Kerem Beneton — Compliance & AI Governance Book a call
№ 01 — Index
Lausanne · Geneva · EU
Independent practice — Cross-border

European
compliance & AI
governance — for
businesses that
can't afford to
get it wrong.

Independent advisory across GDPR, the EU AI Act, AML/KYC and commercial contracts. I work with SMEs and scale-ups that need credible, audit-ready frameworks — without the overhead of a traditional law firm or a full-time hire.

Start a conversation Currently accepting new clients
§ 02 / Services

Six practice areas, one operator.

From single-document engagements to embedded fractional advisory. Each practice area can be scoped as a project, a sprint, or an ongoing retainer.

01

EU AI Act Readiness

End-to-end AI Act preparation: system classification (prohibited / high-risk / limited / minimal), conformity assessment scoping, technical documentation, transparency obligations and governance for GPAI models entering your stack.

AI ActRisk TieringConformityGPAIGovernance
02

GDPR & Data Privacy

Privacy programmes built to withstand regulator scrutiny: notices, DPAs, records of processing, DPIAs, international transfer assessments and DSAR workflows — designed for teams that have outgrown templates.

GDPRDPAsDPIAsDSARSCCs
03

AML / KYC & Financial Crime

Onboarding workflows, KYC and KYB checklists, sanctions and PEP screening logic, suspicious-activity reporting frameworks aligned to EU AMLD, FCA and FINMA expectations.

AMLKYC / KYBSanctionsFCAFINMA
04

Commercial Contracts

Drafting and negotiation of commercial agreements, NDAs, supplier and reseller contracts, joint-venture frameworks — with clear risk allocation, governing-law and dispute-resolution architecture.

CommercialJVCross-borderArbitration
05

Third-Party & Vendor Risk

Vendor due-diligence questionnaires, risk-scoring methodology, contract-clause libraries and ongoing monitoring playbooks for partners, suppliers and intermediaries operating across borders.

TPRMDue DiligenceOnboarding
06

Fractional Compliance Officer

Embedded retainer for organisations not yet ready for an in-house function: monthly reviews, regulator-watch, internal training, board reporting and a single point of contact for the team.

RetainerTrainingReg-watch
§ 03 / About

A multilingual practitioner, working at the intersection of compliance, privacy & AI.

Trained across three jurisdictions. Operating in seven languages. Built for European cross-border work.

KB PORTRAIT / 2026
Plate № 03 Lausanne, CH

Kerem Beneton — compliance, data-protection and AI-governance advisor based in Switzerland, working with clients across the EU, UK and CH.

My focus is the regulatory layer most growing businesses underestimate: the overlap between GDPR, the EU AI Act, AML obligations and commercial contracts. I translate dense regulation into procedures founders, finance leads and operations teams can actually apply.

I've built compliance frameworks inside firms in The Hague, London and Lausanne — across data privacy, financial-crime prevention, and contractual risk for cross-border operations. The result is the same in each: regulator-ready documentation, defensible controls, no theatre.

7×
Languages spoken professionally
4
Jurisdictions worked across
25+
Compliance & privacy engagements
1st
Class honours, LL.B Padova

Regulation isn't a brake. Done well, it's the operating manual that lets a business deploy AI, enter new markets and close enterprise deals — with fewer surprises.

— Working principle / Kerem Beneton
§ 04 / Engagements

Selected work, across Europe.

A snapshot of in-house and consulting engagements across CH, UK, NL and the EU.

2025 — Now

Legal & Compliance — Philip Morris International

Lausanne · In-house
Tracking EU regulatory developments on emerging tobacco products, contributing to a cross-border joint-venture contract with a Chinese counterparty, and leading Project Harmonia — a refresh of business privacy notices for partners and traders.
2024 — 2025

Compliance Operations — Furness Insurance Service

London · Regulated insurance
Third-party onboarding under FCA, GDPR and AML regimes; risk monitoring and escalation pathways; drafting of internal policies and risk-mitigation procedures used across the firm's broker network.
2023 — 2024

Data Privacy Specialist — Jurcom GRC Services

The Hague · Privacy & GRC consultancy
Due diligence, drafting and review of data-processing agreements, AML/KYC support and DSAR handling. Built compliance frameworks aligned to GDPR and international standards for SME and mid-market clients.
2023 — 2024

Data Protection Office — Özyeğin University

Istanbul · Higher education
Co-delivered staff training on data protection and AML awareness; supported internal compliance audits and monitoring exercises across faculties.
§ 05 / Credentials

Education, languages, capabilities.

Trained in Italy, Spain and Switzerland. Operating across Western and Southern Europe.

Education

  • L.L.M Compliance & ArbitrationFribourg
  • Bachelor of Law & TechnologyPadova · 1st Hons
  • Erasmus, Facultad de DerechoGranada

Languages

  • Italian / TurkishNative
  • English / Spanish / GermanFluent
  • French / Swiss GermanIntermediate

Compliance Toolkit

  • EU AI Act & AI governanceAdvisor
  • GDPR, DPIAs & transfersAdvisor
  • AML / KYC frameworksAdvisor
  • Third-party risk & sanctionsAdvisor
  • Commercial contract draftingAdvisor

Have a project
in mind?
Let's talk.

Email benetonkerem@gmail.com
Phone · Switzerland +41 77 807 28 19
LinkedIn linkedin.com/in/kerembeneton
Based in Lausanne, Switzerland · Swiss Permit B