cc3976fb7f
- Split competitive-analysis-2026-05.org → TOC + 9 competitor files in ideas/competitors/. Dropped date from filename. All competitor UUIDs generated, TOC keeps original UUID for backlink continuity. - Deleted passepartout-economics.org archive (replaced by 27-node KB). - Inlined 5 'See also' blocks into natural prose (compliance-index, first-mover-window, revenue-table, orders-of-magnitude-time, native-org-knowledge-base). - Linked 7 orphan compliance pages back to compliance index + finished truncated sentences. - Linked all 14 Agora requirement docs from topic-relevant pages (identity→lisp-machine-security, infrastructure→compute-marketplace, social-space→growth-strategy, exchange→agora-contracts, etc.). - Linked ai-industry-impact from investment-thesis, sufficiency-flip, verification-appliance, effects-growth-flywheel (up from 1 to 10+ pages). - Fixed CREATED timestamps to use git commit dates instead of today. - Made all links absolute from root (no port inheritance). - Removed stale agora/docs/ duplicate content.
5.1 KiB
5.1 KiB
Compliance Framework Index — Global Regulated Industries
The verification monopoly and domain gate package revenue streams depend on selling into regulated industries. These industries buy compliance, not software. Each framework below maps to a gate package the triad can sell — ACL2-verified gate rules that produce deterministic audit trails.
See First-mover window analysis and Revenue table for the consolidated view.
US Frameworks
- HIPAA — Health privacy ($50K/yr, 500K+ orgs)
- SOC 2 — Service organization controls ($50K/yr, 100K+ orgs)
- FedRAMP — Federal cloud authorization ($100K/yr, 1K providers)
- SOX — Financial controls ($50K/yr, 10K orgs)
- GLBA — Financial privacy ($40K/yr, 20K orgs)
- NY DFS 500 — NY financial cybersecurity ($30K/yr, 3K orgs)
- CCPA/CPRA — California privacy ($40K/yr, 50K+ orgs)
Canada
- Quebec Law 25 — Provincial privacy ($25K/yr, 10K+ orgs)
UK and EU
- GDPR — EU privacy ($50K/yr, 500K+ orgs)
- UK GDPR — UK privacy ($40K/yr, 100K+ orgs)
- NIS2 — Network security ($50K/yr, 160K orgs)
- EU AI Act — AI regulation ($75K/yr, 100K+ orgs)
- DORA — Financial resilience ($50K/yr, 22K+ orgs)
- eIDAS 2.0 — Digital identity ($30K/yr, 10K+ orgs)
- CRA — Product cybersecurity ($40K/yr, 50K+ orgs)
Asia-Pacific
- APPI — Japan privacy ($40K/yr, 100K+ orgs)
- ISMAP — Japan cloud authorization ($75K/yr, 500 providers)
- PIPA — South Korea privacy ($35K/yr, 50K+ orgs)
- Privacy Act — Australia privacy ($35K/yr, 50K+ orgs)
- APRA CPS 234 — Australian financial security ($40K/yr, 500 orgs)
- IRAP — Australian cloud authorization ($75K/yr, 300 providers)
- DPDP Act — India privacy ($30K/yr, 500K+ orgs)
Latin America
International
- ISO 27001 — ISMS ($40K/yr, 60K+ orgs)
- ISO 27701 — Privacy management ($35K/yr, 1K+ orgs)
- Basel III — Banking capital ($100K/yr, 500 G-SIBs)
- FATF — AML/CFT ($50K/yr, 50K+ orgs)
- IFRS 17 — Insurance accounting ($75K/yr, 5K+ orgs)
- OECD Guidelines — Privacy/AI principles (indirect)
- World Bank ESF — Development finance ($50K/yr)
- IFC PS — Project finance ($50K/yr)
- UN/CEFACT — Trade facilitation ($30K/yr, 50K+ orgs)
Strategic View
| Region | Frameworks | Total TAM | First-mover priority |
|---|---|---|---|
| US | 7 | ~$33B | FedRAMP (procurement gate), NY DFS 500 (growing) |
| UK/EU | 7 | ~$24B | NIS2 (2025 deadline), AI Act (Aug 2026), DORA (in effect) |
| Asia-Pacific | 7 | ~$9B | DPDP (rules drafting), ISMAP/IRAP (gov cloud gates) |
| Latin America | 2 | ~$7B | LGPD (largest LATAM market) |
| International | 9 | ~$4.5B | ISO 27001 (universal baseline), World Bank/IFC (no market exists) |
The verification monopoly is enforced through domain gate packages running on a compute marketplace, creating infrastructure lock-in that compounds with every framework added. See First-mover window analysis and Full revenue table for the consolidated view.