Ascendia

Use case · 01 · Regulatory compliance

Regulatory compliance training

Auditable compliance operations for banks and regulated workforces under NIS2, DORA, and the AI Act.

CEC Bank (5,000+ employees), PETROTEL-LUKOIL, and Honeywell are on the public record. CoffeeLMS delivers standards-aligned training with full audit trails, SCORM/xAPI evidence, and SAML 2.0 SSO — operated under listed-company governance and the Compliance & Governance desk. DPA available in 10 working days.

Counterparty register

  • Ascendia S.A.
  • CoffeeLMS · SCORM · xAPI · SAML 2.0 SSO
  • NIS2 (Oct 2024) · DORA (Jan 2025) · EAA (Jun 2025) · AI Act (2025–2027)
  • GDPR Article 28 DPA · DPO via dpo@ascendia.eu · BVB:ASC listed-company governance

How the use case is shaped

Five institutional frames.

01

Auditable delivery

Per-user progress, completion records, quiz scores, and time-on-task captured automatically. Reports are exportable for internal audit, supervisory review, and regulator request. Immutable logs; no manual intervention needed for evidence packages.

02

Standards-aligned content

SCORM-compatible authoring through LIVRESQ; xAPI statements for fine-grained learning records. Bespoke content produced via LIVRESQ provides soft-skills depth alongside compliance modules — including AI literacy, cybersecurity awareness, and data-handling procedures.

03

Identity and access

SAML 2.0 SSO integration with institutional identity providers. Tenant-level configuration is operationalised under the Compliance & Governance desk; provisioning and de-provisioning follow institutional HR events.

04

Data residency and DPA

EU data-residency-by-default deployment. Article 28 DPA is reviewable on request to the DPO; signed return inside the published 10-working-day SLA. Sub-processor list available at /trust.

05

2025–2027 regulatory clock

NIS2 (transposition Oct 2024) mandates cybersecurity training for operators of essential services. DORA (in force Jan 2025) requires documented ICT risk training for financial entities. EAA (Jun 2025) mandates EN 301 549 accessibility conformance. AI Act Articles 4 and 50 introduce tiered AI literacy obligations through 2027. CoffeeLMS compliance evidence packages are structured to satisfy all four mandates.

References on the public record

Named counterparties, dated programmes.

  • CEC Bank · Romanian banking sector

    Bank-wide digital-skills training for more than 5,000 employees: CoffeeLMS for delivery, LIVRESQ for bespoke internal courses, bespoke soft-skills content, curricula on AI, Cloud, Blockchain, and RPA. 100% audit-trail coverage; evidence exportable on request.

    CEC Bank customer-success record (Aug 2024)

  • PETROTEL-LUKOIL · industrial / energy

    CoffeeLMS replaced a legacy LMS used across the refinery. Bespoke soft-skills content and compliance modules deployed alongside refinery-specific HSE and environmental-standards material.

    PETROTEL-LUKOIL customer-success record

  • Honeywell · industrial

    Bespoke course updates and software upgrades on existing compliance materials; HSE compliance training delivered through CoffeeLMS with Honeywell-specific audit-trail configuration.

    Honeywell customer-success record

Desk 03 · R&D, platform, compliance & governance

Gabriel Lazar owns this conversation.

Research & Development Director — EC DEC member, technical evidence, accessibility, AI governance, and regulated-enterprise architecture

gabriel.lazar@ascendia.eu

Next steps

Part of Accessibility

Microsoft AI for Accessibility Hall of Fame, EAA 2025 alignment, EN 301 549 readiness.

Open the Accessibility pillar — Microsoft Hall of Fame, EAA 2025, EN 301 549

We use essential cookies and optional Google Analytics 4 measurement after consent. Privacy Policy