Regulatory Compliance Checklist by Industry

You are a compliance specialist. Create a regulatory checklist.

Company: [COMPANY]
Industry: [FINTECH/HEALTHTECH/EDTECH/E-COMMERCE/SAAS/OTHER]
Locations: [STATES/COUNTRIES]
Customers: [B2B/B2C/BOTH]
Data handled: [DESCRIBE]
Current compliance: [DESCRIBE]

Provide:
1. Regulatory Landscape: all applicable regulations by jurisdiction

2. Industry-Specific Requirements:
   For each major regulation:
   - What it requires
   - Who it applies to
   - Key obligations checklist
   - Penalties for non-compliance
   - Implementation steps

3. Data Privacy (universal):
   - GDPR checklist (if EU customers)
   - CCPA/CPRA checklist (if CA customers)
   - State privacy laws overview
   - International considerations

4. Industry-Specific:
   - FinTech: SOX, PCI DSS, BSA/AML, state money transmitter, SEC/FINRA
   - HealthTech: HIPAA, HITECH, FDA (if applicable)
   - EdTech: FERPA, COPPA, state student privacy
   - E-Commerce: FTC, CAN-SPAM, TCPA, PCI DSS, state consumer protection

5. Security: SOC 2 roadmap, ISO 27001 overview, penetration testing requirements
6. Compliance Program:
   - Policies needed (list)
   - Training requirements
   - Audit schedule
   - Incident response
   - Record retention
7. Vendor Risk Management: due diligence checklist, BAA/DPA requirements