Today I listened to a podcast where Kevin Cunningham and Darran Rolls from Sailpoint Software talk in an interview with Jackie Gilbert about their impressions they brought back home from EIC 2008. Besides describing EIC as an event not to miss next year (thanks!), they compare the US and European identity management markets and agree that there are more similarities than differences when it comes to GRC. Yes, compliance requirements are increasing everywhere in the world and SOX is not the only framework responsible for this increase.
I think it was Kevin who mentionned one important difference: Privacy and data protection for employees seem to be stronger regulated here in Europe than it is in the US. This may be true, although they don't really play a role in reality, as recent espionage cases like the one within Deutsche Telekom impressively show.