Speaking, writing, open-source
Talks, writing, and tools
Public-facing AI compliance work by Michael K. Onyekwere. Where Michael speaks, what gets published, and the open-source assets in active use.
Speaking
Practitioner-grade talks on AI compliance for engineering teams, privacy and compliance practices, regulators, and founder cohorts. Not theory. What changes in your DPIA, what your DPO will ask for, what passes a procurement review.
Submitted
IAPP UK Intensive 2027
The AI Agent DPIA: What Changes When AI Stops Answering and Starts Acting
Submitted speaking proposal to the IAPP UK Intensive 2027 programme. Lecture format, 45 minutes, covering tool-use as a first-class processing step, Article 22 applicability, autonomous-action risk entries, action authorisation gates, and residual risk acceptance for AI agent deployments.
Decision: 11 December 2026.
Topics I speak on
- AI agent DPIAs and what changes from chatbot DPIA templates
- OpenAI / Anthropic / Gemini API compliance setup for engineering teams
- EU AI Act deployer obligations and conformity assessment for high-risk systems
- NDPA Section 32 and 40 in practice for Nigerian fintechs and diaspora founders
- AI vendor due diligence: the DPA clauses, the sub-processor questions, the audit trail
- The compliance engineering posture: building AI systems with the documentation alongside, not after
Audiences I speak well to: privacy and compliance teams, AI engineering teams, in-house counsel, founder cohorts, conference programme committees, regulators.
For speaking enquiries, write to michael@januscompliance.co.uk.
Writing
Compliance Engineering is a weekly newsletter and an in-depth blog covering the practical side of AI compliance. Written for engineers and founders building AI systems and the privacy practitioners advising them.
Newsletter
Compliance Engineering
Weekly newsletter. Practical AI compliance for engineers and founders. Published on Substack, mirrored on Janus Compliance. Free to subscribe.
Articles
In-depth blog
Long-form practitioner pieces on GDPR, EU AI Act, NDPA, agent governance, AI vendor due diligence, and the rest. Each one is the article I wish someone had written for me on day one.
Read the blog →Open-source and downloadable assets
Working compliance documentation, published openly. Use, adapt, fork. The attribution requirement is the only ask.
GitHub
Compliance Engineering Toolkit
DPIA templates for common AI patterns (chatbot, RAG, autonomous agent, document processor), breach response frameworks, privacy notice update examples, EU AI Act conformity assessment templates, AI vendor due diligence checklists, and practitioner setup checklists. CC BY 4.0. Attribution required when reused.
View on GitHub →Practitioner checklist
AI API Compliance Checklist
OpenAI and Anthropic DPA setup, zero-retention configuration, retention and logging controls, and the documentation pack a procurement or DPIA reviewer will accept. Worked example for a UK fintech using OpenAI for customer support summarisation included. CC BY 4.0.
Sample deliverables
DPIA structure, privacy notice updates, vendor due diligence checklist
Redacted examples of the actual deliverables that ship in a Janus engagement. What a finished DPIA looks like, how a privacy notice changes when AI is added, and the AI vendor due diligence checklist used on every engagement.
See sample deliverables →About Michael
CIPP/E certified. Common law qualified lawyer (LLB, LLM, Nigerian Bar). Ten-plus years across Royal Bank of Scotland, Fidelity, TMF Group, and UnitedHealth doing financial services compliance and data protection at enterprise scale. Founder of Janus Compliance. Author of Compliance Engineering.
Read the founder page →