CARICOM CCSCAP 2025

CARICOM Cyber Security and Cybercrime Action Plan 2025 (CCSCAP)

CARICOM's 2025 regional cyber security framework establishing digital safety culture and coordinated incident response across 18 member states.

Jurisdiction

CARICOM Member States

Enacted

Oct 1, 2025

Effective

Oct 1, 2025

Enforcement

National authorities coordinated regionally

Regional cybersecurity framework effective October 2025

CARICOM Secretariat

Why It Matters

CCSCAP 2025 creates coordinated regional cybersecurity expectations for AI chatbot platforms operating across multiple Caribbean markets.

Recent Developments

Adopted October 2025 as successor to previous cybersecurity initiatives

At a Glance

Applies to

AI CompanionMental Health AppGeneral Chatbot

Requires

Incident Reporting

Who Must Comply

CARICOM member states (18 countries)
Regional critical infrastructure
Cross-border digital services

Obligations fall on:

Operator — Operates the platform or service

Safety Provisions

Regional digital safety culture promotion
Coordinated cyber incident response
Capacity building for cyber resilience
Cross-border cooperation mechanisms

Compliance & Enforcement

Penalties

Penalties vary by jurisdiction

Primary Source

CARICOM Secretariat

https://www.caricom.org/

View on map

CARICOM Member States

Focus Areas

General regulation

Cite This

APA

CARICOM Member States. (2025). CARICOM Cyber Security and Cybercrime Action Plan 2025 (CCSCAP).

Related Regulations

In Effect CARICOM

CARICOM HIPCAR

CARICOM regional model policy guidelines for harmonizing cybercrime and data protection laws across Caribbean states. Influenced 13 of 15 member states' legislation.

In Effect CL

First cybersecurity framework law in Latin America (Law 21,663 promulgated Mar 26, 2024; published Apr 8, 2024). Creates National Cybersecurity Agency (ANCI), mandatory incident reporting, and encryption rights.

In Effect PR

Puerto Rico Cybersecurity Act

Puerto Rico's comprehensive cybersecurity law establishing cybersecurity framework for public and private sectors, complementing Act 111-2005 breach notification.

In Effect AR

Argentina AI Strategy

Non-binding AI governance guidelines establishing principles for responsible AI use. Argentina positioning as AI innovation hub with limited regulatory barriers. Emphasizes transparency, accountability, and human oversight. Multiple legislative proposals pending inspired by EU AI Act, aiming to establish formal regulatory authority.

Failed CA

AIDA

Would have regulated high-impact AI systems with potential penalties up to $25M or 5% global revenue. Part of Bill C-27 which died when Parliament ended.

In Effect PE

Peru AI Regulations

Peru's first comprehensive AI regulatory framework, inspired by EU AI Act. Establishes three-tier risk-based approach: prohibited uses, high-risk systems (including healthcare), and low-risk/acceptable AI. First general AI regulation in Latin America. Requires human oversight, transparency, and risk assessments for high-risk AI including healthcare applications.

All regulations Check if this applies to you

Last updated January 22, 2026. Verify against primary sources before relying on this information.