The regulatory changes and technological developments following the 2008 Global Financial Crisis are fundamentally changing the nature of financial markets, services, and institutions. At the juncture of these two phenomena lies regulatory technology or ‘RegTech’ – the use of technology, particularly information technology, in the context of regulatory monitoring, reporting, and compliance. RegTech to date has focused on the digitization of manual reporting and compliance processes, for example in the context of know-your-customer requirements. This offers tremendous cost savings to the financial services industry and regulators. However, the potential of RegTech is far greater – it could enable a close to real-time and proportionate regulatory regime that identifies and addresses risk while also facilitating more efficient regulatory compliance. We argue that the transformative nature of technology will only be captured by a new approach that sits at the nexus between data, digital identity, and regulation. The development of financial technology (‘FinTech’), rapid developments in emerging markets, and recent pro-active stance of regulators in developing regulatory sandboxes, represent a unique combination of events, which could facilitate the transition from one regulatory model to another.