CERRIX Acquires Ruler to Integrate Regulatory Monitoring into GRC Platform

Key Takeaways

• Integration of Regulatory Intelligence: CERRIX has added regulatory monitoring and interpretation capabilities through its acquisition of Ruler.
• Focus on Process Alignment: The combined platform is intended to link regulatory developments more directly to risk and control management.
• Use of AI in Translation: CERRIX plans to apply AI to help translate regulatory updates into changes across policies, risks, and controls.
• Traceability Requirements: The integration supports organizations in demonstrating how regulatory requirements are interpreted and implemented.
• No Immediate Changes for Ruler Users: Ruler will continue to operate as a standalone platform while integration with CERRIX progresses.

Deep Dive

CERRIX has acquired Ruler, a regulatory intelligence platform used by financial institutions in the Netherlands and Belgium, in a move that brings regulatory monitoring capabilities into its broader governance, risk, and compliance offering.

Ruler is used by more than 150 financial institutions and over 1,000 compliance professionals. The acquisition expands CERRIX’s presence in the financial sector and introduces a regulatory monitoring and interpretation layer alongside its existing risk, control, and compliance management functions.

The transaction reflects a broader shift in how organizations are managing regulatory change. In many firms, regulatory monitoring and interpretation are handled separately from risk and control management, often across different tools and teams. That separation can make it difficult to translate regulatory updates into operational changes in a consistent and traceable way.

CERRIX said the integration of Ruler is intended to connect those processes more directly.

“Regulation is evolving faster and becoming increasingly complex for organizations,” said Niels van Weereld, CEO at CERRIX. “By connecting regulatory monitoring directly to our GRC platform, we enable organizations not only to track regulatory changes, but also to map them to risks, policies, and action plans.”

Linking Regulatory Change to Risk and Controls

Ruler provides continuous monitoring of regulatory developments from sources including DNB, AFM, and ESMA. It combines editorial analysis with AI-supported processing to translate regulatory updates into structured insights for compliance, legal, and risk teams.

Within many organizations, this type of regulatory intelligence is maintained separately from systems used to manage risks, controls, and audit activities. As a result, the process of translating regulatory developments into specific control changes often involves manual handoffs between teams.

According to CERRIX, the combined platform is intended to reduce that reliance on manual processes by linking regulatory insights directly to risk and control frameworks.

Joachim Jonkers, CPO at CERRIX, said the addition of Ruler introduces a regulatory intelligence component that can be used to support updates across an organization’s risk and control environment. He added that the company plans to use AI to help translate regulatory changes into suggested updates to policies, risks, and controls.

Addressing Traceability and Supervisory Expectations

The integration also relates to increasing regulatory expectations around traceability. Supervisors are placing more emphasis on an organization’s ability to demonstrate how regulatory requirements are interpreted and implemented. This includes showing the link between the original regulation, internal risk assessments, and the controls put in place.

Where processes are distributed across multiple systems, maintaining that end-to-end traceability can be difficult.

CERRIX said the combined platform is designed to capture that process within a single environment, allowing organizations to document the path from regulatory interpretation through to implemented controls and supporting evidence.

Customer Impact and Integration Plans

Ruler will continue to operate as a standalone platform, and its existing customers will not see immediate changes to the service. CERRIX customers will be able to use Ruler alongside the GRC platform, with further integration planned.

Over time, the companies expect to connect the two systems more directly, allowing regulatory insights generated in Ruler to feed into CERRIX as structured outputs, such as identified risks, control gaps, and required actions.

The aim is to reduce manual handoffs between compliance and risk teams and support a more consistent process for managing regulatory change.

Focus on Financial Sector Use Cases

Both CERRIX and Ruler have an established presence in the financial sector, where regulatory requirements are typically complex and subject to frequent updates.

According to Ruler, its editorial team has tracked approximately 1,800 regulatory publications per institution type over the past three years. Managing that volume of regulatory change is a core challenge for compliance teams, particularly where interpretation and implementation processes are not fully integrated.

The acquisition brings together Ruler’s regulatory monitoring and interpretation capabilities with CERRIX’s risk and control management functions, creating a combined platform that spans regulatory intake through to execution.

CERRIX, founded in 2014 in the Netherlands, is used by more than 100 organizations across over 20 countries. The company focuses on providing a centralized system for managing risk, compliance, and audit activities.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.