An unprecedented demand for accurate information and action moved the industry toward RegTech where computing, big data, and social and mobile technologies could help achieve the demand. With the introduction and adoption of RegTech, regulatory changes were introduced in some countries. Enhanced regulatory changes to ease the barriers to market entry, data protection, and payment systems were also introduced to ensure a smooth transition into RegTech. However, regulatory changes fell short of comprehensiveness to address all the issues related to RegTech’s operation. This article is an attempt to devise a Privacy Model for RegTech so industries and regulators can protect the interests of various stakeholders. This model comprises four variables, and each variable consists of many items. The four variables are data protection, accountability, transparency, and organizational design. It is expected that the adoption of this Privacy Model will help industries and regulators embrace standards while being innovative in the development and use of RegTech.

Almeida, D., Shmarko, K., & Lomas, E. (2021). The ethics of facial recognition technologies, surveillance, and accountability in an age of artificial intelligence: a comparative analysis of US, EU, and UK regulatory frameworks. AI and Ethics, 2(3), 377–387. https://doi.org/10.1007/s43681-021-00077-w

Ara, A., Sharma, A., & Yadav, D. (2022). An efficient privacy-preserving user authentication scheme using image processing and blockchain technologies. Journal of Discrete Mathematical Sciences and Cryptography, 25(4), 1137–1155. https://doi.org/10.1080/09720529.2022.2075089

Alanazi, F., Alenezi, M. (2024). Driving the future: Leveraging digital transformation for sustainable transportation. Journal of Infrastructure, Policy and Development, 8(3), 3085. https://doi.org/10.24294/jipd.v8i3.3085

Arner, D.W., Barberis, J., Buckley, P.R. (2017). FinTech, RegTech, and the Reconceptualization of Financial Regulation. Northwestern Journal of International Law and Business, 37, 371-413.

Barefoot, J.A. (2020). Digitalizing Financial Regulation: RegTech as a Solution for Regulatory Inefficiency and Ineffectiveness. Available online: https://www.hks.harvard.edu/centers/mrcbg/publications/awp/awp150 (accessed on 5 December 2023).

Beauchamp, T.L. (2001). Childress JF Principles of biomedical ethics, 7th ed. Oxford University Press.

Bertino, E., Kundu, A., & Sura, Z. (2019). Data Transparency with Blockchain and AI Ethics. Journal of Data and Information Quality, 11(4), 1–8. https://doi.org/10.1145/3312750

Bivins, T. H. (2006). Responsibility and Accountability. Ethics in Public Relations: Responsible Advocacy, 19–38. https://doi.org/10.4135/9781452204208.n2

Bolton, M., & Mintrom, M. (2023). RegTech and creating public value: opportunities and challenges. Policy Design and Practice, 6(3), 266–282. https://doi.org/10.1080/25741292.2023.2213059

Bovens, M. (2010). Two Concepts of Accountability: Accountability as a Virtue and as a Mechanism. West European Politics, 33(5), 946–967. https://doi.org/10.1080/01402382.2010.486119

Brand, V. (2020). Corporate Whistleblowing, Smart Regulation and Regtech: The Coming of the Whistlebot? SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3698446

Bridges, R. (On the Application Of) v South Wales Police. (2020). EWCA Civ 1058. Available online: https://www. bailii.org/ew/cases/EWCA/Civ/2020/1058.Html (accessed on 5 December 2023).

Burnes, B. (1996). Managing change. In: A strategic approach to organizational dynamics, 2nd ed. Pitman Publishing.

Burrell, J. (2016). How the machine ‘thinks’: Understanding opacity in machine learning algorithms. Big Data & Society, 3(1), 205395171562251. https://doi.org/10.1177/2053951715622512

Carnell, R.S., Macey, J.R., Miller, G.P., Conti-Brown, P. (2021). The Law of Financial Institutions, 7th ed. Aspen.

Cavoukian, A. (2006). Privacy by design: The 7 foundational principles. Available online: /iapp.org/media/pdf/resource_center/pbd_implement_7found_principles.pdf (accessed on 5 December 2023).

Clarke, R. (2020). RegTech Opportunities in the Platform-Based Business Sector.

d’Alessandro, B., O’Neil, C., & LaGatta, T. (2017). Conscientious Classification: A Data Scientist’s Guide to Discrimination-Aware Classification. Big Data, 5(2), 120–134. https://doi.org/10.1089/big.2016.0048

European Commission. (2016). Open innovation, open science, open to the World. Brussels, Belgium: European Union Publication. Available online: http://bookshop.europa.eu/en/open-innovationopen-science-open-to-the-world-pbKI0416263/ (accessed on 5 December 2023).

Eva, M., Anna Rose, W. (2019). Regulatory technology: Replacing law with computer code. European Business Organization Law Review. pp. 1-29.

Fagan, F. (2016). Big Data Legal Scholarship: Toward a Research Program and Practitioner’s Guide. Virginia Journal of Law & Technology, 20(1): 1-81.

Felzmann, H., Villaronga, E. F., Lutz, C., et al. (2019a). Transparency you can trust: Transparency requirements for artificial intelligence between legal norms and contextual concerns. Big Data & Society, 6(1), 205395171986054. https://doi.org/10.1177/2053951719860542

Felzmann, H., Fosch-Villaronga, E., Lutz, C., et al. (2019b). Robots and Transparency: The Multiple Dimensions of Transparency in the Context of Robot Technologies. IEEE Robotics & Automation Magazine, 26(2), 71–78. https://doi.org/10.1109/mra.2019.2904644

Felzmann, H., Fosch-Villaronga, E., Lutz, C., et al. (2020). Towards Transparency by Design for Artificial Intelligence. Science and Engineering Ethics, 26(6), 3333–3361. https://doi.org/10.1007/s11948-020-00276-4

Frauenberger, C., Rauhala, M., & Fitzpatrick, G. (2016). In-action ethics: Interact Computing System. Available online: 10.1093/iwc/iww024 (accessed on 5 December 2023).

Froomkin, A.M. (1995). Reinventing the Government Corporation. University of Illinois Law Review.

Google Spain decision of the Court of Justice of EU. (2014). Available online: https://curia.europa.eu/jcms/upload/docs/application/pdf/2014-05/cp140070en.pdf (accessed on 5 December 2023).

Howard, A., & Borenstein, J. (2018). The Ugly Truth About Ourselves and Our Robot Creations: The Problem of Bias and Social Inequity. Science and Engineering Ethics, 24(5), 1521–1536. https://doi.org/10.1007/s11948-017-9975-2

Haraway, D. (1988). Situated Knowledges: The Science Question in Feminism and the Privilege of Partial Perspective. Feminist Studies, 14(3), 575. https://doi.org/10.2307/3178066

Harding, S. (1992). After the neutrality ideal: science, politics, and strong objectivity. Soc Res, 59, 67-587.

IMY. (2019). Supervision pursuant to the General Data Protection Regulation (EU) 2016/679—facial recognition used to monitor the attendance of students. Stockholm.

IMY. (2021). Police unlawfully used facial recognition app. Available online: https://www.imy.se/nyheter/police-unlawfully-used-facialrecognition-app/ (accessed on 5 December 2023).

Israel, M. (2018). Ethical Imperialism? Exporting Research Ethics to the Global South. The SAGE Handbook of Qualitative Research Ethics, 89–100. https://doi.org/10.4135/9781526435446.n6

Jabotinsky, Y.H., Jabotinsky, Y.H. (2017). The Federal Structure of Financial Supervision: A Story of Information-Flow. Stanford Journal of Law, Business & Finance, 22(1), 52-92.

Kazim, E., & Koshiyama, A. (2019). Data Ethics Principles: A Comment on the House of Lords Report ‘Regulating in a Digital World.’ SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3581754

Kamiran, F., Žliobaite, I. (2013). Explainable and Non-explainable Discrimination in Classification. Springer.

Khan, A., Hassan, M. K., Paltrinieri, A., et al. (2020). A bibliometric review of takaful literature. International Review of Economics & Finance, 69, 389–405. https://doi.org/10.1016/j.iref.2020.05.013

Kleinberg, J., Ludwig, J., Mullainathan, S., et al. (2018). Discrimination in the Age of Algorithms. Journal of Legal Analysis, 10, 113–174. https://doi.org/10.1093/jla/laz001

Konina, A. (2020). Regulating Regtech: The Benefits of a Globalized Approach. Lex Electronica. Available online: https://ssrn.com/abstract=3914215 (accessed on 5 December 2023).

Levitin, A. J. (2013). The Consumer Financial Protection Bureau: An Introduction. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.2199678

Leonelli, S. (2016). Locating ethics in data science: responsibility and accountability in global and distributed knowledge production systems. Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences, 374(2083), 20160122. https://doi.org/10.1098/rsta.2016.0122

Lmeida, D., Shmarko, K., Lomas, E. (2022). The Ethics of Facial Recognition Technologies, Surveillance and Accountability in an Age of Artificial Intelligence: A Comparative Analysis of USA, EU and UK Regulatory Frameworks. AI and Ethics, 2, 377–387.

Loiacono, G., & Rulli, E. (2022). ResTech: innovative technologies for crisis resolution. Journal of Banking Regulation, 23(3), 227–243. https://doi.org/10.1057/s41261-021-00154-4

Loosman, I., & Nickel, P. J. (2022). Towards a Design Toolkit of Informed Consent Models Across Fields: A Systematic Review. Science and Engineering Ethics, 28(5). https://doi.org/10.1007/s11948-022-00398-x

Maglaras, L., Almomani, I. (2023). Digitization of healthcare sector: A study on privacy and security concerns. Korean Institute of Communications Information Sciences.

Masciandaro, D., & Romelli, D. (2016). Banking Supervision and External Auditors: What Works Best? SSRN Electronic Journal. https://doi.org/10.2139/ssrn.2895999

Mehrabi, N., Morstatter, F., Saxena, N., et al. (2022). A Survey on Bias and Fairness in Machine Learning. ACM Computing Surveys, 54(6), 1–35. https://doi.org/10.1145/3457607

Meijer, A. (2014). Transparency. In: Bovens, M., Goodin, R.E., Schillemans, T. (editors). The Oxford handbook of public accountability. Oxford University Press.

Moher, D., Liberati, A., Tetzlaff, J., Altman, D.G. (2009). Preferred reporting items for systematic reviews and meta-analyses: The PRISMA statement. BMJ, 339(7716), 332–336. https://doi.org/10.1136/bmj.b2535

Mintzberg, H. (1979). The structuring of organizations. Prentice-Hall.

Monge, P.R. (1993). (Re)designing dynamic organizations. in: Huber GP, Glick WH. eds. Organizational change and redesign; Ideas and insights for improving performance. Oxford University Press. pp. 323-345.

Mustard, D. B. (2003). Reexamining Criminal Behavior: The Importance of Omitted Variable Bias. Review of Economics and Statistics, 85(1), 205–211. https://doi.org/10.1162/rest.2003.85.1.205

Nystrom, P.C., Starbuck, W.H. (1981). Handbook of organizational design. In: Adapting organizations to their environments. Oxford University Press.

Oswald, M., Grace, J., Urwin, S., et al. (2018). Algorithmic risk assessment policing models: lessons from the Durham HART model and ‘Experimental’ proportionality. Information & Communications Technology Law, 27(2), 223–250. https://doi.org/10.1080/13600834.2018.1458455

Packin, G.N. (2018). RegTech, compliance and Technology Judgement Rule. Chicago-Kent Law Review, 93(1), 193-218.

Remus, D., Levy, F.S. (2017). Can Robots be Lawyers? Computers, Lawyers and the Practice of Law. Georgetown Journal of Legal Ethics, 30(3), 501–511.

Rittel, H. (1972). On the planning crisis; Systems analysis of the first and second generation. Bedrifts Okonomen, 8, 309-396.

Sanders, J. (2017). Break from Tradition: Questioning the Primacy of Self-Regulation in American Securities Law. Michigan Business & Entrepreneurial Law Review, 7.1, 93. https://doi.org/10.36639/mbelr.7.1.break

Sarabdeen, J. (2022). Protection of the rights of the individual when using facial recognition technology. Heliyon, 8(3), e09086. https://doi.org/10.1016/j.heliyon.2022.e09086

Schein, E. (1987). Organizational culture and leadership. Jossey-Bass.

Schön, D.A. (1987). Educating the reflective practitioner; Toward a new design for teaching and learning in the professions. Jossey-Bass Publishers.

Siering, M. (2022). Explainability and fairness of RegTech for regulatory enforcement: Automated monitoring of consumer complaints. Decision Support Systems, 158, 113782. https://doi.org/10.1016/j.dss.2022.113782

The EU General Data Protection Regulation (GDPR). (2018). Available online: https://eugdpr.org/ (accessed on 5 December 2023).

Thompson, J.D. (1967). Organizations in action. McGraw.

Triandis, H.C. (1966). Notes on the design of organizations. In: Approaches to organizational design. University of Pittsburg Press.

Tschorsch, F., & Scheuermann, B. (2016). Bitcoin and Beyond: A Technical Survey on Decentralized Digital Currencies. IEEE Communications Surveys & Tutorials, 18(3), 2084–2123. https://doi.org/10.1109/comst.2016.2535718

Visscher, K. (2006). Capturing the competence of management consulting work. Journal of Workplace Learning, 18(4), 248–260. https://doi.org/10.1108/13665620610665845

Visscher, K., Fisscher, O.A.M. (2012). Towards a new generation of organizational design. University of Twente, Enschede.

Wachter, S., Mittelstadt, B. (2019). A right to reasonable inferences: Re-thinking data protection law in the age of big data and AI. Columbia Business Law Review, 7(2), 494–620.

Wachter, S., Mittelstadt, B., & Floridi, L. (2017). Why a Right to Explanation of Automated Decision-Making Does Not Exist in the General Data Protection Regulation. International Data Privacy Law, 7(2), 76–99. https://doi.org/10.1093/idpl/ipx005

Wagner, B. (2020). Accountability by design in technology research. Computer Law & Security Review, 37, 105398. https://doi.org/10.1016/j.clsr.2020.105398

Wang, X.L. (2024). Managing third party accountability in human services contracting: Contract accountability in human services. Journal of Infrastructure, Policy and Development, 8(2), 2622. https://doi.org/10.24294/jipd.v8i2.2622

Waye, V.C. (2019). Regtech: A New Frontier in Legal Scholarship. Adelaide Law Review, 40(1), 363–386.

Weick, K.E. (1993). Organizational redesign as improvisation. In: Organizational change and redesign; Ideas and insights for improving performance. Oxford University Press.

Wieringa, M. (2020). What to account for when accounting for algorithms. A systematic literature review on algorithmic accountability. In: Proceedings of the 2020 conference on fairness, accountability, and transparency.

Yang, Y.P.A, Tsang, C.Y. (2019). RegTech and the New Era of Financial Regulators: Envisaging More Public-Private Partnership Models of Financial Regulators. University of Pennsylvania Journal of Business Law, 21(2), 1-51.

Zarsky, T.Z. (2013). Transparent predictions. University of Illinois Law Review, 4, 1503–1570.

Zerilli, J., Knott, A., Maclaurin, J., et al. (2019). Transparency in Algorithmic and Human Decision-Making: Is There a Double Standard? Philosophy & Technology, 32(4), 661–683. https://doi.org/10.1007/s13347-018-0330-6

Zetzsche, D. A., Arner, D. W., Buckley, R. P., et al. (2019). The Future of Data-Driven Finance and RegTech: Lessons from EU Big Bang II. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3359399