Pro Positioning Plan
Innovatech Harbour
Royal Alliance AI
Independent research & analysis, published with care and purpose with the belief that better ideas can help shape stronger systems.
Shaping Policy Through Expert Engagement
A record of research-based and advisory contributions to policy, regulation, and digital governance across sectors and jurisdictions.
At the intersection of regulatory design, operational resilience, and institutional oversight, I contribute to public consultations and provide independent analysis to authorities in the UK, the European Union, the United States, and other international bodies. These engagements reflect a systems-oriented approach to strengthening regulatory frameworks amid digital transformation and systemic risk.
Each contribution applies field-informed research and governance evaluation to real regulatory challenges, with a focus on proportionality, cross-border coherence, accountability, and resilience under operational stress.
My work specialises in the governance of AI, cybersecurity, and digital infrastructure, with particular emphasis on regulatory resilience, institutional trust, and oversight design across global jurisdictions.
○ In addition to research and consultation responses, I undertake independent governance and resilience reviews of digital, AI, and cyber oversight structures. This includes regulatory analysis, framework design, and audit-informed evaluation of institutional accountability and supervisory preparedness.
I work with institutions to evaluate and strengthen governance and oversight structures in AI, cybersecurity, and digital risk. My role is independent and advisory, focused on accountability design, regulatory alignment, and resilience under supervisory scrutiny. The work centres on assessing whether governance architectures are coherent, defensible, and operationally robust, rather than implementing technical systems or conducting statutory audits.
Peer Reviewer
Available for peer review and editorial collaboration in journals focused on AI governance, institutional resilience, public-sector innovation, and cybersecurity regulation.
Recent reviewer for:
-
Transforming Government: People, Process and Policy (Emerald Publishing)
-
Artificial Intelligence in Education (Emerald Publishing)
Connect
Andra
Core Areas of Expertise
-
AI Governance and Regulation
-
Cybersecurity Policy and Operational Resilience
-
Cyberlaw and Digital Regulation
Legal frameworks governing cyberspace, AI systems, data infrastructure, and institutional digital rights, including compliance, enforcement, and international alignment.
-
Systemic Risk in Digital Infrastructure
-
Cyberspace Governance and Strategic Regulation
-
Public-Sector Technology Oversight
-
Algorithmic Accountability and Trustworthy AI
-
Institutional Legitimacy and Governance Design
Emerging Areas of Focus
-
AI Risk Classification and Policy Frameworks
-
AI Impact Assessment and Compliance Audits
-
AI Transparency and Explainability in Regulation
-
AI and Democratic Resilience
-
Cross-Border Governance of AI and Data Infrastructures
-
AI Oversight in Public Procurement and Infrastructure
-
Long-Term Governance of Frontier Models
-
AI Ethics in Crisis Management and National Security
Research & Evaluation Themes
-
Research Evaluation and Innovation Policy
-
Regulatory Governance of Emerging Technologies
-
Comparative Policy Analysis (EU, UK, US)
-
Adaptive Governance and Risk Foresight
-
Ethics and Oversight in Technology Policy
Applied and Cross-Sector Topics
-
AI in Financial and Public Systems
-
Deepfake and Misinformation Governance
-
Digital Sovereignty and Strategic Autonomy
-
Policy Design for Responsible AI Deployment
-
Crisis Resilience and Regulatory Alignment
-
Public Trust and Democratic Oversight in AI
Forthcoming Academic Work
Books:
• Alcalá, A. T. (Forthcoming, 2026). The Resilient Algorithm.
• Alcalá. A. T /Forthcoming, 2026). AI Governance & Audit, Routledge/CRC Press
Peer-Reviewed Journal Articles:
• Cojocaru, A. (Forthcoming, 2026). Adaptive and Ethical AI Governance in Data Sharing and Financial Systems.
• Cojocaru, A. (Forthcoming, 2026). Regulatory Resilience in the Age of Deepfakes: Governing AI-Driven Misinformation
Recent Publications:
-
Cojocaru, A. (2025). Aligning regulation and governance for cyber resilience:
A theoretical framework for the UK financial sector. Computers & Security. https://doi.org/10.1016/j.cose.2025.104627
-
Cojocaru, A. (2025).
Transforming Government: People, Process and Policy (Emerald Publishing).Governing AI with Trust: An Adaptive Framework for Institutional Legitimacy in the UK Public Sector.
Impact Factor 5.4 Cite Score 13.3
Cojocaru, A. (2025)
Aligning regulation and governance for cyber resilience:
A theoretical framework for the UK financial sector. Computers & Security. https://doi.org/10.1016/j.cose.2025.104627
Special issue
Security and Regulation: Cybersecurity, Privacy, and Trust- Protecting information and ensuring responsible technology use
Impact Factor 2.6 Cite Score 5.4
Cojocaru, A. (2025)
Governing AI with Trust: An Adaptive Framework for Institutional Legitimacy in the UK Public Sector https://doi.org/10.1108/TG-05-2025-0125
Special issue
Generative AI and the Urban AI Policy Challenges Ahead: Trustworthy AI for Whom?
Response to the PRA CP12/25 – Pillar 2A Capital Review (Phase 1)
Submitted to: Prudential Regulation Authority (Bank of England)
Focus: Proposed revisions to Pillar 2A capital methodologies, aimed at enhancing proportionality, transparency, and alignment with actual risk exposures.
My contribution: Emphasised the need for consistent supervisory interpretation, integration of third-party and systemic technology risks in future phases, and alignment with the Basel 3.1 implementation roadmap.
Response to HM Treasury – Alternative Investment Fund Managers Regulations Consultation
Submitted to: HM Treasury
Focus: Reform of the UK’s AIFM regulatory framework to streamline oversight, reduce duplication, and tailor post-Brexit fund regulation to domestic market needs.
My contribution: Provided feedback on proportionality in regulatory design, resilience considerations for venture capital and property funds, and the importance of risk-based agility in supervisory approaches.
NIST IR 7621r2 – Small Business Information Security Response
Formal submission to the U.S. National Institute of Standards and Technology (NIST) on the Initial Public Draft of IR 7621 Revision 2: Small Business Information Security.
This document contains structured feedback focused on improving regulatory clarity, proportionality, vendor risk governance, feedback mechanisms, and international relevance within cybersecurity guidance for small businesses.
Download the full submission (Excel)
Summary of the submission (PDF)
Response to the FCA CP25/13 – Improving Complaints Reporting
Submitted to: Financial Conduct Authority
Focus: Proposal to simplify and strengthen the complaints data collection framework to support more effective supervision and firm accountability.
My contribution: Recommended aligning the reforms with operational resilience principles, enhancing complaints data for system-wide monitoring, and encouraging inter-agency coordination to identify technology-related risks and emerging consumer vulnerabilities.
Submitted via EU Have Your Say:
Initiative 14578
EU Cybersecurity Act - Policy Brief June 2025
Submitted to the European Commission’s consultation on the revision of the EU Cybersecurity Act, this policy brief offers strategic proposals to strengthen regulatory alignment, improve certification uptake, and reinforce systemic cyber resilience.
It calls for an expanded role for ENISA, better integration with NIS2, DORA, and GDPR, and practical tools like interoperability layers and SME-friendly pathways.
Read the brief: 🔗 Zenodo – DOI: https://doi.org/10.5281/zenodo.15599510
