Michael K. Onyekwere

Founder, Janus Compliance · AI Governance Expert · CIPP/E

Senior privacy practitioner with technical depth in AI systems. I sit at the intersection of GDPR and EU AI Act compliance, hands-on AI engineering, and enterprise data protection. That combination is structurally rare, and most teams find it difficult to source under one roof.

Ten-plus years across Royal Bank of Scotland, Fidelity, TMF Group, and UnitedHealth doing financial services compliance and data protection at enterprise scale. The kind of organisations where a compliance failure is front-page news, not a footnote.

Now I build AI systems and write the compliance documentation alongside them. Janus Compliance is the practice. Compliance Engineering is the weekly newsletter. The open-source toolkit is where the working templates live.

Credentials

  • CIPP/E: Certified Information Privacy Professional/Europe (IAPP)
  • Common law qualified lawyer (LLB, LLM)
  • 10+ years in financial services compliance and data protection

Experience

Over a decade across major financial institutions and global corporate services: investment banking, asset management, healthcare, and multinational compliance. Roles spanning data protection, privacy, regulatory compliance, and data governance.

What I Do Now

I founded Janus Compliance because I kept seeing the same problem: businesses want AI but the people building it don't understand compliance, and the people who understand compliance can't build anything.

I can do both. I've built a deepfake detection engine from scratch. I've built a trust scoring platform for AI agents. And I've spent years writing DPIAs, reviewing DPAs, and advising on GDPR at scale.

The EU AI Act transparency obligations land on 2 August 2026, and the high-risk obligations follow on 2 December 2027 after the 2026 Omnibus. Most teams deploying AI and agents have no governance or accountability model ready for either. Closing that gap is the work.

Areas of Expertise

  • GDPR compliance for AI systems
  • EU AI Act risk classification and compliance
  • Data Protection Impact Assessments (DPIA)
  • Nigeria Data Protection Act (NDPA) compliance
  • AI chatbot and automation development
  • Privacy-by-design architecture
  • Cross-border data transfer mechanisms

Want to work together?

I take on a limited number of engagements to ensure quality.

Book the scoping review