2026 Agenda

About the session

In 2026, RegTech is entering a new era — one driven by a new, divergent RegRisks. Powered by AI and driven by the urgent need for smarter, faster, and more resilient approaches to compliance. The rise of Large Language Models (LLMs) and intelligent automation is opening new pathways for implementing regulatory reforms not just more efficiently — but more effectively and safely.

PJ Di Giammarino, Founder and CEO of RegRisk Legal Solutions, will offer a global perspective on the global framework to navigate a firm’s risks,  what is working, what’s missing and what could be dramatically improved if we fully embrace the potential of AI, standards, for RegRisk Control.

Regulatory Challenges

• Trading: Transparency, Digital Assets, Market data, algo testing
• Conduct risk: Consumer duty/ ESG; AML/CFT/Sanctions; Market abuse; Comms surveillance; accountability
• Risk and data collection: Basel III/ IV, FRTB, ESG; 2028/9 EU/US data dictionaries and reporting rewrites
• Technology risk management: Op Res, AI, Cyber, TPRM
• Compliance: Horizon scanning,  ECB SREP

New RegTech/SupTech drivers

• Premium – The RegTech Edge: Navigating your RegRisk Radar in 2026 here
• US Fed: AI, Fintechs, and Banks here
• HKMA: Financial Services in the Era of Generative AI here
• BIS Artificial Intelligence Supervisory Enhancer (AISE) here
• BoE: AI in the financial system here

About the session

As regulatory scrutiny intensifies, this panel will unpack the regulatory shift to data as capital and quality expectations emerging from Market Watches, Fines and new assessment frameworks such as the ECB’s updated SREP, BCBS 239.

Experts will explore global data strategies across the US (FDTA), EU (IReF, BIRD, JBRC), ESMA Transaction/Fund reporting, EIOPA Solvency II and UK Transforming Data Collection strategies —and what that means for data infrastructure, operational design, the Common Domain Model (CDM) and Digital Regulatory Reporting (DRR) strategies.

This session will offer forward-looking insights into how firms can leverage AI to build adaptable, high-quality data ecosystems that not only meet today’s regulatory demands but are also future-proofed for the evolving compliance landscape.

Regulatory Challenges

• EU data act overview here regulation here
• Bank of Italy – Connecting the dots of the international debate on the standardization and granularity of regulatory data  here
• ECB Integrated Reporting Framework here
• UK TDC data standards recommendations and BoE response here
• BCBS Progress in adopting 239 here
• EC common dictionary paper and conference here
• ESMA / US FDTA 5 year data plan here
• BIRD Logical Data Model release 6.1
• Data Point Model 2.0 (ISO 5116 )  here
• UK Transforming Data Collection here
• Basel 3.1 capital standards and Basel IV
• BoE CP16/22 here
• EBA 430C: feasibility report on the integrated reporting system here
• BoE CP4/23 Strong and Simple here PRA mansion house speech here
• IMF working paper on challenges faced by supervisors

New RegTech/SupTech drivers

• Analysis – The Billion-Dollar Reporting Divide here
• Report (FREE with registration) – Mastering MiFIR Divergence –  Build one runbook to bridge the transparency chasm here
• Premium – RegTech Edge: Digital Integrity Under Pressure here; The Global Data Race here; and From Capital to Code here
• Premium – The RegTech Edge: Flying in formation here; From Rulebook to Runbook here
• Analysis: Will UK’s dirty windows crew get the right support? here
• Analysis: EU and US data strategies here 
• Basel IV data modernization here
• Dear CEO regulatory reporting
• BaFin/ Bundesbank ‘reporting system for the future’ here
• Industry protocols for interpreting requirements (DRR)
• Common domain models to digitize the trade lifecycle (CDM here)

About the session

As the industry prepares for a staggered rewrite of transaction reporting from 2026-2029, this panel takes a forward-looking view on how hard-won lessons from new trade reporting regimes can leveraged to confront divergent reporting resets and architectural rethinks which affect 15 billion annual reports across the Channel. 

With Digital Regulatory Reporting (DRR) gaining momentum, panelists will explore how a ‘runbook’ architecture based on the Common Domain Model (CDM) enables firms to overcome long-standing challenges, including fragmented UK/EU requirements and legacy infrastructure.

Rather than seeing the new transaction reporting fields as a compliance burden, this session will reframe them as a catalyst for shifting from reactive remediation to proactive assurance. Can DRR unlock more accurate, consistent, and future-resilient transaction reporting?

Regulatory Challenges

• CFTC fines Citigroup and US Bank here
• FCA fines Sigma £1m here
• ESMA Call for Evidence on simplification of transaction reporting here
• EU Machine-readable and executable reporting Q4 Workshop
• ESMA ‘core market data & the quality mandate’ MiFIR here
• Central repositories (EU SAP, NCS) FCA DP23/2
• FCA wholesale trade data – Findings Report here
• EU/UK Consolidated Tape tender here
• Public/private collaboration, Open-source code Finos here
• Bank of England transforming data collection from the UK financial sector RegCast here and paper here
• European Commission supervisory data strategy here
• EU agenda to reduce reporting requirements by 25%

New RegTech/SupTech drivers

• Analysis – The Billion-Dollar Reporting Divide here
• Report (FREE with registration) – Mastering MiFIR Divergence –  Build one runbook to bridge the transparency chasm here
• Premium – The RegTech Edge: Flying in formation here; From Rulebook to Runbook here
• MiFID III and the architecture of trust here
• MiFID III Reset & the architectural rethink here
• Will UK’s dirty windows crew get the right support? here
• EMIR unplugged here 
• New reporting expectations here
• Analysis of EU/US 5-year data plans here

About the session

Financial crime and market surveillance remain the top regulatory risk vectors globally, and enforcement is intensifying. Regulators are no longer just reviewing suspicious activity reports; they’re feeding them into AI-driven data fabrics to benchmark which firms truly have control and which don’t.

The new standard is about proving that your AI-powered surveillance is not just effective but explainable, privacy-compliant, and aligned with data sovereignty rules. The big RegTech drivers are how well firms meet these AI governance standards and how they maintain record-keeping integrity under MiFID, risk under the EU AI Act, and data privacy under the UK Data Act, and similar frameworks.

In this session, we’ll cut through the complexity of LLMs and Lexicons and discuss how standardized business events, integrated controls, and transparent AI can move firms from reactive compliance to proactive, continuous proof that risk frameworks are working smoothly.

Regulatory Challenges

• CFTC fines UBS for trade surveillance &  SMBC, Santander, BNY Mellon for offline communications here
• FCA Market Watch 83: corporate finance market abuse risks  here
• FCA CP25/18 Non-Financial Misconduct here
• FCA Market watch 76 – flying and printing here
• Dear CEO letter for principal trading firms – Algo trading here
• FCA 05/22 Market Watch 69 – Observations on market abuse surveillance here
• SEC $80m hacking and trading scheme fine here
• Electronic communications surveillance fines summarised here
• FCA £13.6m fine of Citigroup for failed trade surveillance requirements here
• Economic Crime (Transparency and Enforcement) Act 2022 here
• Conduct, culture, AI and data policy

New RegTech/SupTech drivers

• Premium – RegTech Edge: Navigating the 2026 RegRadar here
• Analysis – EU Rules governing AI will put compliance obligations on facial recognition RegTech here
• Q323 analysis – Regulatory Surveillance: Which camp are you in? here
• Q323 analysis – RegTech Surveillance: breaking silos with digital models here 
• Q223 Analysis – Defining ‘Good Communications surveillance’ here
• TR  analysis – FCA seeks tech boost for market surveillance here
• analysis – Getting in Front of New 2023 Surveillance AI Controls here
• analysis – Market Watch 69 & Surveillance RegTech here

About the session

With SREP’s ICT risk framework, NIS2, Cloud guidelines, EU Data act, EU AI act, DORA and their global counterparts setting new technology and operational resilience standards, the financial sector is under mounting pressure to fortify every layer of its digital ecosystem – including an estimated 40,000 suppliers. The challenge isn’t just scale – it’s achieving clarity, coordination, and control across a sprawling, complex environment. Enter agentic AI.

This panel explores the overlaps and requirements of these new non-financial risk controls and how financial institutions are turning to next-gen AI technologies to make the impossible, possible. From mapping regulatory obligations to streamlining policy reviews and identifying supply chain risks, AI is pushing compliance from reactive to proactive, from fragmented to unified and comparable to common control models (e.g., Finos CCC).

As the regulatory spotlight shifts toward AI governance itself, panelists will examine how firms secure the “seaworthiness” of the financial sector amid accelerating digital risk?

Regulatory Challenges

• NIST Quantum Capabilities to NIST Cybersecurity Framework 2.0 here
• CFTC Withdrawal of Proposed OpRes rules here
• NIST Guidelines for API Protection for Cloud-Native Systems here 
  ECB Guide on outsourcing cloud services to cloud service providers here
• FIRE (Format for Incident Reporting Exchange): Final format here
• BoJ use of cloud in FS survey results here UK Containerization guidance here, BIS managing cloud risk here
• EC Digital Operational Resilience 01/24 standards hearing here rules here ESA DORA technical advice here
• UK  ICO Generative AI data protection and GenAI here and HMG framework here
• Netherlands AI masterplan here
• Singapore model AI governance framework for generative AI here
• FSI Insights on policy implementation No 53; Managing cloud risk 
• US AI 012/24 fact sheet here strategic plan here and Whitehouse blueprint for AI bill of rights here 
• EU Cyber resilience act here cybersecurity certification MRA here and background  here
• APRA operational risk management – CPS 230 here PRA PS6/21 OpRes here
• HMT Critical third parties here PRA DP3/22 CTP here / PRA SS2/21 Outsourcing and TPRM here
• US  Interagency Guidance on Third-Party Relationships: Risk Management here
• EU Artificial Intelligence Act leaked copies here and here original texts here and here
• UK National AI action plan here ICO guidance on AI and data  here
• EU  deforestation regulation here
• EU Corporate sustainability due diligence (CSDDD) here 

New RegTech/SupTech drivers

• Premium – The OpRes Crackdown Starts: AI Is the Only Defence here
• Premium – Cloud Control Begins: The EU Data Act’s First Step here
• Premium – Data access disrupted: the EU Data Act here
• Premium Newsletter – Proving control in the age of DORA here
• Premium Newsletter – Digitalizing the FS backbone here
• GFMA White Paper on Public Cloud Portability here 
• Legal assessment of draft EU AI act text here
• Analysis: Decoding DORA standards: what it means here
• Analysis: Accountability for GenAI here
• Forbes: New Financial Services Regs Will Require Comprehensive Action By Boards here
• Research report ‘Managing Digital Infrastructure Risk: a collaborative path to financial services safety’ here

About the session

The RegTech landscape is undergoing a fundamental reset. With MiCA, T+1 settlement, DORA, MiFIR reviews, and AI-specific regulations redefining compliance expectations, firms must shift from traditional readiness models to compliance by design—powered by intelligent, adaptive systems.

This panel will bring together industry leaders to identify the strategic priorities driving RegTech through 2026. What role will AI play in automating surveillance, gap detection, and regulatory change management? How can financial institutions align operational resilience, intelligent tooling, and supply chain oversight across global jurisdictions?

Framed by a spirit of collaboration between regulators, financial institutions, and technology providers, this session will distill the day’s key insights into a unified outlook – and deliver a blueprint for embracing the next era of digital compliance, where agility, intelligence, and trust converge.

Regulatory Challenges

• UK digital regulation here
• EU Parliament AI and digital tools in workplace management and evaluation here
• WEF Regulatory technology for the 21^st century here
• HKMA regulatory technology in AML here
• IOSCO innovation facilitators here
• BIS big techs vs banks here
• UK-Japan financial regulatory forum here
• EBA benefits, challenges and risks of RegTech in the EU here

New RegTech/SupTech drivers

• RegCast Season 4 episode 1: Regcast Radar 2024 here
• Analysis: Accountability for GenAI here
• Analysis: RegTech for clean controls here
• Analysis – The rise of digitally native compliance here
• Golden-source libraries of regulatory obligations (RegDelta)
• RegCast: Digitizing Compliance’s many dashboards here
• RegCast: TegTech from Horizon to controls here
• RegCast: Digital Compliance here

About the session

2025 rulemaking and enforcement ended any hope of the single roadmap envisioned in 2009 by G20 Financial regulatory reformers.

The budget clock is already ticking  and this could be the most fragmented and the most expensive RegRisk year yet. Global heat maps align on financial crime and resilience, then split on transparency, governance, and digital assets. At the same time, supervisors are sharpening prudential tools that rarely make headlines.

What does AI-enabled RegTech bring to the risk management party and how can financial institutions and their suppliers produce global control evidence that stands up to local scrutiny?

Regulatory Challenges

• Divergent 2025 rulebooks and enforcement priorities
• Shifting landscape of regulatory consequences
• RegRisk Control pillars: Foresight, Translation, Testing, Evidence, Trust
• RegTech Capabilities: lineage, explainability, real-time dashboards
• New operating models, legal services, consulting and tools

New RegTech/SupTech drivers

• Analysis – The RegTech 2026 Agenda:  Shift Right here
• Premium – Control you can prove here
• Premium – Smarter Data, Smarter Teams here
• The RegTech Edge: Navigating your RegRisk Radar in 2026 here