The world is undergoing a new digital era full of innovative technological development and trends. Artificial intelligence (AI), blockchain, IoT, 3D printing, robotics, and virtual and augmented reality all impact human identity and interaction as well as the production, consumption, and distribution systems around the globe.

Such changes require new guidance for regulating emerging technologies. In this article, we will cover the unique regulatory challenges and opportunities.

In this article:

  1. 3 Major Challenges of Regulating Emerging Technologies
  2. How to Overcome Regulatory Challenges
  3. How Does RegTech Influence FinTech?
  4. Conclusion

3 Major Challenges of Regulating Emerging Technologies

With the multifaceted nature of new technologies, it can also transcend national boundaries and thus, concern national security. However, there are no regulatory standards across different nations.

Aside from the difficulties coordinating across the border, there are three major challenges when regulating emerging technologies:

1. Unforeseeable Nature of Business Models

Services and products rooted in solutions for regulating emerging technologies can evolve faster and transform from one category to another.

Take a ride-hailing company, for example. If it starts food delivery services, it will fall under the health regulators’ jurisdiction. Later, if the company decides to offer delivery-by-drone services, it will fall under the aviation regulators’ purview. Then if the company shifts to self-driving cars for its ride-hailing services, it will fall under transport regulators’ jurisdiction. 

In a sharing economy, it can be difficult to maintain consistency with regulation, as the line between classification and categories of products and services can be blurry.

There’s also the issue of liability. If the self-driving car service crashes and injures the passenger or, worst case, kills the person, then who is responsible for the incident? It could be:

  • the driver behind the wheel,
  • the programmers of the system,
  • the manufacturer of the onboard sensory equipment of the vehicle,
  • the manufacturer of the car, or
  • all of the above.

For different jurisdictions, under certain circumstances, the general inclination is to assign strict liability if the damage is produced by emerging technologies, such as, in this case, self-driving cars or drones and such technologies used in public spaces.

Related information

Defi or CeFi? A proper model for your financial service - choose the most suitable with our latest article

Learn more

2. Data Security, Ownership, and Privacy of Emerging Technology

We can benefit from decisions apprised by pertinent data revealing unexpected and hidden market trends and connections. However, data can be expensive to acquire, and it can also be compromised. Here are three examples where data and privacy are a concern:

  • Healthcare research. The tracking and identification of genes correlated to specific types of cancer can certainly improve treatments, right? It’s true on paper, but in reality, it’s a legal practice in many jurisdictions to amass and sell such personal data, enabling data brokers. So, participation in data markets is costly, poses a significant risk, and requires strict regulation.
  • FinTech. The data-based economy is also causing disruptive changes, as humans are being replaced by AI, such as bankers, by big data analytics. As a result, regulators struggle to provide guidelines in such areas, which could enable the technological innovation of the financial industry, as well as protect consumers from discrimination, bias, and cybersecurity since private, sensitive data can be compromised.
  • Transportation. Self-driving cars, for instance, need communication between the transport infrastructure and the cars, so manufacturers should take precautions that ensure the system is protected and can’t be overhauled by hackers trying to cause accidents. This also applies to traffic lights controlled by AI or such automated systems.

3. Issues With Using AI

With traditional risks and regulation of new technologies, AI is one of the biggest challenges. If you go back even three decades, you could imagine software being programmed, but presently, that has shifted to an AI environment blended with machine learning; it is now trained and not programmed.

AI is neither a singular technological development nor one technology. Rather, it is a bundle of various technologies, and the problem is that even AI developers often have a hard time fully understanding how these AI models make decisions.

AI technology is also difficult to relate to regulations. There is always the complication of requiring predictability and transparency in the regulatory process and regulatory systems and any nonprofessionals not understanding how AI works.

And the more certain types of AI advance, the more they turn into “black boxes,” leading to even the developer of the system not understanding how the AI is making decisions. In such circumstances, we question its security, foreseeability, accountability, and compliance.

There are cases where companies are using AI automated systems for selection and recruitment. These companies use hiring technology to analyze the voice and facial expressions of their job candidates for hiring managers.

Understanding the limitations of using AI, it is not a stretch to fear that this will recreate a societal bias. As a result, regulators have begun to tackle these legal conundrums, such as the Illinois Artificial Intelligence Video Interview Act, which aims to help job candidates understand how these hiring tools are operated.

icon mail icon mail


Thank you for Subscription!

How to Overcome Regulatory Challenges

The following is a set of principles that answers the question of “how to regulate” and “when to regulate.” These principles can also set a foundation in today’s world of rapid technological development and changes for rethinking regulations, as well as provide guidelines for overcoming challenges of regulatory technology.

Adapting Regulation

A traditional regulatory model can be time-consuming:

  • The regulators first need to conceptualize it by considering the new legislation or market developments.
  • Next, it may take months or even years to draft the rules and submit the first version for comment.
  • Lastly, after examining numerous comments, regulators transform the draft into a regulatory model.

There's also uncertainty about how consumers and businesses will react to the new regulations. Once the rules or regulatory model is in effect, they are rarely reconsidered.

Despite the issues, current models can be adaptive and innovative, as they tend to rely on trial and error as well as the co-design of standards and regulations. The feedback loops of adaptive regulation are also much shorter, which means regulators can assess policies against set standards and add input on revising regulations.

For feedback, unlike hard law requirements, including statutes and treaties, regulators can use various “soft-law” tools and instruments in the emerging technology governance process, such as:

  • crowdsourcing,
  • policy labs,
  • codes of conduct, and
  • regulatory sandboxes.

These tools can help make a technological change in business models while allowing regulators to direct an issue without restraining technological innovation.

Hard and soft law requirements

Singapore, for example, used adaptive regulation for self-driving vehicle testing because of the high population and limitations for expansion. In 2017, the country modified its road traffic law to accommodate autonomous vehicle technology.

To keep an agile regulatory model, the rules will stay in effect for up to five years, and the government can revise them sooner if necessary. It falls under the purview of the Land Transport Authority.

Regulatory Sandboxes

Regulatory sandboxes can be a safe space to test innovative services and products without complying with regulations. The approach is there to help regulators:

  • Understand new technologies better and collaborate with industry players to establish rules for managing services, products, and business models that stem from emerging technologies.
  • Lower the costs and regulatory barriers for testing disruptive, innovative technologies without negatively affecting consumers.

The five-year modified road traffic law on self-driving cars in Singapore, as mentioned in the previous section, is essentially a regulatory sandbox. The technology turns the entire city-state into a test zone.

In 2018, Japan presented a regulatory sandbox that domestic and foreign organizations and firms can use to experiment and demonstrate new technologies, including IoT (Internet of Things) and artificial intelligence in financial services, blockchain, transportation, and healthcare.

Additionally, these regulatory sandbox experiments were not limited to a geographical region, such as the National Strategic Special Zones of Japan, but could take place in virtual spaces as well. Sandboxes can assess new business, and afterward, the government can introduce deregulation measures.

Outcome-Based Regulation

Unlike input-based and traditional regulatory models perspectives, outcome-based and evidence-based regulations prescribe the achievement of measurable, desirable, and specific results.

It requires objectives or outcomes instead of depicting the way they should be achieved. So this model of regulation provides individuals, private companies and sectors, and businesses more freedom in choosing their specific way to comply with the law.

Outcome-based regulations can ensure positive results with the governance process, developing regulations or even guidelines that regulators are trying to encourage. The same goes for negative effects they want to prevent.

Consider the following examples. Out of the two, which one do you think is more helpful?

  • To fly a drone having more than xx kilowatts of power, you must have a license.
  • You cannot fly a drone anywhere in a controlled space or higher than 400 feet.

The first regulation focuses on the input and is prescriptive, which makes it not very helpful. But the second regulation, on the other hand, focuses on the effects that flying a drone may cause.

Now consider this formulation: “You can’t fly a vehicle in a way that can endanger human life.”

Out of the three examples, this regulation provides the best outcome while also addressing the effect or impact it can have, making it the best way of structuring regulations.

Converging and interconnecting are the real benefits of emerging technologies. For example, through IoT-enabled devices, secure data generated using blockchain or ML (machine learning) models can amplify the abilities of human bankers. Outcome-based regulation can provide the necessary space for innovation of such interconnections to occur.

CTO As A Service: Grow Your Business With CaaS

A proper solution

CTO As A Service: Grow Your Business With CaaS

Sometimes everything you need is a helicopter view on your business. Maybe CaaS could help?

Let's consider

Risk-Weighted Regulations

Speed-to-market developments or risk-weighted regulation can be vital for startup business models or businesses in general that are based on emerging technologies, as well as for making digital products and services more effective.

Through advanced analytics, such as artificial intelligence, data analysis can detect new trends and patterns, which is necessary for making products more safe, accurate, personalized, and effective. So the sooner effective and safe products arrive on the market, the better.

The airline travel precheck systems used in different countries can be a good source of inspiration for accelerating business models’ approval based on emerging technologies. These precheck risk-weighted rules and regulatory systems use data for certifying low-risk flyers, and it settles on them receiving a lower level of inspection and scrutiny.

A risk-weighted regulation and data-driven approach can extend to dynamic and regulatory approaches based on data flowing in real time between the regulators and the company. Multiple regulators, from the European Commission to the US Securities and Exchange Commission, have already initiated such data flows.

Analyzing and comparing the resulting data with expected outcomes or regulations can help decide if a firm is compliant. If not, the data systems can settle on action items for meeting the standard. In case of a serious violation and safety concerns, penalties or reprimands, such as removing the firm from the safe list, can be issued.

Collaborative regulation

Collaborative regulation, such as international coordination, self-regulation, and co-regulation, can be useful for various parties other than firms and regulators.

Agencies from across the globe can collaborate and foster innovation to protect consumers from any potential fraud and safety concerns. Private, self-regulatory organizations and standard-setting bodies have a key role as well in facilitating collaboration among regulators and innovators.

There are also signs of regulatory model convergence, such as Singapore having 16 signed agreements in 15 countries with different independent entities. The agreements exchange information with regulated businesses and multiple regulators of other nations, company guidance on the nations’ regulations they want to enter, and firm referrals seeking to enter the nation of a regulatory agency partner. These agreements can lead to standard guidelines and frameworks across different nations.

The APEC (Asia-Pacific Economic Cooperation) facilitates data flow and promotes trust among participants through CBPR (Cross-Border Privacy Rules). Even if the two governments don’t agree to recognize the privacy laws of the other formally, through cross-border data transmissions, personal data will continue to flow freely through regulatory regimes.

APEC alternatively relies on businesses to ensure data collecting, which is then sent overseas or domestically to third parties through the APEC privacy principle for consistent own data protection.

How to overcome challengenes of regulating emerging technologies

How Does RegTech Influence FinTech?

With the recent boom in the FinTech markets, it is no surprise how fast developers, investors, and FinTech companies are driving this sector forward. But FinTech is also tied to RegTech, namely the financial and legal issues and regulations of the territory. The following are some of the ways RegTech has influenced FinTech.

Major Legal Issues of FinTech

Whether you are a FinTech developer, investor, or company, regulations are unavoidable. With its rapid development, there are plenty of good points to get excited about, but it is also important to understand the main risks surrounding FinTech.

  • Risk 1: Data Protection and Privacy. A core element of FinTech regulation is customer protection. As such, agencies concerned about data privacy have the authority to sanction any company for not meeting customer data standards and proper risk assessments.
  • Risk 2: Money Laundering. Governments are aware that FinTech technology can be used to avoid duties. So every territory has its own AML (anti-money laundering) laws.
  • Risk 3: Cyberattacks. Network security issues are quite common among FinTech startups and traditional banks, as they are big targets for cybercriminals and hackers.

Regulatory Agencies' Frameworks for Businesses in FinTech

With FinTech, you won’t find strict, overriding bodies of its laws and regulations. Every major territory, depending on the locations of the parties, has specific laws that make the standard needed for it to be different.

The following is a brief rundown of some of the main territories’ regulatory framework bodies.

  • US FinTech Regulations: While the CSBS (Conference of State Bank Supervisors) has been in practice since 1902, its involvement recently has been to standardize some FinTech licensing. Now, the US is facing a unique problem, as in different states, the regulatory agencies’ compliance standards are different. The Vision 2020 by the CSBS initiated bringing unity to licensing in the US, resulting in major success, such as lowering the entry barrier for financial companies providing technological advancements.
  • UK FinTech Regulations: The FCA (Financial Conduct Authority) regulates all financial markets and services in the UK. It protects consumers, attempts to ensure fair competition among providers, and dissuades money laundering. The PSR (Payment Systems Regulator) is another regulation that is a way of making payments in the UK. It ensures fairness to consumers and promotes healthy competition. 
  • Western Europe FinTech Regulations: The GDPR (General Data Protection Regulation) is the European law surrounding data protection, security, and privacy, and it applies to all organizations and independent entities, including self-regulatory organizations, holding any personal data in Europe and not just for FinTech. The European Union Directives and Financial Action is a European Union agency that fights cybercrimes, including money laundering. Moreover, the European Union's Regulatory Fitness and Performance program conducts evaluations retrospectively to look for obsolete laws. There were also many DPAs created to diffuse data protection legislation.
  • Australia FinTech Regulations: The ASIC (Australian Securities and Investment Commission) is responsible for regulating financial services, authorized financial markets, and consumer credit, as well as monitoring and licensing businesses engaged in financial services. The AUSTRAC (Australian Transaction Reports and Analysis Centre) is a regulatory body for detecting, responding to, and preventing financial system criminal abuse. It includes industries such as digital currency exchanges, banking, and financial service providers.

FinTech Project Licensing Categories

Digital banking, trading, crypto, payment, lending, and insurance, are some of FinTech’s major areas. Here are specific examples of licensing categories for FinTech:

  • Banking License: As with FinTech companies, in banking licensing, the rules change from one place to another. While conservative banks are undergoing a digital transformation, the newer and smaller banks in operation or development are persuading customers with their digital nativeness.
  • Payment Systems: We mentioned the tech-based payment system and licensing in Europe and the UK; however, for the US, it falls under the CSBS. This means it is more complicated to expand the ability for customers to shop from home and make payments via smartphones but not without substantial rewards.
  • Stablecoin Licensing: With stablecoin being recognized as a currency or commodity, it also needs regulatory compliance for new FinTech. To regulate the commodities tied to crypto, the Stablecoin Trust Act was created.

If you want to implement the correct payment system or learn more about FinTech regulation for your business or organization's regulatory agencies, then consider Geniusee Financial Software Development Services.  

Useful FinTech guide

Find out everything you want to know about FinTech in one place

Check it out


If regulators and regulatory agencies are prepared to adapt, the technology development is definitely the key regulatory challenge they can embrace and overcome. But it requires cross-sector collaboration among major stakeholders and knowledge sharing.

By working with various stakeholders from the non-profit sector, academia, and the private sector, regulators can co-create a technological environment with security, privacy, and consumer safety, as well as innovative, affordable, and inclusive digital products and services.