Chapter 39: Further Reading — The Future of RegTech
Essential Reading
These sources are foundational for understanding the specific topics covered in Chapter 39. They are primary sources from regulators and international standard-setters that any compliance professional working in this space should read directly.
SupTech and Supervisory Technology
Bank for International Settlements — SupTech and RegTech: The State of Play BIS Quarterly Review, September 2023 (and annual updates). The BIS publishes periodic surveys of SupTech deployments across central banks and supervisory authorities globally. The SupTech inventory documents more than 90 active tools across 50+ jurisdictions, organized by supervisory function (microprudential, macroprudential, market conduct, financial crime). This is the most comprehensive single source for understanding the current scope of regulatory technology deployment on the supervisory side. Available at: bis.org/research
Financial Stability Board — SupTech and RegTech: An Overview FSB Report on Financial Stability Implications of FinTech, and annual updates on regulatory and supervisory technology. The FSB coordinates international work on SupTech among G20 financial regulators. Its reports provide a cross-jurisdictional view of where SupTech is being deployed and what governance challenges have emerged. Available at: fsb.org
European Central Bank — AnaCredit: Background, Methodology, and Data Quality ECB Publication Series on Statistics and Data. The ECB's AnaCredit documentation describes the most extensive SupTech data collection program currently operational in Europe. It is an instructive model for understanding what granular supervisory data collection looks like in practice — what data is collected, how it is structured, and what the ECB uses it for. Available at: ecb.europa.eu/stats/supervisory_prudential_statistics
BIS Innovation Hub — Work Program and Published Prototypes The BIS Innovation Hub publishes descriptions of its SupTech proof-of-concept programs, including Regcloud (regulatory data access via cloud), Mosaic (machine learning for supervisory analytics), and others. Available at: bisih.org
Digital Regulation and Machine-Executable Rules
FCA and Bank of England — Digital Regulatory Reporting: Phase 2 Report The FCA's DRR initiative publication record documents the evolution of the project from concept to Phase 1 pilot to Phase 2 architecture development. Reading the DRR publications in sequence is the best way to understand both the aspiration and the practical challenges of machine-readable regulatory reporting. Available at: fca.org.uk/firms/digital-regulatory-reporting
FCA — Technology Working Group Final Report on Digital Regulatory Reporting The Technology Working Group, which included FCA staff and volunteer industry participants, produced a detailed assessment of the technical architecture for machine-readable regulatory reporting, including the XBRL-to-API evolution and the governance challenges of maintaining machine-executable rule libraries.
GLEIF — The Legal Entity Identifier System The Global Legal Entity Identifier Foundation publishes documentation on the LEI system, which is the most widely deployed piece of machine-readable regulatory reference data infrastructure in financial markets. Understanding how the LEI works — and why it works — provides a useful concrete foundation for thinking about what machine-readable regulation looks like in practice. Available at: gleif.org
Cambridge Centre for Alternative Finance — Digital Regulatory Reporting Research The Cambridge Centre has published research on the feasibility and governance challenges of machine-readable regulation, drawing on academic analysis as well as practitioner consultation. Available at: jbs.cam.ac.uk/faculty-research/centres/alternative-finance/
LLMs and AI in Compliance
NIST — AI Risk Management Framework (AI RMF 1.0) National Institute of Standards and Technology, January 2023. The NIST AI RMF is the US government's primary framework for AI risk management, and it has been widely adopted as a governance standard in financial services. Its four core functions — Govern, Map, Measure, and Manage — provide a structured approach to AI deployment governance that is applicable to LLMs and other AI tools used in compliance contexts. For compliance professionals, the "Govern" and "Measure" functions are most directly relevant. Available at: nist.gov/ai/ai-risk-management-framework
Federal Reserve, OCC, FDIC — SR 11-7: Supervisory Guidance on Model Risk Management US Federal Reserve Board, April 2011 (still current). SR 11-7 remains the foundational US guidance on model risk management and is directly relevant to LLM governance in compliance contexts. The definition of "model" it contains, and the validation and governance requirements it establishes, are the reference standard against which LLM deployment in compliance should be assessed. Available at: federalreserve.gov
European Parliament and Council — Regulation (EU) 2024/1689 (EU AI Act) The AI Act is the first comprehensive legal framework for AI and applies directly to AI systems used in financial services compliance functions that meet the high-risk criteria. Compliance professionals working in the EU should read at minimum Titles I, II, and III (high-risk AI systems), and Annex III (the list of high-risk use cases). Available at: eur-lex.europa.eu
Monetary Authority of Singapore — FEAT Principles The MAS FEAT framework (Fairness, Ethics, Accountability, Transparency) provides a principles-based framework for AI governance in financial services that complements the EU AI Act's rules-based approach. It is particularly useful for firms operating in APAC jurisdictions. Available at: mas.gov.sg
Practitioner and Advisory Sources
These sources represent the practitioner and advisory literature on RegTech futures. They are written for professionals rather than academics and are accessible to readers without deep technical backgrounds.
Oliver Wyman / Morgan Stanley — The Future of Compliance: From Control Function to Strategic Enabler Oliver Wyman's compliance transformation research series, published periodically, addresses the organizational and strategic dimensions of compliance technology investment. Its case study research draws on real institution experiences and provides context that complements the academic literature. Available at: oliverwyman.com
Deloitte — 2024 Global Compliance Survey Deloitte's annual survey of compliance function leaders across financial services provides current data on technology investment priorities, regulatory pressures, and the evolution of the compliance operating model. Available at: deloitte.com/insights
McKinsey Global Institute — The Future of Work in Financial Services McKinsey research on automation and augmentation in financial services, including compliance-specific analysis. The research addresses the skills implications of compliance automation and provides empirical evidence on where human judgment remains difficult to replace. Available at: mckinsey.com/mgi
Thomson Reuters — State of the Compliance Function Reports Thomson Reuters publishes annual reports on compliance function trends, including technology adoption rates, cost trends, and regulatory change volume. These reports provide the benchmarking data that compliance leaders use to calibrate where their programs stand relative to peers. Available at: thomsonreuters.com/en/reports
International Compliance Association — RegTech Practitioner Guides The ICA publishes practitioner guides on specific RegTech topics, written by practitioners for practitioners. The guides on AI in compliance, SupTech readiness, and digital regulatory reporting are particularly relevant to this chapter. Available at: int-comp.org
Academic Sources
These sources provide research-grounded analysis of the themes covered in Chapter 39. They are written for academic audiences but accessible to professional readers with patience for technical language.
Buckley, R.P., Arner, D.W., Zetzsche, D.A., and Veidt, R. — "Building RegTech for Better Financial Regulation" European Business Organization Law Review, 2020. Buckley, Arner, and Zetzsche are among the most prolific academic researchers in RegTech, and this paper provides a comprehensive framework for understanding the relationship between regulatory design and technology deployment. Their research has been widely cited in regulatory policy discussions.
Arner, D.W., Barberis, J., and Buckley, R.P. — "FinTech, RegTech, and the Reconceptualization of Financial Regulation" Northwestern Journal of International Law and Business, 2017. The foundational academic paper on the RegTech concept, which provides historical context and conceptual clarity that remains useful for understanding what RegTech is and what it is not. Often cited as the first systematic academic treatment of the RegTech category.
Brammer, M. and Lautenschläger, S. — "Supervisory Technology: An Exploration of SupTech Initiatives" BIS Financial Stability Review, 2022. Empirical research drawing on the BIS SupTech survey data, providing the most comprehensive academic analysis of SupTech deployment patterns and their implications for supervisory effectiveness.
Fenwick, M., McCahery, J.A., and Vermeulen, E.P.M. — "FinTech and the Financing of Entrepreneurs: From Crowdfunding to Marketplace Lending" ECGI Working Paper, 2017. While focused on FinTech rather than RegTech, this paper's analysis of regulatory adaptation to technological disruption in financial markets provides the conceptual framework for understanding the pacing problem described in Section 6 of the chapter.
Cambridge Centre for Alternative Finance — Global Alternative Finance Market Benchmarking Report Annual report covering FinTech and RegTech market trends. The Cambridge Centre's data series provides the most consistent longitudinal view of RegTech market development, covering investment, adoption, and market structure. Available at: jbs.cam.ac.uk/faculty-research/centres/alternative-finance/
Regulatory Sources Table
| Regulator / Body | Key Publication | Topic | Location |
|---|---|---|---|
| FCA (UK) | Digital Regulatory Reporting publications | Machine-readable reporting; DRR Phase 1 and Phase 2 | fca.org.uk/firms/digital-regulatory-reporting |
| FCA (UK) | RegTech: A New Horizon | Overview of FCA's approach to RegTech | fca.org.uk |
| Bank of England | FinTech and the Financial System | Technology and systemic risk | bankofengland.co.uk |
| ECB | AnaCredit documentation and BIRD | SupTech data collection | ecb.europa.eu |
| BIS | SupTech Inventory | Global SupTech programs | bis.org/research |
| BIS Innovation Hub | Work program publications | SupTech prototypes | bisih.org |
| FSB | Annual reports on financial technology | Cross-jurisdictional RegTech/SupTech | fsb.org |
| MAS (Singapore) | FEAT Principles; MAS FinTech publications | AI governance; API-based reporting | mas.gov.sg |
| SEC (US) | EDGAR Analytics publications | SupTech data analytics | sec.gov |
| Federal Reserve | SR 11-7 | Model risk management | federalreserve.gov |
| NIST (US) | AI RMF 1.0 | AI risk management | nist.gov/ai |
| European Parliament | EU AI Act (Regulation 2024/1689) | AI governance | eur-lex.europa.eu |
| FATF | Updated Guidance on Virtual Assets | DeFi and crypto AML | fatf-gafi.org |
| GLEIF | LEI documentation | Machine-readable reference data | gleif.org |
Online Resources and Communities
BIS Innovation Hub — bisih.org The BIS Innovation Hub's website publishes descriptions of its current research projects, completed proof-of-concept prototypes, and working papers. For compliance professionals interested in SupTech specifically, the Hub's publications are the most current and authoritative source of information on where supervisory technology development is heading globally.
FCA RegTech — fca.org.uk/firms/regtech The FCA's dedicated RegTech pages include publications from the Digital Regulatory Reporting initiative, information on the FCA's TechSprint events, and the FCA's broader approach to innovation in regulated firms. The FCA is one of the most active major regulators in publishing its thinking on regulatory technology, and its RegTech pages are worth checking regularly.
Cambridge Centre for Alternative Finance — jbs.cam.ac.uk/faculty-research/centres/alternative-finance/ The Cambridge Centre is the leading academic research center on alternative finance and RegTech in the UK. Its benchmarking reports, working papers, and policy briefs are regularly cited in regulatory consultations and provide the most rigorous academic perspective on RegTech market development.
GLEIF Open Data — search.gleif.org The GLEIF's open data portal provides access to the global LEI registry, including the entity data associated with LEIs. This is useful for compliance professionals who want to understand how the LEI system works in practice, and for those building compliance systems that use LEI as a reference data standard.
RegTechAnalyst.com A practitioner-focused publication covering RegTech market developments, vendor news, regulatory technology deployments, and practitioner commentary. Useful for staying current with market developments between academic publication cycles.
The RegTech Association — theregtech.com An industry association for RegTech vendors and compliance technology buyers, which publishes research on RegTech market trends and hosts practitioner events. Membership provides access to peer networks and benchmarking data.
FinRegLab — finreglab.org A US-based research organization that conducts empirical tests of financial innovation with regulatory implications. Its research on AI-based credit underwriting, fraud detection, and compliance technology is methodologically rigorous and practically relevant.
Recommended Reading Sequence
For readers who want to engage with the further reading in a structured sequence rather than topic by topic:
If you have two hours: Read the BIS SupTech inventory summary, the FCA DRR overview publications, and the NIST AI RMF summary. These three sources will give you the most current view of the three main structural developments covered in this chapter.
If you have a day: Add SR 11-7 (Federal Reserve model risk guidance), the EU AI Act Titles I–III, and one Oliver Wyman compliance transformation report. The combination gives you the regulatory framework, the governance standard, and the practitioner market context.
If you are building a career in this space: Engage with the Cambridge Centre academic research, the BIS Innovation Hub publications on a regular basis, and participate (even as a reader initially) in the FCA's regulatory consultation processes on digital regulatory reporting and supervisory technology. The professionals who shape the future of this field are the ones who engage with its development, not just observe it.
Chapter 39 Further Reading complete.