This Article focuses on the rise of Financial Technology, which revolutionized consumer financial service products, and challenged policymakers with regulating the rapidly evolving financial industry. In particular, it explores Regulatory Technology, also known as RegTech, which is the finance industry’s use of technology, especially information technology, in the context of regulatory monitoring, reporting and compliance. RegTech is designed to solve industry needs for a more effective and efficient way to automate corporate governance and compliance processes. Not only has FinTech proven to be a vital revenue source, especially in connection with lending or money transmission services, but it also helps entities cut costs, promotes good corporate practice in compliance management and enhances desired regulatory compliance outcomes. In particular, RegTech does this by enabling businesses to: automate ordinary compliance tasks, reduce operational risks associated with compliance obligations, enable compliance functions to make informed risk choices based on data provided insight, and create cost-effectives solutions to problems. Those solutions ensure that companies are up to date with the latest regulatory changes, minimize the likelihood of human error, and increase the overall governance process. Additionally, RegTech can prove valuable especially in identity management, risk management, and security, including from a corporate governance perspective, such as in cyber whistleblower or Bug Bounty programs.

Nevertheless, this article argues that RegTech is not a panacea for all corporate governance challenges. First, there are certain barriers to the adoption of RegTech. Second, RegTech alone cannot extirpate undesired and unethical business practices, or resolve ethical issues resulting from corporate culture. Moreover, technology can be used by businesses to evade regulations and frustrate regulators, a phenomenon referred to as anti-RegTech. Third, technology can hinder good judgment and human input in the governance and risk management decision processes, which operate based on opaque programmed reasoning that is often biased and reflects altered interpretations of the law. Fourth, given the high stakes, financial institutions must be careful when partnering with third party firms, and include regulators in the conversation before entering into such partnerships, especially given the increasing cyber risks. Lastly, many of the RegTech’s automation and efficiency gains have been offset by the costs of expanded regulatory requirements, such as the increasing number of information requests from regulators.