Articles

All our articles on Regulations

As organisations operate within a rapidly evolving regulatory landscape, compliance with frameworks such as DORA, NIS 2, the AI Act and the GDPR is a prerequisite for maintaining trust, security and the long-term sustainability of digital activities.

We help you interpret these regulatory regimes: their underlying objectives, the obligations they impose, the key deadlines to anticipate, and, above all, the practices required to achieve effective compliance.

Through technical, legal and operational insights, Evidency supports organisations in turning regulatory constraints into a genuine driver of digital trust. Qualified timestamping, electronic seals and electronic archiving are among the mechanisms that enable the establishment of a structured foundation of digital evidence that is reliable, traceable and legally admissible.

European digital identity: A new foundation of trust for digital exchanges in Europe

Key takeaways: The European Digital Identity, through the EUDI Wallet, seeks to establish an interoperable means of identification recognised across the European Union. It enables users to prove certified attributes (age, qualification, identity)...

eIDAS compliance: understanding the issues and securing your digital processes

Key takeaways eIDAS compliance governs digital trust services in Europe and determines the legal effect of electronic signatures, seals and timestamps. Qualified services benefit from a presumption of reliability recognised throughout the European...

Reg tech: ensuring trust for clients and auditors

Key points on Reg Tech Reg tech encompasses technological solutions dedicated to managing and overseeing regulatory compliance. It addresses a dual challenge: operational efficiency and the ability to produce verifiable evidence. Compliance can no...

AI as a tool to combat social and tax fraud

Key takeaways AI is becoming a major tool to fight social and tax fraud, but it is still underused by public authorities. AI technologies (machine learning, deep learning, generative AI) can process large volumes of data and detect increasingly...

Illicit means of evidence, data collection and criminal liability

Key takeaways The unlawfulness of a means of proof no longer results automatically in its exclusion by the civil court, which must assess both its proportionality and its necessity. This judicial development does not, however, authorise employers...

Web scraping: in the face of a complex legal framework, which best practices should be implemented?

Key takeaways Scraping is not prohibited as such, but it is subject to a strict legal framework, and the fact that data are publicly accessible is not sufficient to authorise their exploitation. Database law restricts automated extractions,...

European digital identity: current position, benefits and challenges

By November 2026, all Member States of the European Union will be required to make European digital identity wallets available to their citizens. These will enable users of public and private services to identify or authenticate themselves...

Artificial intelligence – AI Act: the creation of a principle of chain liability

Key takeaways The AI Act establishes a chain of liability, under which each AI stakeholder is responsible for its specific role, from design through to deployment. The Regulation applies extraterritorially where an AI system has an effect on the EU...

Trust service provider (TSP): definition, role and legal implications of trust services

Key points on trust service providers A trust service provider (TSP) delivers trust services intended to guarantee the authenticity, integrity and legally reliable dating of electronic documents and data. The reference legal framework is the eIDAS...

MiCA, DGA, CRA, Data Act, AI Act: challenges, opportunities and perspectives

Key takeaways on these European regulations The European cybersecurity strategy seeks to establish a harmonised regulatory framework that supports digital development while strengthening security, user trust and user protection. The MiCA Regulation...

Transitioning from paper to digital without losing trust. The example of road construction and French AQP framework

Key points to remember about the French AQP norm: The AQP / NF P 98-750 scheme addresses an evidential requirement: securing the traceability of asphalt deliveries and limiting fraud (theft, falsification, disputes). The weighbridge ticket is a key...

DORA Regulation: key considerations, obligations and compliance strategies

Key takeaways DORA regulation establishes a unified EU framework for managing digital risks, ensuring that all financial institutions and their technology providers can maintain operations even during severe IT disruptions. The regulation...

Understanding the NIS 2 Directive: definition, scope and entities concerned

Key takeaways on the NIS 2 Directive The NIS 2 Directive strengthens the European cybersecurity framework and applies to a broader range of public and private sector organisations. It distinguishes between two categories of entities, essential...

GDPR: how to secure consent collection using Qualified Timestamping and Electronic Seal

Key takeaways Digital consent does not always take the form of a signature. A click, a ticked box or the validation of a form must nevertheless be demonstrated in a reliable and legally enforceable manner. Qualified timestamping provides a legally...

AI Act: how high-risk AI operators can meet EU compliance requirements

Key takeaways The AI Act establishes a risk-based approach, with enhanced obligations for so-called “high-risk” AI systems used in sensitive sectors. The organisations concerned are not limited to developers, but also include AI deployers, who are...

Timestamping: prove price compliance with Omnibus Directive

Key takeaways The Omnibus Directive, which entered into force on 28 May 2022, significantly strengthens consumer protection against misleading commercial practices, particularly within the digital economy. It prohibits false promotions by requiring...

10 good reasons to use electronic timestamping

Key takeaways In matters of intellectual property, electronic timestamping makes it possible to establish evidence of prior creation and integrity of digital works. From a regulatory perspective, it facilitates the demonstration of compliance, in...