Vanta, a leading trust management platform, has announced significant investments in the United Kingdom and Ireland, reflecting its commitment to support businesses in achieving compliance and enhancing security programmes. The company unveiled new compliance frameworks, product features, and the opening of a London office to better serve its growing customer base in the region.
The rapid adoption of artificial intelligence (AI) technologies presents both opportunities and risks for organisations. According to Vanta’s recently released State of Trust 2024 report, almost half (49%) of UK companies are apprehensive about the security risks associated with AI. In response, Vanta is supporting the EU AI Act by offering a comprehensive suite of AI-specific controls, policies, tests, and documentation mandated by the legislation. This initiative helps companies navigate emerging regulations and avoid hefty penalties. Vanta’s system categorises AI applications as either “high-risk” or “low-risk” based on regulatory criteria and automates evidence collection for compliance, ensuring continuous monitoring and facilitating AI risk assessments.
In addition to supporting the EU AI Act, Vanta has expanded its offerings to include compliance frameworks for the Digital Operational Resilience Act (DORA) and the NIS 2 directive, crucial for businesses operating in the financial and critical infrastructure sectors. DORA, which comes into effect in January 2025, mandates that financial institutions bolster their digital operational resilience. Vanta’s new features allow financial services firms in Europe to automate their compliance efforts, ensuring they meet the regulatory deadline.
The NIS 2 directive, which aims to enhance the resilience of organisations in sectors such as energy, banking, and manufacturing, raises standards for risk management and incident reporting. Vanta’s support for this directive provides a cross-regional control set, helping organisations meet compliance requirements regardless of their location.
Jeremy Epling, Chief Product Officer at Vanta, stated, “Vanta’s automated frameworks keep businesses up-to-date with the latest regulations, enabling them to move from point-in-time checks to a continuous, proactive approach to security and compliance.” He emphasised that Vanta’s automation streamlines workflows, allowing companies to focus on innovation and growth while ensuring compliance.
In the UK, businesses spend an average of 12 weeks annually on compliance tasks—more than their counterparts in the US and Australia—highlighting the need for efficient automation solutions. Vanta’s platform simplifies the implementation of new controls and policies, enabling customers to comply with local regulations and international standards seamlessly.
Magnus Sparf, Chief Information Security Officer at Sitoo, noted, “Instead of hiring two full-time consultants and spending a year on the process, [with Vanta] we achieved compliance in just seven months, saving time and costs.”
Earlier this year, Vanta launched its ISO 42001 solution to assist organisations in responsibly developing and using AI, thereby positioning them to meet and exceed the requirements of the AI Act. The platform also supports compliance with the UK Cyber Essentials framework, essential for companies aiming to improve their cybersecurity posture.
To enhance its European presence, Vanta is opening an office in London, complementing its existing data centre in Frankfurt and European headquarters in Dublin. This expansion aims to provide local businesses with the technology and guidance necessary to establish robust security and compliance programmes.