance, and African banking regulatory alignment across ECOWAS, EAC, and SADC.
// 02
Energy & Utilities
The energy transition is simultaneously the largest ESG opportunity and the most complex compliance environment in any sector. Carbon accounting, grid resilience, transition risk, and CSRD disclosure obligations must be managed alongside legacy asset compliance and energy security regulation. We integrate all of it into a single operating architecture.
Transition strategy & carbon intelligence
Scope 1, 2, and 3 emissions measurement, science-based target design, transition pathway planning, and TCFD/IFRS S2 disclosure.
CSRD & sustainability disclosure
CSRD compliance for energy companies: ESRS E1–E5, EU Taxonomy alignment, double materiality assessment, and sustainability statement preparation.
Grid & infrastructure resilience
Critical infrastructure risk frameworks, NIS2 compliance, grid security governance, and operational resilience for interconnected energy systems.
Asset-level ESG integration
ESG due diligence for energy asset acquisition, infrastructure fund ESG reporting, and stranded asset risk quantification for investor disclosure.
Energy sector regulatory compliance
FERC, NERC, EU energy regulation compliance, and cross-border energy trade governance for multinational energy companies.
Resource & extractive governance
Extractive industries transparency (EITI), social license governance, environmental compliance in jurisdictions with DFI lending conditions.
// 03
Health & Life Sciences
In health and life sciences, quality is not a management discipline. It is a regulatory obligation with criminal liability. Clinical data integrity, GxP compliance, post-market surveillance, and FDA/EMA submission readiness must operate within a governance framework that can withstand inspection without notice. We design systems that generate compliant evidence as a byproduct of normal operations.
GxP quality management systems
GMP, GCP, GLP, and GDP quality systems design, SOP architecture, deviation and CAPA management, and audit readiness for FDA, EMA, and MHRA inspection.
Clinical data integrity & 21 CFR
ALCOA+ data integrity programs, 21 CFR Part 11 electronic records and signatures, data governance frameworks for regulated clinical environments.
Regulatory affairs & submissions
Regulatory submission governance, eCTD document management, post-market surveillance systems, and regulatory change management programs.
HIPAA & health data compliance
HIPAA Privacy and Security Rule compliance, health data governance, breach notification protocols, and cross-border health data transfer governance.
ISO 13485 & MDR compliance
Medical device quality management system design, ISO 13485 certification readiness, EU MDR transition, and post-market clinical follow-up.
Healthcare ESG & sustainability
Healthcare sector sustainability reporting, supply chain ethical sourcing, and ESG disclosure aligned to investor expectations for health sector funds.
// 04
Public Sector & Defense
Public sector governance failures carry consequences that compound beyond financial exposure: eroded institutional trust, political risk, and regulatory intervention that can suspend operations. We advise defense contractors, development finance institutions, and government agencies on procurement integrity, CMMC readiness, and governance frameworks that survive Inspector General and Congressional scrutiny.
CMMC & defense contractor compliance
CMMC Level 2 and Level 3 readiness, CUI handling, NIST SP 800-171 gap assessments, System Security Plans, and third-party assessment preparation.
FAR/DFARS & procurement integrity
Federal Acquisition Regulation and DFARS compliance architecture, procurement ethics programs, and conflict of interest governance for federal contractors.
DFI governance & conditionality
World Bank, AfDB, IFC, USAID, and MCC governance and compliance frameworks: fiduciary standards, environmental and social safeguards, and anti-corruption programs.
Anti-corruption & integrity
FCPA, UKBA, and UN Convention Against Corruption compliance programs: risk assessment, due diligence, training, and investigation protocol design.
Public institution governance
Governance architecture for state-owned enterprises, public benefit organizations, and government agencies: board structure, accountability, and public financial management.
African Union & regional frameworks
AfCFTA compliance, ECOWAS and EAC regulatory alignment, African Development Bank governance standards, and anti-corruption programs in African public institutions.
// 05
Agriculture & Food
Food system governance has entered a new regulatory era. CSDDD supply chain due diligence, EU Deforestation Regulation, sustainability disclosure, and food safety traceability now converge on agricultural supply chains that were never designed for this level of scrutiny. We advise producers, processors, and food companies on compliance architectures that can absorb this regulatory pressure without operational disruption.
Supply chain traceability & EUDR
EU Deforestation Regulation compliance: geolocation requirements, supply chain mapping, due diligence statement design, and deforestation-free certification.
Food safety & quality systems
FSSC 22000, ISO 22000, BRC, HACCP, and SQF food safety management systems: certification readiness, audit preparation, and continuous improvement programs.
Agricultural ESG & sustainability
ESG strategy for agricultural producers, sustainability reporting, carbon footprint measurement for land use, and Scope 3 supply chain emissions for food companies.
CSDDD human rights due diligence
Supply chain human rights and environmental due diligence for agricultural sourcing: risk mapping, supplier engagement, and CSDDD compliance architecture.
African agricultural governance
African Continental Free Trade Area (AfCFTA) compliance, ECOWAS food safety standards, and sustainability programs for agricultural producers operating across African markets.
Agri-finance & DFI standards
IFC Performance Standards, Equator Principles, and DFI environmental and social safeguards for agricultural investment and infrastructure finance.
// 06
Infrastructure
Infrastructure governance sits at the intersection of geopolitics, development finance, environmental compliance, and long-term social license. Projects that secure DFI funding, survive regulatory scrutiny, and maintain community license require governance frameworks designed from project inception, not retrofitted after construction begins.
Development finance governance
Equator Principles, IFC Performance Standards, AfDB environmental and social standards, and MIGA/OPIC compliance for infrastructure project finance.
Procurement integrity & anti-bribery
ISO 37001 anti-bribery management systems, procurement governance, third-party due diligence, and integrity compliance for infrastructure contractors.
Community & stakeholder governance
Free, prior, and informed consent (FPIC) protocols, grievance mechanism design, community investment governance, and social impact management.
Environmental compliance & EIA
Environmental impact assessment governance, ISO 14001 environmental management systems, and compliance with environmental conditions attached to project permits.
Infrastructure resilience
Critical infrastructure risk frameworks, NIS2 compliance for connected infrastructure, and business continuity governance for long-life infrastructure assets.
Infrastructure ESG reporting
ESG reporting for infrastructure funds, GRESB infrastructure assessment, and sustainability disclosure for listed and unlisted infrastructure investment vehicles.
// 07
Technology & AI
The EU AI Act, GDPR, and emerging algorithmic accountability frameworks have converted AI governance from an ethical preference into a legal obligation. Boards that cannot document their AI oversight posture face material regulatory exposure. We design AI governance and data protection frameworks that satisfy regulators in the most demanding jurisdictions while enabling organizations to move fast.
EU AI Act readiness
AI system risk classification, conformity assessment preparation, AI governance framework design, and high-risk AI system compliance architecture.
GDPR & cross-border data compliance
GDPR compliance architecture, DPIA frameworks, data mapping, Records of Processing Activities, SCCs, and cross-border transfer governance.
Cyber governance & NIS2
NIS2 Directive compliance, SOC 2 Type II readiness, ISO 27001 certification, and board-level cybersecurity governance for technology companies.
Model risk management
SR 11-7 model risk governance, algorithmic bias assessment, model validation frameworks, and explainability documentation for regulated AI applications.
Cloud governance & third-party risk
Cloud security governance, DORA ICT third-party risk requirements, and vendor due diligence frameworks for critical technology dependencies.
Technology sector ESG
Carbon footprint of digital operations, responsible AI principles documentation, supply chain ESG for hardware procurement, and sustainability disclosure for tech companies.
// 08
Mining & Resources
ESG investor pressure, community license requirements, and environmental compliance have transformed mining governance from a permitting exercise into a strategic priority. Institutional investors, sovereign wealth funds, and DFI lenders now require documented ESG governance before committing capital. We design governance architectures that satisfy capital, regulatory, and community stakeholders simultaneously.
Community relations & FPIC
Stakeholder engagement governance, Free Prior and Informed Consent protocols, grievance mechanisms, and community investment governance for mining operations.
Environmental compliance & closure
Environmental management systems, closure planning governance, tailings management, ISO 14001 certification, and environmental performance reporting.
Mining ESG & investor reporting
TCFD, TNFD, ICMM ESG framework, GRI mining supplement, and investor-grade ESG disclosure for listed and unlisted mining companies.
EITI & extractives transparency
Extractive Industries Transparency Initiative (EITI) reporting, anti-corruption programs, beneficial ownership disclosure, and revenue transparency governance.
Responsible sourcing
OECD Due Diligence Guidance for Responsible Supply Chains, conflict minerals compliance, LBMA standards, and responsible sourcing program design.
Health, safety & ISO 45001
Occupational health and safety management systems, ISO 45001 certification, fatality prevention governance, and contractor safety management.
Sector Intelligence Briefing
Your sector. Your jurisdiction.
Your specific exposure.
A 30-minute strategic briefing identifies the regulatory obligations most likely to create material risk in your specific operating environment, before they surface in an examination or a board discussion.