May 6, 2025, London - Dublin – Corlytics, the global RegTech leader backed by Verdane, becomes the first RegTech firm to achieve the ISO/IEC 42001:2023 certification for its business-wide AI management system. This establishes Corlytics’ commitment to AI Governance. It joins ranks alongside a few leading technology companies.
Where many third-party providers and suppliers are quick to integrate AI software, too few place the right level of focus on security. Last week JP Morgan’s Chief Information Security Officer warned third party software suppliers that “SaaS is creating a substantial vulnerability that is weakening the global economic system” and demanded they “prioritise security over rushing features”. The ISO 42001 certification answers this challenge by building the trust and security today’s stakeholders need as it mandates bias mitigation, risk, and resilience controls across the entire AI lifecycle. It also maps to both the EU AI Act and the UK Government’s National AI Strategy.
The process involved an independent two stage audit by leading cybersecurity compliance firm A-LIGN which found zero non-conformities. The certification represents a globally recognised commitment to the safe and ethical development of AI systems that embed quality, security, traceability into AI applications. While other businesses have focused AI strategies largely on their technology development, for Corlytics this is an end-to-end strategy that extends to six major competencies of the business, making it a truly ethical AI-powered firm.
"We have been using AI from our inception and have always been led by a strategy of AI-by-design” commented John Byrne, CEO and Founder of Corlytics. “That means our clients will continue to benefit from our rigorous and disciplined approach to AI, without compromising on security, transparency or traceability. It’s also why we are a trusted partner for 40% of the world’s 30 largest banks, and how we’ve built solutions that have the breadth to tackle 30 million pages of regulation a year for our clients.”
Corlytics’ ISO 42001 certification follows a year from Verdane taking a majority stake in the business, during which the RegTech firm has expanded its governance enterprise-wide. Every product, acquisition, and process sits within its AI Management System framework, meaning the certification takes into account all parts of the business. The move also precedes product and service updates expected by the end of the year.
“This milestone reflects the years of investment Corlytics has made in building expert, ethical, intelligent AI,” added Oisín Boydell, Chief Data Officer at Corlytics. “From the outset, our goal has been to embed AI safely and responsibly across our solutions ensuring our clients benefit from technology that is not only precise and efficient but deeply accountable.”
The certification was achieved in collaboration with Waystone Compliance Solutions, a governance and risk advisory provider. “Congratulations to the Corlytics team on this landmark achievement,” said Conor Flynn, Managing Director, Compliance Solutions at Waystone. “ISO 42001 will quickly become a gold standard for organisations adopting AI, and Corlytics has demonstrated both the strategic foresight and operational discipline to lead from the front.”
–ENDS–
ABOUT CORLYTICS
Corlytics is the regulatory technology partner of choice for Tier 1 banks, insurers and financial services providers worldwide. Its precision FIUI (Find, Interpret, Understand, Implement) regulatory technology is reshaping compliance by embedding intelligence directly into regulatory content. With over €50 million invested in R&D, Corlytics leads with a vision to transform how organisations manage regulatory risk through the power of AI.
More information about the ISO 42001 certification is available at www.corlytics.com.
ABOUT A-LIGN
A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and a leading HITRUST and FedRAMP assessor. To learn more, visit a-lign.com.
ABOUT WAYSTONE
Waystone provides institutional governance, risk, and compliance services to the asset management industry. With over 20 years’ experience and a comprehensive range of specialist services, Waystone provides its clients with the guidance and tools to allow them to focus on managing their investment goals with confidence. Learn more at waystone.com.