• Support the day-to-day operation of the compliance programme • Maintain compliance calendars, risk registers, and internal policy libraries • Monitor regulatory developments across relevant UK, EU, and international frameworks • Prepare compliance briefings and management updates • Coordinate compliance training and awareness activities • Support audit preparation and certification activities, including ISO 27001 and SOC 2 • Support GDPR compliance activities across the business • Maintain privacy records, registers, and supporting documentation • Coordinate Data Protection Impact Assessments (DPIAs) • Manage Data Subject Rights Requests and associated processes • Support processor due diligence and vendor privacy reviews • Maintain privacy notices, policies, and supporting documentation • Assist with international data transfer assessments and documentation • Support the management of standard commercial agreements, including NDAs, DPAs, supplier agreements, and advisory contracts • Maintain contract registers and renewal tracking • Manage template libraries and version control • Assist with legal due diligence activities relating to partnerships, procurement, and fundraising initiatives • Coordinate document execution and filing processes • Draft, maintain, and update internal policies and governance documentation • Coordinate policy reviews and staff acknowledgements • Support management reporting on compliance and risk matters • Act as a first point of contact for internal compliance-related queries • Escalate legal matters appropriately to the General Counsel

• Own the preparation, quality control, and timely submission of all outbound sanctions regulatory reports, including OFAC reports • Maintain a filing calendar and proactively escalate risks of late or incomplete submissions to sanctions leadership • Identify and drive automation opportunities across the sanctions reporting workflow • Work with AI and engineering teams to scope and test connectors between sanctions tooling and downstream reporting systems • Partner with Regional Compliance Officers across non-US jurisdictions to solicit and incorporate local regulatory feedback • Serve as a trained backup for sanctions investigations and account closure decisions • Document current-state processes and propose improvements that reduce manual effort without compromising regulatory accuracy or accountability

• ISO Compliance Specialist oversees regulatory compliance for all U.S. independent system operators and regional transmission organizations, focusing primarily on ERCOT • Tracks and reports rule changes in all U.S. ISO/RTO markets with a focus on ERCOT; evaluate business effects of PRRs and stakeholder developments • Develops and maintains internal compliance policies, procedures, and controls tailored to each ISO/RTO in which the company participates • Conducts regular internal audits and gap analyses across trading, scheduling, settlements, and operations functions for multi-market compliance exposure • Manages all required filings, notifications, and reports to ERCOT, PUCT, FERC, and other applicable regulatory bodies on time and with accuracy • Serves as primary liaison for ERCOT Market Surveillance, PUCT enforcement inquiries, and NERC/Regional Entity audit activities • Coordinates cross-market compliance calendars and risk registers, ensuring obligations across all ISO/RTO footprints are tracked and met • Designs and delivers compliance training programs for operational, trading, and scheduling staff across all relevant markets • Collaborates with legal, finance, and operations teams to embed compliance requirements into new market strategies, products, and systems • Participates in ISO/RTO stakeholder meetings and working groups, particularly within ERCOT, representing the company’s interests in rulemaking processes • Prepares executive-level compliance reporting and escalates material risks to leadership in a clear, timely manner.

• Acts as the SafelyYou expert and trusted advisor regarding state, federal, and international regulatory requirements, assessing their applicability to SY software and services for the various markets we serve (AL, MC, SNF, Home) and/or locations in which we install our solutions. • Identifies and develops relationships between SY and regulatory administrators, meeting annually and updating regulatory requirements as necessary. • Conducts quality assurance activities to confirm SY's requirements definition is accurate. • Prepares policies, procedures, and training materials to support internal (company) and external customer needs related to regulatory requirements. • Leads submissions, communications, and meetings with regulatory authorities to support and ensure compliant customer installations. • Supports the operations, clinical, and sales team with customer interactions when they require support related to regulatory affairs. • Assesses new SY software and services offerings for regulatory compliance and risk. • Other duties as assigned.