Further Reading
Chapter 1: What Is RegTech? History, Definitions, and the Compliance Crisis
Essential Reading
Arner, D.W., Barberis, J., & Buckley, R.P. (2017). FinTech, RegTech, and the Reconceptualization of Financial Regulation. Northwestern Journal of International Law & Business, 37(3), 371–413. The foundational academic paper on RegTech as a concept. Arner, Barberis, and Buckley define the field, trace its origins, and analyze its implications for regulatory frameworks. Required reading for anyone who wants to engage seriously with the theoretical foundations of the field.
Financial Conduct Authority (2016). Call for Input: Supporting the Development and Adoption of RegTech. The document that did more than any other to popularize the term "RegTech" and establish the FCA's position as a global leader in supporting RegTech adoption. Available free from fca.org.uk. Read the executive summary and Section 2 at minimum.
Basel Committee on Banking Supervision (2018). Sound Practices: Implications of Fintech Developments for Banks and Bank Supervisors. The global banking supervisors' analysis of technology in finance, including a chapter specifically on RegTech. Essential for understanding how prudential regulators conceptualize technology risk alongside its compliance applications.
For Practitioners
Thomson Reuters (annual). Cost of Compliance Survey. Published annually, this survey provides the most authoritative quantitative data on compliance costs, regulatory change volumes, and practitioner sentiment. The 2024 and 2025 editions are particularly relevant to the post-Basel IV environment.
Deloitte (2016). RegTech Is the New FinTech: How Agile Regulatory Technology Is Helping Firms Better Understand and Manage Their Risks. An early but still useful practitioner overview from a Big 4 perspective. Note where the field has evolved since 2016 — the AI and NLP applications are now more mature than the report anticipated.
BCBS 239: Principles for Effective Risk Data Aggregation and Risk Reporting (Basel Committee, 2013). Not technically a RegTech document, but essential context. BCBS 239 is the direct regulatory response to the data aggregation failures revealed by the financial crisis, and it defines the data infrastructure requirements that underpin most risk and reporting RegTech.
Jenkinson, N. (2019). FinTech and RegTech: Opportunities and Challenges for Central Banks and Financial Stability. Bank for International Settlements. A Bank of England executive's analysis of both sides of the technology/regulation relationship. Excellent on the SupTech dimension.
For the Curious
Bookstaber, R. (2017). The End of Theory: Financial Crises, the Failure of Economics, and the Sweep of Human Interaction. Princeton University Press. Not specifically about RegTech, but an essential intellectual foundation for understanding why financial systems are complex in ways that simple models miss — directly relevant to why both model risk management and AML typologies require continuous revision.
Zetzsche, D.A., Buckley, R.P., Arner, D.W., & Barberis, J. (2017). From FinTech to TechFin: The Regulatory Challenges of Data-Driven Finance. Yale Journal on Regulation, 14. Explores the regulatory challenge that emerges when technology companies (Google, Amazon, Alibaba) begin offering financial services — a dynamic that has become more pronounced since the paper was written.
Thakor, A.V. (2020). Fintech and Banking: What Do We Know? Journal of Financial Intermediation, 41. A comprehensive academic review of the economics of fintech, with strong coverage of the regulatory implications. Accessible to readers without economics training.
Patterson, S. (2010). The Quants: How a New Breed of Math Whizzes Conquered Wall Street and Nearly Destroyed It. Crown Business. A readable narrative history of quantitative finance leading up to the 2008 crisis. Essential background for understanding the model risk failures that drove post-crisis regulatory reform.
United States Senate Permanent Subcommittee on Investigations (2012). U.S. Vulnerabilities to Money Laundering, Drugs, and Terrorist Financing: HSBC Case History. The 340-page Senate report that preceded HSBC's $1.9 billion settlement. Primary source material for understanding what large-scale AML failure actually looks like inside an institution.
Regulatory Primary Sources
All primary regulatory documents are available free from the relevant regulatory body's website.
| Document | Source | Why It Matters |
|---|---|---|
| Bank Secrecy Act (31 USC 5311) | FinCEN.gov | Foundation of US AML requirements |
| USA PATRIOT Act (2001), Title III | congress.gov | Major expansion of AML/CFT obligations |
| Dodd-Frank Wall Street Reform Act (2010) | congress.gov | Post-crisis US reform framework |
| MiFID II (2014/65/EU) | EUR-lex | EU trading and conduct framework |
| GDPR (2016/679/EU) | EUR-lex | EU data protection framework |
| 6AMLD (2018/843/EU) | EUR-lex | EU AML directive with criminal liability |
| DORA (2022/2554/EU) | EUR-lex | EU digital operational resilience |
| FATF Recommendations (current edition) | fatf-gafi.org | Global AML/CFT standards |
Journals and Continuing Resources
Journal of Financial Regulation (Oxford) — Peer-reviewed academic coverage of regulatory developments, including technology implications.
Journal of Financial Crime (Emerald) — Specialized coverage of AML, fraud, and financial crime compliance.
Regulation & Governance (Wiley) — Broader regulatory governance, with coverage of technology and innovation.
Compliance Week — Industry publication; good for current practitioner news and enforcement updates.
Global Relay's Compliance Blog — Practitioner-oriented coverage of communications compliance, surveillance, and RegTech.
ISDA (International Swaps and Derivatives Association) publications — Essential for derivatives regulatory coverage.