Compliance Glossary

A darknet market is an illicit online marketplace, hosted on anonymizing networks like Tor, where vendors and buyers trade drugs, stolen ...

Data lineage is a metadata practice that tracks how data moves and changes from its origin through every transformation, system, and ...

Data minimization is a data-privacy principle that requires organizations to collect, process, and retain only the personal data strictly ...

A Data Protection Officer (DPO) is a designated compliance role that oversees an organization's data protection strategy, monitors GDPR ...

Data residency is a data-privacy requirement that dictates the physical or geographic location where an organization's data is stored, ...

De-risking is a practice in banking and financial services in which institutions exit or restrict business relationships with entire ...

Decentralized Finance (DeFi) is a category of financial services built on public blockchain networks that replicate banking and trading ...

Deduplication is a KYC data management process that identifies and consolidates duplicate customer records across one or more systems, so ...

Deemed Export is a U.S. export control rule that treats the release of controlled technology or source code to a foreign national inside ...

Deepfake fraud is a financial crime that uses AI-generated synthetic media, including fabricated video, cloned audio, or manipulated ...

Denied Party Screening (DPS) is a compliance process that checks customers, counterparties, and transaction participants against ...

A Designated Non-Financial Business or Profession (DNFBP) is a category of non-bank business, such as lawyers, accountants, real estate ...

Disaster Recovery (DR) is an operational resilience discipline that defines the plans, procedures, and technologies a financial institution ...

Disparate impact is a legal doctrine in anti-discrimination and AI governance law that holds a facially neutral policy or algorithm legally ...

Dual-use goods are products, software, or technology with both civilian and military applications that require export licensing under ...

The Egmont Group is an international organization that connects national Financial Intelligence Units, giving them a secure channel to ...

Electronic KYC (eKYC) is a digital identity verification method that allows financial institutions to confirm a customer's identity ...

EMV (Europay Mastercard Visa) is a global payment standard that secures chip-based card transactions through dynamic cryptograms, replacing ...

Encryption at rest is a data-security control that protects stored data by converting it to ciphertext using a cryptographic algorithm, ...

Encryption in transit is a cryptographic security control that protects data moving between systems or network endpoints by encoding it ...