Compliance services include professional legal help and consultation, the goal of which is the correspondence of the activity of the business with local, national and international legislation, as well as sectoral regulations. This service ensures that the operations, financial processes and activity of the organization fully correspond to acting legal standards, by which the risk of legal problems, regulatory sanctions and reputational damage is decreased. Compliance services include the management of correspondence with regulatory demands, the elaboration of internal policies and procedures, compliance audits, the assessment of risks, the trainings of employees and the continuous monitoring of correspondence with regulations, so that the organization adapts in a timely manner to changes of regulations.

Anti-money laundering compliance (Anti-Money Laundering - AML compliance) implies the observance of laws and regulatory demands, which aim at the prevention of money laundering and the financing of terrorism. In the Georgian reality, AML compliance is based on the legislation about the prevention of money laundering and the financing of terrorism and is mandatory for financial institutions and other obliged subjects defined by law.

AML compliance demands the implementation of internal policies and procedures, the identification and verification of consumers (KYC - Know Your Customer), the constant monitoring of operations and transactions, the revelation of suspicious or unusual operations and the presentation of corresponding notifications in the authorized body, the Financial Monitoring Service. The observance of the noted demands is mandatory and their violation causes regulatory sanctions, financial responsibility and reputational risks.

GDPR compliance implies correspondence with the demands of the data protection regulation of the European Union (General Data Protection Regulation - GDPR), which regulates the collection, processing, storage, and transfer of personal data. Despite the fact that GDPR is a legal act of the European Union, it spreads in Georgia too on those companies and organizations, which process the personal data of citizens of the member countries of the European Union or offer them goods and services.

In the Georgian reality, GDPR compliance is often in coincidence with the demands established by the Law of Georgia "About the Protection of Personal Data" and demands the determination of the legal basis of data processing, the informing of the data subject and the receiving of consent in corresponding cases, the ensuring of the safety of personal data, the protection of the rights of the data subject (access, correction, deletion, restriction of processing and others) and the timely revelation of and reaction to data breaches.

For those organizations, the activity of which includes the frameworks of GDPR, it is necessary to implement internal policies and procedures of data protection, to conduct technical and organizational safety measures and, in case of necessity, to appoint a data protection officer (DPO).

A compliance audit represents a systemic and independent check, the goal of which is to assess how much the activity of the company corresponds to acting legislation, regulatory demands, internal policies, contractual obligations, and corresponding sectoral standards. In the Georgian reality, a compliance audit is used by companies acting both in private, as well as regulated sectors and represents an important instrument of management of risks.

The process of audit includes the review of documentation, internal processes and systems, interviews with employees, assessment of the effectiveness of internal control mechanisms, comparative analysis of practice according to acting legal demands and revelation of possible flaws of compliance. A compliance audit helps organizations in the timely identification of flaws of compliance, in the verification of responsibilities and in the receiving of recommendations.