RegsApplied
← All posts

Hello from RegsApplied

A note from the founder on what we're building, why product-first compliance matters, and where the blog is going.

Ryan Malek1 min read

Most compliance tooling is built regulation-first: here's the full text of the Data Act, go dig. That helps regulators. It does not help a GC at a mid-market product company who needs to know, by next Thursday, whether their new AI feature is in scope.

RegsApplied is the other shape. You tell us what you're building; we classify it against the regulations that apply, with arguments for and against, citations, and confidence. Every brief is versioned and auditable. Your decisions stay inside your company — they don't leak into someone else's training set.

What the blog is for

Two things.

  1. Deep dives — what does "data processing service" really mean under the Data Act? When does a connected product become an IoT data-sharing obligation? These are the posts we'd want to read, and we couldn't find them, so we're writing them.
  2. Updates — when we ship something that changes how briefs look, or how audit trail works, we'll say so here.

We write the first twenty of these ourselves. If they stop being useful, we stop writing them.

What we won't do

No "5 tips to improve your compliance posture" listicles. No gated PDFs. No interviews with people who haven't read the regulation they're commenting on.

Founders: Ryan Malek, former in-house counsel at Fortive. Reach me at hello@regsapplied.com.

Updates#regsapplied#product-first#eu-data-act