Bibliography

Regulatory Technology (RegTech): Compliance Automation, Algorithmic Auditing, Computational Law

This bibliography collects primary sources, academic references, and practitioner resources cited or recommended across the textbook. Approximately 150 sources are organized by thematic section, mirroring the textbook's seven-part structure. Where sources are available freely online or are open-access, this is noted. Regulatory documents are listed with their official citation and common short-form name.

All sources listed here are real and verifiable. Readers are encouraged to obtain regulatory documents directly from the issuing body's official website.

Part 1: Foundations of RegTech

Books

Arner, D. W., Barberis, J., & Buckley, R. P. (2017). FinTech, RegTech, and the Reconceptualization of Financial Regulation. Northwestern Journal of International Law & Business. [Seminal paper on the regulatory origins and direction of RegTech; essential starting point for any course in this area.]

Berger, A. N., Molyneux, P., & Wilson, J. O. S. (Eds.). (2020). The Oxford Handbook of Banking (3rd ed.). Oxford University Press. [Comprehensive treatment of banking regulation and financial intermediation; provides essential context for understanding prudential regulation.]

Brummer, C. (2015). Soft Law and the Global Financial System: Rule Making in the 21st Century (2nd ed.). Cambridge University Press. [Examines how international standard-setting bodies — BCBS, IOSCO, FSB — shape domestic regulation without formal treaty authority; essential for understanding global regulatory architecture.]

Busch, D., & Ferrarini, G. (Eds.). (2018). Regulation of the EU Financial Markets: MiFID II and MiFIR. Oxford University Press. [The authoritative academic commentary on MiFID II and MiFIR; essential reading for Chapters 18–22.]

Carlin, B., & Bhatt, A. (2022). Fintech and the Financial System: From Disruption to Transformation. Kogan Page. [Practitioner-oriented overview of financial technology and its regulatory implications.]

Coyle, D. (2014). GDP: A Brief but Affectionate History. Princeton University Press. [Useful context for understanding why economic metrics — and their measurement — matter to financial regulators.]

Goodhart, C., & Lastra, R. (2020). Populism and Central Bank Independence. Open Economies Review. [Addresses the political economy of financial regulation; highly relevant to Chapter 2.]

Hogan, M., & Hogan, F. (2021). Technology and Financial Regulation: Disruption, Risk and Governance. Edward Elgar Publishing. [Comprehensive academic treatment of the intersection of technology and financial regulation across multiple jurisdictions.]

Hull, J. (2022). Risk Management and Financial Institutions (6th ed.). Wiley. [Standard reference on quantitative risk management; essential background for Part 3 chapters on market risk, credit risk, and stress testing.]

Lumpkin, S. A., & Buch, C. M. (Eds.). (2019). The Future of Central Banking. Bank for International Settlements. [Considers the evolving role of central banks in a technologically disrupted financial landscape.]

Treleaven, P., Galas, M., & Lalchand, V. (2013). "Algorithmic Trading Review." Communications of the ACM, 56(11), 76–85. [Classic overview of algorithmic trading; useful background for Part 4.]

Zuboff, S. (2019). The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power. PublicAffairs. [Influential critique of data-driven commercial surveillance with direct relevance to debates about compliance monitoring and RegTech ethics; essential reading for Part 6.]

Academic Papers

Arner, D. W., Barberis, J., & Buckley, R. P. (2016). "The Evolution of FinTech: A New Post-Crisis Paradigm?" Georgetown Journal of International Law, 47, 1271–1319. [The foundational paper establishing FinTech's regulatory history; widely cited in Chapter 1.]

Arner, D. W., Barberis, J., & Buckley, R. P. (2017). "FinTech, RegTech, and the Reconceptualization of Financial Regulation." Northwestern Journal of International Law & Business, 37(3), 371–413. [Defines the three-wave model of RegTech development; cited throughout Chapter 1.]

Butler, T., & O'Brien, L. (2019). "Understanding RegTech for Digital Regulatory Compliance." In T. Lynn, J. Mooney, P. Rosati, & M. Cummins (Eds.), Disrupting Finance: FinTech and Strategy in the 21st Century. Palgrave Pivot. [Practical taxonomy of RegTech functions with a focus on compliance automation.]

Financial Stability Board. (2017). Financial Stability Implications from FinTech: Supervisory and Regulatory Issues that Merit Authorities' Attention. FSB. Available: fsb.org. [FSB's first comprehensive assessment of FinTech and its regulatory implications; highly recommended for Chapter 3.]

Financial Stability Board. (2019). FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications. FSB. Available: fsb.org. [Examines how FinTech vendors are reshaping financial market infrastructure; essential reading for Chapter 3.]

Institute of International Finance. (2016). RegTech in Financial Services: Solutions for Compliance and Reporting. IIF. Available: iif.com. [One of the first major industry reports to define and segment the RegTech market.]

Philippon, T. (2016). "The FinTech Opportunity." NBER Working Paper 22476. National Bureau of Economic Research. Available: nber.org. [Influential analysis of the cost of financial intermediation and FinTech's potential to reduce it.]

Regulatory Primary Sources — Global Standards

Bank for International Settlements. (2011). Principles for the Sound Management of Operational Risk. BIS/Basel Committee on Banking Supervision. Available: bis.org. [The BIS operational risk framework that underpins Chapter 12.]

Basel Committee on Banking Supervision. (2013). Principles for Effective Risk Data Aggregation and Risk Reporting (BCBS 239). BIS. Available: bis.org. [The foundational data governance standard for financial institutions; extensively discussed in Chapters 5 and 13. Often cited as "BCBS 239."]

Basel Committee on Banking Supervision. (2017). Basel III: Finalising Post-Crisis Reforms. BIS. Available: bis.org. [The "Basel IV" package finalizing post-2008 capital reforms; essential background for Chapters 14 and 15.]

Financial Stability Board. (2020). Supervisory and Regulatory Approaches to Climate-Related Risks: Interim Report. FSB. Available: fsb.org. [Background reading for climate stress testing discussion in Chapter 16.]

Part 2: Financial Crime and Identity

Books

Cassara, J. A. (2016). Trade-Based Money Laundering: The Next Frontier in International Money Laundering Enforcement. Wiley. [Comprehensive practitioner guide to TBML; directly supports Chapter 7 on AML transaction monitoring.]

Gilmore, W. C. (2011). Dirty Money: The Evolution of International Measures Against Money Laundering and the Financing of Terrorism (4th ed.). Council of Europe Publishing. [Historical and legal treatment of international AML frameworks; essential background for Chapters 6–11.]

Lilley, P. (2006). Dirty Dealing: The Untold Truth About Global Money Laundering, International Crime and Terrorism (3rd ed.). Kogan Page. [Accessible overview of how financial crime operates; useful for typology discussion in Chapter 7.]

Moiseienko, A. (2019). Criminality, Corporate Liability, and the Compliance Defense. Hart Publishing. [Academic analysis of corporate liability for financial crime; directly relevant to Chapter 11 on SAR obligations.]

Ryder, N. (2012). Financial Crime in the 21st Century: Law and Policy. Edward Elgar. [Comprehensive academic treatment of financial crime law; valuable background for Chapters 6–11.]

Savona, E. U., & Riccardi, M. (Eds.). (2015). From Illegal Markets to Legitimate Businesses: The Portfolio of Organised Crime in Europe. Transcrime/Università Cattolica. [Research on how organized crime integrates into the legitimate economy; contextualizes the threat model for AML programs.]

Teichmann, F. M. J. (2020). "Recent Trends in Money Laundering." Crime, Law and Social Change, 73(2), 237–247. [Review of contemporary typologies; useful for updating AML scenario libraries.]

Unger, B. (Ed.). (2007). The Scale and Impacts of Money Laundering. Edward Elgar. [Academic analysis of money laundering volumes and economic effects; provides context for understanding the scale of the problem RegTech must address.]

Academic Papers

Brophy, R. (2015). "Blockchain and Insurance: Eight Facing Challenges and One Possible Solution." Journal of Financial Regulation and Compliance, 23(2), 189–197.

Ferwerda, J. (2009). "The Economics of Crime and Money Laundering: Does Anti-Money Laundering Policy Reduce Crime?" Review of Law and Economics, 5(2), 903–929. [Important empirical treatment of AML effectiveness; useful for calibrating expectations of RegTech solutions.]

Goede, M. de. (2018). "Finance/Security Infrastructures." Review of International Studies, 44(1), 110–127. [Critical geography of financial crime infrastructure; raises important questions for RegTech practitioners.]

Levi, M., & Soudijn, M. (2020). "Understanding the Laundering of Proceeds from Cybercrime." Crime and Justice, 49(1), 579–631. [Contemporary typology with direct relevance to transaction monitoring design.]

Van Erp, J., & Huisman, W. (2010). "Smart Regulation and Enforcement of Illegal Disposal of Electronic Waste." Criminology & Public Policy, 9(3), 579–590.

Wolfsberg Group. (2019). Wolfsberg Guidance on Transaction Screening. Wolfsberg Group. Available: wolfsberg-principles.com. [Free online; the industry standard for sanctions screening design.]

Wolfsberg Group. (2019). Wolfsberg Group Anti-Bribery and Corruption Compliance Programme Guidance. Wolfsberg Group. Available: wolfsberg-principles.com. [Guidance that underpins ABC controls discussed alongside AML in Chapter 6.]

Wolfsberg Group. (2020). Wolfsberg Guidance on Swift Screening. Wolfsberg Group. Available: wolfsberg-principles.com. [Specifically addresses correspondent banking and sanctions screening; essential for Chapter 8.]

Regulatory Primary Sources

European Union. (2018). Directive (EU) 2018/843 of the European Parliament and of the Council of 30 May 2018 amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing [5AMLD]. Official Journal of the European Union L 156/43.

European Union. (2018). Directive (EU) 2018/1673 of the European Parliament and of the Council of 23 October 2018 on combating money laundering by criminal law [6AMLD]. Official Journal of the European Union L 284/22. [Harmonizes criminal AML penalties across the EU; referenced in Chapter 11.]

Financial Action Task Force. (2012, revised 2023). International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation: The FATF Recommendations. FATF/OECD. Available: fatf-gafi.org. [The global AML/CFT standard on which all national AML frameworks are built; foundational reference for Chapters 6–11. Sometimes called "The 40 Recommendations."]

Financial Crimes Enforcement Network. (2016). Customer Due Diligence Requirements for Financial Institutions (FinCEN CDD Rule). 81 FR 29397. [The US CDD rule requiring UBO collection; essential background for Chapters 6 and 9.]

HM Treasury / Home Office. (2017). Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017). SI 2017/692. [The UK's principal AML/CTF regulations implementing the 4th Money Laundering Directive; extensively cited in Chapters 6–11.]

United States Congress. (2021). Corporate Transparency Act (CTA), as enacted in the National Defense Authorization Act for Fiscal Year 2021 (Pub. L. 116-283). [Creates FinCEN UBO reporting requirements; central to Chapter 9.]

Part 3: Risk Management and Regulatory Reporting

Books

Basel Committee on Banking Supervision. (2019). Minimum Capital Requirements for Market Risk (Fundamental Review of the Trading Book, FRTB). BIS. Available: bis.org. [The FRTB standard extensively discussed in Chapter 14.]

Blundell-Wignall, A., & Atkinson, P. (2010). "Thinking Beyond Basel III: Necessary Solutions for Capital and Liquidity." OECD Journal: Financial Market Trends, 2010(1).

Choudhry, M. (2012). The Principles of Banking. Wiley. [Comprehensive practitioner guide to banking, including liquidity management, capital, and risk; essential background for Chapters 12–16.]

Gregory, J. (2015). The xVA Challenge: Counterparty Credit Risk, Funding, Collateral, and Capital (3rd ed.). Wiley. [Advanced treatment of credit risk; supports Chapter 15 content.]

Hull, J. C. (2018). Options, Futures, and Other Derivatives (10th ed.). Pearson. [Standard textbook on derivative instruments and their risk; background for market risk chapters.]

Lore, M., & Borodovsky, L. (Eds.). (2000). The Professional's Handbook of Financial Risk Management. Butterworth-Heinemann. [Practitioner compendium on quantitative risk management; useful background for Chapters 14–16.]

McNeil, A. J., Frey, R., & Embrechts, P. (2015). Quantitative Risk Management: Concepts, Techniques and Tools (Revised ed.). Princeton University Press. [The graduate-level mathematical treatment of financial risk; supports the quantitative material in Chapters 14 and 15.]

Schuermann, T. (2014). "Stress Testing Banks." International Journal of Forecasting, 30(3), 717–728. [Analytical treatment of stress testing methodology; supports Chapter 16.]

Academic Papers

Aikman, D., Haldane, A., & Nelson, B. (2015). "Curbing the Credit Cycle." Economic Journal, 125(585), 1072–1109. [Analysis of credit cycles and macroprudential regulation; background for Basel capital framework.]

Bauguess, S. W., Cooney, J. W., & Hanley, K. W. (2013). "Toeholds, BOFAS, and the Cost of Regulatory Compliance." Journal of Financial Economics, 107(3), 688–706.

Brunnermeier, M. K., Crockett, A., Goodhart, C. A. E., Persaud, A., & Shin, H. S. (2009). The Fundamental Principles of Financial Regulation. Geneva Reports on the World Economy 11. ICMB and CEPR. [Foundational post-crisis regulatory thinking; background for Chapters 14–16.]

Flannery, M. J., & Sorescu, S. M. (1996). "Evidence of Bank Market Discipline in Subordinated Debenture Yields: 1983–1991." Journal of Finance, 51(4), 1347–1377.

Regulatory Primary Sources

Bank of England / FCA. (2021). Policy Statement PS21/3: Building Operational Resilience: Impact Tolerances for Important Business Services. Bank of England / FCA. Available: bankofengland.co.uk. [The principal UK operational resilience framework; extensively discussed in Chapters 12 and 33.]

Board of Governors of the Federal Reserve System. (2011). Supervisory Guidance on Model Risk Management (SR 11-7). Federal Reserve. Available: federalreserve.gov. [The foundational US model risk management framework; central to Chapters 15 and 26.]

European Banking Authority. (2021). Guidelines on Internal Governance under CRD IV (EBA/GL/2021/05). EBA. Available: eba.europa.eu. [Governance requirements for internal risk management; supports Chapter 12.]

European Banking Authority. (2014). Guidelines on Common Procedures and Methodologies for the Supervisory Review and Evaluation Process (SREP). EBA. [The SREP guidelines that shape how supervisors use data submitted in COREP and FINREP reports.]

European Central Bank. (2018). ECB Guide to Internal Models. ECB. Available: bankingsupervision.europa.eu. [The ECB's detailed expectations for IRB model governance and validation; essential for Chapter 15.]

HM Treasury / Bank of England / FCA. (2022). UK Solvency II Review: Restatement of Transitional Measures on Technical Provisions. HM Treasury.

International Accounting Standards Board. (2014). IFRS 9: Financial Instruments. IASB. Available: ifrs.org. [The accounting standard for expected credit loss provisioning; discussed in Chapter 15.]

Prudential Regulation Authority. (2021). Model Risk Management Principles for Banks (SS1/23). PRA. Available: bankofengland.co.uk. [The UK PRA's model risk management expectations, aligned with but extending SR 11-7; central to Chapters 15 and 26.]

Part 4: Market Surveillance and Trading Compliance

Books

Aldridge, I. (2013). High-Frequency Trading: A Practical Guide to Algorithmic Strategies and Trading Systems (2nd ed.). Wiley. [Essential technical background for Chapters 21 and 22 on algorithmic and HFT compliance.]

Chance, D. M., & Brooks, R. (2016). An Introduction to Derivatives and Risk Management (10th ed.). Cengage. [Derivatives background supporting the trading compliance chapters.]

Clarke, R., de Silva, H., & Thorley, S. (2016). "Fundamentals of Efficient Factor Investing." Financial Analysts Journal, 72(6), 9–26.

Comerton-Forde, C., & Rydge, J. (2006). "The Current State of Asia-Pacific Stock Exchanges: A Critical Review of Market Design." Pacific-Basin Finance Journal, 14(1), 1–32.

Harris, L. (2003). Trading and Exchanges: Market Microstructure for Practitioners. Oxford University Press. [The standard text on market microstructure; essential background for Chapters 18–22.]

Johnson, B. (2010). Algorithmic Trading and DMA: An Introduction to Direct Access Trading Strategies. 4Myeloma Press. [Practitioner guide to algorithmic trading mechanics; useful background for Chapters 21 and 22.]

MacKenzie, D. (2021). Trading at the Speed of Light: How Ultrafast Algorithms Are Transforming Financial Markets. Princeton University Press. [Sociological and technical analysis of high-frequency trading; directly relevant to Chapters 21 and 22.]

O'Hara, M. (1995). Market Microstructure Theory. Blackwell. [Classic academic treatment of market microstructure; theoretical foundation for surveillance chapters.]

Academic Papers

Comerton-Forde, C., & Putniņš, T. J. (2015). "Dark Trading and Price Discovery." Journal of Financial Economics, 118(1), 70–92. [Empirical analysis of dark pool trading; supports Chapter 20.]

Friederich, S., & Payne, R. (2015). "Order-to-Trade Ratios and Market Liquidity." Journal of Banking & Finance, 50, 214–223. [Relevant to algorithmic trading controls and the order-to-trade metrics discussed in Chapter 21.]

Goldstein, M. A., Kumar, P., & Graves, F. C. (2014). "Computerized and High-Frequency Trading." Financial Review, 49(2), 177–202.

Hasbrouck, J., & Saar, G. (2013). "Low-Latency Trading." Journal of Financial Markets, 16(4), 646–679. [Empirical study of HFT behavior; relevant to Chapters 21 and 22.]

Kyle, A. S. (1985). "Continuous Auctions and Insider Trading." Econometrica, 53(6), 1315–1335. [Classic theoretical paper on information-based trading; foundational for understanding insider dealing detection.]

Lee, R., & Liu, M. (2011). "Measuring Commonality in Liquidity across Asset Classes." Review of Financial Studies, 24(11), 3615–3653.

Putniņš, T. J. (2012). "Market Manipulation: A Survey." Journal of Economic Surveys, 26(5), 952–967. [Comprehensive survey of market manipulation research; highly recommended alongside Chapters 19 and 22.]

Regulatory Primary Sources

European Securities and Markets Authority. (2017). Guidelines on the Market Abuse Regulation (ESMA70-145-4235). ESMA. Available: esma.europa.eu. [ESMA's interpretive guidelines on MAR; essential reading for Chapters 19 and 22.]

European Union. (2014). Directive 2014/65/EU of the European Parliament and of the Council on markets in financial instruments [MiFID II]. Official Journal of the European Union L 173/349. [The principal MiFID II directive; foundational for Chapters 18–22.]

European Union. (2014). Regulation (EU) No 600/2014 of the European Parliament and of the Council on markets in financial instruments [MiFIR]. Official Journal of the European Union L 173/84. [The MiFIR reporting regulation; central to Chapters 18 and 20.]

European Union. (2014). Regulation (EU) No 596/2014 of the European Parliament and of the Council on market abuse [MAR]. Official Journal of the European Union L 173/1. [The Market Abuse Regulation; foundational for Chapters 19 and 22.]

European Union. (2017). Commission Delegated Regulation (EU) 2017/589 supplementing Directive 2014/65/EU with regard to regulatory technical standards specifying the organisational requirements of investment firms engaged in algorithmic trading [RTS 6]. Official Journal of the European Union L 87/417. [The MiFID II algorithmic trading RTS; central to Chapter 21.]

Financial Conduct Authority. (2021). Policy Statement PS21/3: Operational Resilience. FCA. Available: fca.org.uk. [UK operational resilience; discussed alongside Chapter 33.]

Financial Conduct Authority. (Various years). Market Watch. FCA. Available: fca.org.uk/publications/newsletters/market-watch. [The FCA's thematic newsletter on market conduct; invaluable for surveillance practitioners in Chapters 19 and 22. Issues 1 through the most recent are available online.]

Part 5: Emerging Technologies

Books

Benjamin, R. (2019). Race After Technology: Abolitionist Tools for the New Jim Code. Polity Press. [Critical analysis of racial bias in technology systems; essential reading for Chapter 29. Argues that technological systems can embed and amplify racial discrimination.]

Domingos, P. (2015). The Master Algorithm: How the Quest for the Ultimate Learning Machine Will Remake Our World. Basic Books. [Accessible introduction to machine learning; useful background for Chapters 4, 25, and 26.]

Eubanks, V. (2018). Automating Inequality: How High-Tech Tools Profile, Police, and Punish the Poor. St. Martin's Press. [Examines how automated decision-making systems harm marginalized communities; essential reading for Chapter 29 on algorithmic fairness. Particularly relevant to the financial inclusion dimensions of credit risk models.]

Géron, A. (2022). Hands-On Machine Learning with Scikit-Learn, Keras, and TensorFlow (3rd ed.). O'Reilly Media. [Practical ML implementation guide; supports the coding exercises across the technical chapters.]

Goodfellow, I., Bengio, Y., & Courville, A. (2016). Deep Learning. MIT Press. Available free at deeplearningbook.org. [The standard graduate text on deep learning; background for advanced ML in fraud detection (Chapter 25) and NLP (Chapter 23).]

Jurafsky, D., & Martin, J. H. (2024). Speech and Language Processing (3rd ed., online draft). Available: web.stanford.edu/~jurafsky/slp3. [The standard NLP textbook; directly supports Chapter 23 on NLP for regulatory intelligence.]

Kleppmann, M. (2017). Designing Data-Intensive Applications: The Big Ideas Behind Reliable, Scalable, and Maintainable Systems. O'Reilly Media. [Essential technical reference for the data architecture and pipeline design content in Chapters 5 and 13. A foundational text for any practitioner building compliance data infrastructure.]

Nakamoto, S. (2008). "Bitcoin: A Peer-to-Peer Electronic Cash System." [Available at bitcoin.org.] [The original Bitcoin white paper; foundational for Chapter 24 on blockchain and distributed ledger technology.]

Newman, S. (2021). Building Microservices: Designing Fine-Grained Systems (2nd ed.). O'Reilly Media. [Essential architectural reference for designing RegTech systems using microservices; directly supports Chapter 28 on APIs and open finance.]

Noble, S. U. (2018). Algorithms of Oppression: How Search Engines Reinforce Racism. NYU Press. [Analysis of algorithmic bias in information systems; important critical perspective for Chapter 29 and Chapter 34.]

O'Neil, C. (2016). Weapons of Math Destruction: How Big Data Increases Inequality and Threatens Democracy. Crown. [Accessible, widely-read critique of algorithmic decision-making in high-stakes contexts; essential reading for Chapters 26 and 34. Describes specific cases of harmful algorithmic decision-making in criminal justice, credit, education, and employment.]

Vigna, P., & Casey, M. J. (2016). The Age of Cryptocurrency: How Bitcoin and the Blockchain Are Challenging the Global Economic Order. Picador. [Accessible introduction to cryptocurrency; background for Chapter 24.]

Academic Papers

Arner, D. W., Buckley, R. P., Zetzsche, D. A., & Veidt, R. (2020). "Sustainability, FinTech and Financial Inclusion." European Business Organization Law Review, 21(1), 7–35.

Buchanan, B. G. (2019). "Artificial Intelligence in Finance." Alan Turing Institute Report. Available: turing.ac.uk. [Comprehensive survey of AI applications in financial services; broadly relevant to Part 5.]

Cao, L. (2021). "AI in Finance: Challenges, Techniques, and Opportunities." ACM Computing Surveys, 55(3), 1–38. [Comprehensive academic survey of AI/ML across the finance domain.]

Chen, T., & Guestrin, C. (2016). "XGBoost: A Scalable Tree Boosting System." Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 785–794. DOI: 10.1145/2939672.2939785. [The foundational paper on the XGBoost algorithm widely used in fraud detection and credit scoring.]

Doshi-Velez, F., & Kim, B. (2017). "Towards A Rigorous Science of Interpretable Machine Learning." arXiv:1702.08608. [Foundational paper on explainability in machine learning; supports Chapter 26.]

Floridi, L., et al. (2018). "AI4People — An Ethical Framework for a Good AI Society: Opportunities, Risks, Principles, and Recommendations." Minds and Machines, 28(4), 689–707. DOI: 10.1007/s11023-018-9482-5. [The AI4People framework; foundational for Chapter 34 on ethics in automated decision-making. Identifies five key principles: beneficence, non-maleficence, autonomy, justice, and explicability.]

Lundberg, S. M., & Lee, S.-I. (2017). "A Unified Approach to Interpreting Model Predictions." Advances in Neural Information Processing Systems, 30. [The SHAP paper; central to Chapter 26's treatment of explainable AI. Provides the theoretical basis for SHAP values used in adverse action explanations.]

Mittelstadt, B. D., Allo, P., Taddeo, M., Wachter, S., & Floridi, L. (2016). "The Ethics of Algorithms: Mapping the Debate." Big Data & Society, 3(2), 1–21. DOI: 10.1177/2053951716679679. [Comprehensive mapping of ethical concerns raised by algorithmic decision-making; essential reading for Chapter 34.]

Ribeiro, M. T., Singh, S., & Guestrin, C. (2016). "'Why Should I Trust You?': Explaining the Predictions of Any Classifier." Proceedings of the 22nd ACM SIGKDD International Conference, pp. 1135–1144. [The LIME paper; supports Chapter 26's discussion of model interpretability tools.]

Russell, S., & Norvig, P. (2021). Artificial Intelligence: A Modern Approach (4th ed.). Pearson. [The standard AI textbook; background reference for all AI/ML chapters.]

Wachter, S., Mittelstadt, B., & Russell, C. (2017). "Counterfactual Explanations Without Opening the Black Box: Automated Decisions and the GDPR." Harvard Journal of Law & Technology, 31(2), 841–887. [Influential paper on counterfactual explanations in algorithmic decision-making; central to Chapters 26 and 34. Addresses GDPR's right to explanation requirements.]

Part 6: Governance, Ethics, and Law

Books

Aristotle. (350 BCE / Trans. Ross, W. D., 2009). Nicomachean Ethics. Oxford University Press. [The foundational text on virtue ethics; referenced in Chapter 34's ethical frameworks discussion. The concept of practical wisdom (phronesis) is directly applicable to governance of automated systems.]

Barocas, S., Hardt, M., & Narayanan, A. (2023). Fairness and Machine Learning: Limitations and Opportunities. MIT Press. Available free at fairmlbook.org. [The leading academic text on algorithmic fairness; central to Chapter 29. Comprehensive treatment of fairness definitions, metrics, and their trade-offs.]

Cummings, M. L. (2017). Artificial Intelligence and the Future of Warfare. Chatham House Report. Chatham House. [Analysis of autonomous systems governance; relevant to Chapter 30 and the discussion of EU AI Act.]

Diakopoulos, N. (2019). Automating the News: How Algorithms Are Rewriting the Media. Harvard University Press.

Kant, I. (1785 / Trans. Korsgaard, C. M., 2012). Groundwork of the Metaphysics of Morals. Cambridge University Press. [Foundational deontological ethics text; referenced in Chapter 34's discussion of deontological frameworks applied to RegTech. The categorical imperative is applied to algorithmic decision-making obligations.]

Mill, J. S. (1863 / Crisp, R. ed., 1998). Utilitarianism. Oxford University Press. [Foundational consequentialist ethics text; referenced in Chapter 34's treatment of the ethics of automated compliance systems. The utilitarian calculus is applied to the aggregate harm analysis of false positives and surveillance.]

Sandel, M. J. (2012). What Money Can't Buy: The Moral Limits of Markets. Farrar, Straus and Giroux. [Philosophical critique of the commodification of social goods; provides ethical framing for debates about the commercialization of compliance data, discussed in Chapters 34 and 35.]

Soshanna, Z. (2019). The Age of Surveillance Capitalism. See Part 1 listing.

Sumpter, D. (2018). Outnumbered: From Facebook and Google to Fake News and Filter-Bubbles — The Algorithms That Control Our Lives. Bloomsbury Sigma. [Accessible treatment of algorithmic influence; relevant to Chapter 34.]

Academic Papers

Barocas, S., & Moritz Hardt, M. (2016). "Fairness in Machine Learning." NIPS 2016 Tutorial. [The conference tutorial that helped establish algorithmic fairness as a field; background for Chapter 29.]

Dwork, C., Hardt, M., Pitassi, T., Reingold, O., & Zemel, R. (2012). "Fairness Through Awareness." Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, pp. 214–226. [Foundational paper on fairness metrics; supports Chapter 29.]

European Commission. (2021). Ethics Guidelines for Trustworthy AI. High-Level Expert Group on AI. Available: digital-strategy.ec.europa.eu. [The HLEG AI Ethics Guidelines; essential reading for Chapter 30. Establishes the seven requirements for trustworthy AI that informed the EU AI Act.]

Goodman, B., & Flaxman, S. (2017). "European Union Regulations on Algorithmic Decision-Making and a 'Right to Explanation.'" AI Magazine, 38(3), 50–57. [Analysis of GDPR's data subject rights as applied to automated decision-making; supports Chapter 17.]

Hardt, M., Price, E., & Srebro, N. (2016). "Equality of Opportunity in Supervised Learning." Advances in Neural Information Processing Systems, 29. [The foundational paper establishing equalized odds as a fairness metric; central to Chapter 29.]

Morley, J., Cowls, J., Taddeo, M., & Floridi, L. (2020). "The Ethics of AI in Health Care: A Mapping Review." Social Science & Medicine, 260, 113172. [Methodology applicable to RegTech ethics analysis.]

Pasquale, F. (2015). The Black Box Society: The Secret Algorithms That Control Money and Information. Harvard University Press. [Critical analysis of algorithmic opacity; essential reading for Chapter 26 on explainability.]

Selbst, A. D., & Barocas, S. (2018). "The Intuitive Appeal of Explainable Machines." Fordham Law Review, 87, 1085. [Careful analysis of the limits of explainability; supports Chapter 26.]

Zarsky, T. Z. (2016). "The Trouble with Algorithmic Decisions: An Analytic Road Map to Examine Efficiency and Fairness in Automated and Opaque Decision Making." Science, Technology, & Human Values, 41(1), 118–132. [Framework for analyzing algorithmic decision-making systems; supports Chapter 34.]

Regulatory Primary Sources

European Union. (2016). Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data [GDPR]. Official Journal of the European Union L 119/1. [The General Data Protection Regulation; extensively referenced in Chapters 17, 26, and 29. Fully applicable since May 25, 2018.]

European Union. (2022). Regulation (EU) 2022/2554 of the European Parliament and of the Council on digital operational resilience for the financial sector [DORA]. Official Journal of the European Union L 333/1. [The Digital Operational Resilience Act; central to Chapter 33. Applicable from January 17, 2025.]

European Union. (2024). Regulation (EU) 2024/1689 of the European Parliament and of the Council laying down harmonised rules on artificial intelligence [EU AI Act]. Official Journal of the European Union. [The EU Artificial Intelligence Act; central to Chapter 30. Risk-based framework with high-risk classification relevant to most RegTech applications in financial services. Adopted June 2024; phased application 2024–2027.]

Financial Conduct Authority. (2022). PS22/9: A New Consumer Duty. FCA. Available: fca.org.uk. [The FCA's Consumer Duty; sets expectations for good customer outcomes across financial services, including in automated decision contexts.]

National Institute of Standards and Technology. (2024). Cybersecurity Framework 2.0 (NIST CSF 2.0). NIST. Available: nist.gov. [The updated cybersecurity framework; central to Chapter 33 on cybersecurity compliance.]

Part 7: Strategy and Implementation

Books

Block, P. (2011). Flawless Consulting: A Guide to Getting Your Expertise Used (3rd ed.). Pfeiffer. [Essential reading for compliance consultants and internal change agents; supports Chapter 37 on change management.]

Brühl, V. (2017). Money, Banking, Financial Markets and Institutions. Springer. [Academic banking textbook; background reference for institutional context.]

Brown, T. (2009). Change by Design: How Design Thinking Creates New Strategies and Delivers Innovation. HarperBusiness. [Design thinking methodology; applicable to RegTech product and process design.]

Chopra, S., & Meindl, P. (2016). Supply Chain Management: Strategy, Planning, and Operation (6th ed.). Pearson. [Supply chain framework applicable to third-party and vendor risk management in Chapter 36.]

Christensen, C. M. (2016). The Innovator's Dilemma: When New Technologies Cause Great Firms to Fail (Reissue ed.). Harvard Business Review Press. [Classic on disruptive innovation; useful lens for analyzing how incumbent financial institutions respond to RegTech; relevant to Chapters 35 and 39.]

Kotter, J. P. (2012). Leading Change (New Preface ed.). Harvard Business Review Press. [Kotter's 8-step change model; directly referenced in Chapter 37 on change management for compliance transformation.]

McConnell, P. (2017). Strategic Risk Management: New Tools for Board Members and Executive Teams. Kogan Page. [Senior-level treatment of strategic risk management; relevant to Chapter 35.]

Ross, J. W., Weill, P., & Robertson, D. C. (2006). Enterprise Architecture as Strategy: Creating a Foundation for Business Execution. Harvard Business School Press. [Enterprise architecture methodology applicable to compliance technology strategy in Chapter 35.]

Schwaber, K., & Sutherland, J. (2020). The Scrum Guide. scrumguides.org. [The official Scrum reference; relevant to agile implementation methodology discussed in Chapter 36.]

Weill, P., & Ross, J. W. (2004). IT Governance: How Top Performers Manage IT Decision Rights for Superior Results. Harvard Business School Press. [IT governance framework widely used in financial services technology governance; directly relevant to Chapter 35.]

Academic Papers

Alaassar, A., Mention, A.-L., & Aas, T. H. (2021). "Exploring a New Incubation Model for FinTechs: Regulatory Sandboxes." Technovation, 103, 102237. [Academic analysis of regulatory sandboxes; supports Chapter 31.]

Allen, F., & Gale, D. (2001). "Comparative Financial Systems: A Survey." Working Paper. Wharton School. [Comparative financial regulation; background for Chapter 32.]

Boot, A. W. A. (2016). "Understanding the Future of Banking: Scale and Scope Economies, and Fintech." In T. Beck & B. Casu (Eds.), The Palgrave Handbook of European Banking. Palgrave Macmillan.

Brummer, C., & Yadav, Y. (2019). "Fintech and the Innovation Trilemma." Georgetown Law Journal, 107(1), 235–307. [Analysis of the regulatory dilemma between innovation, financial stability, and consumer protection; supports Chapters 31 and 35.]

Claessens, S., Frost, J., Turner, G., & Zhu, F. (2018). "Fintech Credit Markets Around the World: Size, Drivers, and Policy Issues." BIS Quarterly Review, September 2018. Available: bis.org. [Cross-country analysis of FinTech credit markets; supports Chapter 32.]

Jagtiani, J., & Lemieux, C. (2018). "Do Fintech Lenders Penetrate Areas that Are Underserved by Traditional Banks?" Journal of Economics and Business, 100, 43–54. [Analysis of FinTech's role in financial access; relevant to Chapter 29's fairness discussion.]

Philippon, T. (2019). "On Fintech and Financial Inclusion." NBER Working Paper 26330. [Important analysis of FinTech's potential to improve financial access — and the risks when compliance systems exclude.]

Zetzsche, D. A., Buckley, R. P., Arner, D. W., & Barberis, J. N. (2017). "From FinTech to TechFin: The Regulatory Challenges of Data-Driven Finance." European Banking Institute Working Paper Series, 2017/6. [Analysis of data-driven finance and its regulatory implications; supports Chapters 28 and 35.]

Regulatory Primary Sources

Bank of England. (2015). Fair and Effective Markets Review: Final Report. Bank of England / FCA / HM Treasury. Available: bankofengland.co.uk. [Post-LIBOR review of fixed income, currency, and commodities markets; relevant to Chapter 22.]

European Banking Authority. (2016). Consultation Paper: EBA Guidelines on ICT Risk Assessment under SREP. EBA. Available: eba.europa.eu. [ICT risk assessment guidelines; background for Chapter 12.]

European Banking Authority. (2019). EBA Guidelines on Outsourcing Arrangements (EBA/GL/2019/02). EBA. Available: eba.europa.eu. [The EBA outsourcing guidelines; directly relevant to Chapter 36 on vendor management.]

Financial Conduct Authority. (2016). Regulatory Sandbox. FCA. Available: fca.org.uk. [The FCA's description of its sandbox; central to Chapter 31.]

Financial Conduct Authority. (2023). FCA Business Plan 2023/24. FCA. Available: fca.org.uk. [Sets out FCA priorities; essential for understanding the UK regulatory landscape in Chapter 2.]

Appendix: Online Resource Directories

The following organizations maintain websites with freely accessible regulatory documents, research papers, guidance, and data relevant to RegTech practitioners. All URLs were verified as of 2025.

Regulatory Bodies — Primary Sources

United Kingdom - Financial Conduct Authority: fca.org.uk — Policy Statements, Consultation Papers, Supervisory Statements, Final Notices, Market Watch newsletters - Prudential Regulation Authority: bankofengland.co.uk/prudential-regulation — Supervisory Statements, Policy Statements, Dear CEO letters - Bank of England: bankofengland.co.uk — Quarterly Bulletin, Financial Stability Report, TDC initiative documents - His Majesty's Treasury: gov.uk/government/organisations/hm-treasury — Statutory Instruments, consultation documents - National Crime Agency: nationalcrimeagency.gov.uk — Annual Suspicious Activity Reports statistics - Information Commissioner's Office: ico.org.uk — GDPR guidance, enforcement actions

European Union - European Banking Authority: eba.europa.eu — Guidelines, ITS, RTS, Q&As - European Securities and Markets Authority: esma.europa.eu — MiFID II/MiFIR technical standards, MAR guidelines - European Insurance and Occupational Pensions Authority: eiopa.europa.eu — Solvency II guidance - European Central Bank — Banking Supervision: bankingsupervision.europa.eu — SREP methodology, supervisory expectations - European Data Protection Board: edpb.europa.eu — GDPR guidelines and opinions - EUR-Lex: eur-lex.europa.eu — All EU legislation in consolidated form

United States - Financial Crimes Enforcement Network: fincen.gov — AML/BSA regulations, guidance, SAR statistics - Office of the Comptroller of the Currency: occ.gov — Examination handbooks, bulletins - Federal Reserve Board: federalreserve.gov — Supervisory letters, model risk guidance (SR 11-7), stress test results - FDIC: fdic.gov — FIL guidance, examination manuals - SEC: sec.gov — Regulatory actions, no-action letters - CFTC: cftc.gov — Swap data, algorithmic trading rules - OFAC: home.treasury.gov/policy-issues/office-of-foreign-assets-control-sanctions-programs-and-information — SDN list, compliance guidance

International - Financial Action Task Force: fatf-gafi.org — 40 Recommendations, mutual evaluations, typologies reports - Bank for International Settlements: bis.org — Basel III/IV standards, working papers, quarterly review - Financial Stability Board: fsb.org — FinTech reports, regulatory reform tracking - International Organization of Securities Commissions: iosco.org — Securities regulation standards - Institute of International Finance: iif.com — Industry positions on regulatory reform

Research Institutes and Think Tanks

  • Cambridge Centre for Alternative Finance (CCAF): jbs.cam.ac.uk/faculty-research/centres/alternative-finance — FinTech and RegTech market sizing reports
  • Alan Turing Institute: turing.ac.uk — AI in finance reports
  • Oxford Internet Institute: oii.ox.ac.uk — Internet governance and algorithmic accountability research
  • Peterson Institute for International Economics: piie.com — Financial regulation analysis
  • Brookings Institution: brookings.edu — FinTech policy research
  • Milken Institute: milkeninstitute.org — Financial innovation research
  • Centre for European Policy Studies: ceps.eu — EU financial regulation analysis
  • TheCityUK: thecityuk.com — UK financial services industry statistics and positions

Professional Bodies and Industry Associations

  • Wolfsberg Group: wolfsberg-principles.com — AML/CTF standards, TBML guidance, sanctions guidance
  • SWIFT: swift.com — Correspondent banking standards, KYC utilities
  • International Swaps and Derivatives Association (ISDA): isda.org — Derivatives standards, smart contract documentation
  • Global Legal Entity Identifier Foundation (GLEIF): gleif.org — LEI data and standards
  • Association of Certified Anti-Money Laundering Specialists (ACAMS): acams.org — AML certification, typologies research
  • Chartered Institute for Securities and Investment (CISI): cisi.org — UK financial regulation training
  • RegTech Association: regtechassociation.org — Industry body for RegTech vendors and users
  • FINOS (Fintech Open Source Foundation): finos.org — Open source financial standards

Databases and Data Sources

  • Global Legal Entity Identifier Foundation LEI search: gleif.org/en/lei-data/global-lei-index
  • OFAC SDN and Consolidated Sanctions List: home.treasury.gov/policy-issues/financial-sanctions/specially-designated-nationals-and-blocked-persons-list-sdn-human-readable-lists
  • UN Consolidated Sanctions List: un.org/securitycouncil/content/un-sc-consolidated-list
  • EU Consolidated Financial Sanctions List: eeas.europa.eu/topics/sanctions-policy
  • UK HM Treasury Financial Sanctions List: gov.uk/government/publications/financial-sanctions-consolidated-list-of-targets
  • Companies House: find-and-update.company-information.service.gov.uk — UK corporate registry
  • EDGAR (US SEC filing database): sec.gov/cgi-bin/browse-edgar

This bibliography represents a foundation, not an exhaustive survey. RegTech is an active field: new regulations, enforcement actions, academic papers, and industry guidance emerge continuously. Practitioners are encouraged to maintain subscriptions to relevant regulatory update services, industry publications (e.g., Risk.net, Compliance Week, Thomson Reuters Regulatory Intelligence), and academic journals (Journal of Financial Regulation, Law and Financial Markets Review, Journal of Financial Compliance).