The Systemic Risks of Light-Touch Regulation in AI and Fintech Governance

Hillah Greenberg, Jul 12, 2026
feature-top

Digital sandboxes are testing grounds for technology innovation, where researchers experiment with their technology using General Data Protection Regulation (GDPR) compliant datasets in controlled settings. This variety of sandboxes provides firms with secure technical environments to access datasets and tools under controlled experimentation [1]. In an AI context, digital sandboxes accelerate AI model innovation and deployment by providing firms with safe infrastructure to experiment with their technology before scaling their models to market [2]. Digital sandboxes—a policy framework—are distinct from regulatory sandboxes. They are controlled environments under regulator supervision where developers can apply for waivers from legal or regulatory requirements to engage in innovation [3].

 

Regulatory sandboxes were introduced with financial technology (fintech) in mind and now extend to both AI and fintech as an AI use case. A regulatory sandbox is a crucial tool that would provide agencies with a controlled environment for regulators to test and observe how AI interacts with existing or proposed rules. Based on these interactions, regulators can develop “proportionate, well-calibrated rules” [4]. Under a regulatory sandbox, firms can live-test products, services, and business models without immediately incurring full regulatory licensing requirements [5]. Light-touch regulation is a hands-off deregulatory approach. First seen in internet regulation, it is now well-known in internet policy circles. It is also the animating logic behind S.2750, known as the Strengthening Artificial intelligence Normalization and Diffusion By Oversight and eXperimentation Act (SANDBOX Act), and H.R.4801, or the Unleashing AI Innovation in Financial Services Act (AI FSA) [6]. While not yet passed, these bills together represent a significant legislative push towards minimally constrained AI innovation.

 

This article demonstrates how light-touch regulatory models fall short in mitigating potential risks, and that the SANDBOX Act and AI FSA repeat the structural failures of early internet policy by treating AI as a software service rather than as a complex, layered technology with systemic implications. Specifically, light-touch regulatory sandboxes, as embodied in the SANDBOX Act and AI FSA, repeat the structural failures of early internet policy and should be replaced with regulatory airports. Regulatory airports are frameworks that mandate compliance from the outset, treat AI’s complexity across its communication, logic, and application layers, and ensure that innovation does not come at the expense of irreversible societal harm.

 

To make this case, this article proceeds in three steps. First, it contextualizes the parallels between early internet policy and current AI deregulatory rhetoric to demonstrate the inappropriateness of light-touch regulation for AI. Second, it shows how the SANDBOX Act and AI FSA fall short for precisely these reasons, with particular attention to the mechanisms by which waivers enable irreversible harm. Finally, it proposes regulatory airports as a structurally superior alternative that resolves the hidden costs of light-touch regulation while remaining consistent with the current administration’s priority of AI innovation.

 

A Light-Touch Deregulatory Posture

On September 10, 2025, Senator Ted Cruz (R-TX) released a legislative framework for American Leadership in AI, which identifies AI’s transformative potential and compares it to that of the internet for its capacity to “[unleash] a new global industrial revolution that could improve our quality of life, create jobs, and stimulate economic growth” [7]. The narrative of success surrounding internet deregulation is often cited as a justification for deregulatory policies adopted in adjacent areas, serving as an authoritative precedent that enables positive law resulting from a deregulatory posture to be created [8]. However, this justification relies on misunderstanding and misappropriating history for modern policy ends [9].

 

 Cruz frames AI policymaking options as a choice between embracing technological entrepreneurship and innovation or “[adopting] the command-and-control regulatory policies of Europe,” ultimately urging policymakers to “adopt a light-touch regulatory approach” [10]. This framing is flawed because it conflates the appropriateness of a single light-touch framework for AI with the framework historically applied to the internet [11]. In internet policy, light-touch regulations originated from Congress’s desire to maintain competitiveness among internet access providers in the early computer network market [12]. Policymakers adopted a deregulatory approach that created policies and rhetoric applying to the services accessed through networks rather than the networks themselves, regulating the services lightly while the networks remained under outdated, rigid rules [13]. The lack of foresight concerning the distinction between the physical network and the internet services rendered on it resulted in policies that were implicitly limited in scope.

 

AI is not an internet service. It is a general-purpose technology that, like network infrastructure, operates beneath and across every sector of the economy. Cruz’s comparison conflates the two in precisely the same way early internet policymakers did: by treating the technology as a “service subject to light-touch rules,” rather than as foundational infrastructure requiring layered governance. AI operates simultaneously across a communication layer (data transmission and collection), a logic layer (algorithmic decision-making), and an application layer (consumer-facing products and services) [14]. A regulatory framework sensitive only to the application layer, as sandboxes are, leaves the logic and communication layers—where the most systemic risks reside—effectively ungoverned [15]. The SANDBOX Act risks repeating this key structural error of early internet policy.

 

Examining a hypothetical AI credit-scoring tool granted a waiver from the Equal Credit Opportunity Act (ECOA) compliance under the SANDBOX Act’s framework can demonstrate this error’s consequences. Operating under real datasets but insulated from the legal liability that would normally constrain it, the tool would encode and amplify racial bias in underwriting decisions. Since the sandbox would insulate the firm from regulatory consequences, the bias would accumulate undetected across thousands of applicants before the waiver period ended, at which point the damage would be irreversible. No amount of annual reporting to Congress undoes denied mortgages or damaged credit histories. This is the trickle-down mechanism at the heart of light-touch AI regulation: negative externalities that may appear tolerable or even conducive to innovation generate compounding, irreversible harm to individuals at the macro level justified by an interest in competition [16]. Much like in internet applications, the risk inherent to maintaining light-touch regulation for AI is that policies informed by regulatory sandboxes may result in a deregulatory posture that governs only the visible surface of AI: its consumer-facing applications. The logic and communication layers beneath the surface accumulate systemic harm unchecked, harm that no subsequent legislative correction can fully remediate.

 

How the Legislation Fits In yet Falls Short

Cruz’s legislative framework includes five pillars: unleash American innovation and long-term growth, protect free speech in the age of AI, prevent a patchwork of burdensome AI regulation, stop nefarious uses of AI against Americans, and defend human value and dignity [17]. Cruz’s first and second pillars are consistent with President Trump’s July 23, 2025, Executive Orders 14318 and 14319, titled “Accelerating Federal Permitting of Data Center Infrastructure” and “Preventing Woke AI in the Federal Government” [18, 19, 20]. All five pillars echo President Trump’s January 23, 2025, executive order “Removing Barriers to American Leadership in AI” and his recommendations in the AI Action Plan [21, 22].

 

The SANDBOX Act operationalizes Cruz’s five pillars by proposing a solution in which the White House Office of Science and Technology Policy (OSTP) establishes an AI regulatory sandbox, implements a “robust review and oversight process,” and “offer[s] Congress a sound basis for fine-tuning AI regulation.” [23, 24]. The bill identifies a federal regulatory sandbox as a means of enabling AI development through flexible regulations to allow entrepreneurial innovation while “bounded by safety and accountability guardrails” [25]. The AI FSA, on the other hand, acts as a sector-specific use case in financial services, a highly regulated industry. Together, the two bills are intended to help maintain American AI leadership against global competitors like China.

 

The SANDBOX Act enables AI developers to apply for waivers or call for the modification of federal regulations to experiment with or temporarily offer AI products and services “without being subject to overly prescriptive enforcement of [the] rules” [26]. Specifically, the bill establishes an AI regulatory sandbox through the OSTP, requires a robust review and oversight process, and offers Congress a basis for fine-tuning AI regulation. AI users and developers can “identify obstructive regulations and request a waiver or modification, which applicable federal agencies, in coordination with OSTP, may grant for two-year periods (for a maximum of 10 years total) for the purposes of developing or deploying a product, service, or development method” [27]. Applicable agencies are sector-specific regulators, which include the Federal Trade Commission, the Department of Transportation, the Food and Drug Administration, and others.

 

The oversight process involves the review of waiver applications by federal agencies under the purview of the OSTP, which oversees existing regulations. Firms are required to make regular disclosures, and agencies send an annual report to Congress detailing how often particular rules are waived or modified. Lawmakers can then make successful waivers and modifications permanent. It is unclear what constitutes a successful waiver or modification, who or what purposes the success serves, and what justifies modifying a rule. Review includes input from technical experts and the private sector [28]. If an agency denies a waiver, it must provide a detailed record explaining the potential for harm [29]. Following approval, firms undergo continuous monitoring through incident reporting, periodic incident reports, and record retention [30, 31].

 

These safeguards, however, contain a critical structural flaw: they rely on firms themselves to generate the policymaking insights on which regulatory reform will be based. Firms operating under waivers have every incentive to design sandbox experiments that produce favorable results to demonstrate that the waived regulation was unnecessary while minimizing evidence of harm. While these firms use real datasets, the resulting outcomes are insulated from the regulatory consequences and legal liabilities that would typically constrain their behavior [32, 33]. These skewed experiments can give policymakers the impression that a particular policy may be viable when, in reality, the sandbox cannot fully replicate the systemic risks AI poses to labor markets, consumer privacy, and civil rights. Policy deliberation should not be separated from the contingencies a policy may produce, and trusting regulated firms to surface these contingencies is a structurally compromised approach.

 

The AI FSA Act compounds this problem with a more acute accountability gap. Most critically, the bill requires a court order to rescind waivers, even when they pose an “immediate danger” [34]. This process will almost certainly be too slow to prevent irreversible harm. Returning to the credit-scoring example, if an AI underwriting tool operating under an AI FSA waiver is found to amplify racial bias, the process of obtaining a court order to rescind the waiver would take months. During this time, the tool would continue to operate, denying more applications and compounding the harm it caused. The waiver’s automatic approval mechanism, triggered by administrative delay, allows dangerous financial tools to reach the market through bureaucratic inaction [35]. Furthermore, while “regulatory sandboxes may play a vital role in increasing the influx of venture capital into the fintech venture ecosystem by removing regulatory uncertainty,” this benefit does not justify a framework that creates profound accountability gaps in sectors where AI errors translate directly into financial exclusion and market instability [36].

 

Together, the SANDBOX Act and AI FSA constitute a potentially dangerous shift in federal policy that prioritizes innovation through expansive regulatory exemptions. If these bills pass, they will fundamentally undermine the current or any subsequent administration’s ability to police algorithmic bias, protect worker welfare, and prevent irreversible economic harm caused by opaque AI systems [37]. What is needed is a framework that requires compliance from the outset rather than granting immunity and waiting for harm to materialize—one that treats AI as the layered systematic technology it is rather than as a software application subject to temporary waivers.

 

Regulatory Airports as a Solution

Regulatory airports are the structural alternative that sandboxes fail to provide. Unlike sandboxes, where temporary waivers are granted to firms to shield them from compliance and what happens thereafter is observed, regulatory airports require firms to adhere to data protection and security frameworks, operational requirements, and consumer protection laws from the outset of market participation [38]. Where sandboxes ask, “What happens if we suspend the rules?” airports ask, “How do we innovate within them?” This distinction maps directly onto the layered governance problem identified earlier: airports, by requiring compliance across communication, logic, and application layers, prevent the logic layer—where algorithmic bias, data surveillance, and labor displacement occur—from being left ungoverned while the application layer flourishes.

 

Critically, a “substantive nexus of mind and management” is required under the airport model: firms must have operational presence and decision-making accountability within the regulated jurisdiction [39]. This requirement directly prevents the accountability evasion that sandbox waivers enable by ensuring that the entities responsible for AI systems are subject to the full weight of the regulatory environment in which those systems operate. Transitioning to this model is highly feasible, as it is already operational in several of the world’s most successful fintech hubs, including New York, Singapore, Paris, the United Arab Emirates, and Bermuda [40]. These jurisdictions function as “financial technology entrepôts,” where real-market innovations intersect with innovation-forward regulations [41]. Bermuda’s global insurance hub, for example, leverages its regulatory depth as a competitive advantage. Instead of consigning startups like Ensuro to an inconclusive sandbox trial, Bermuda allows them to operate under stringent standards that provide global credibility and counterparty trust [42]. Similarly, regulators in the UAE are moving away from mitigating risky activities. Instead, they require exchanges to pre-clear and disclose risks, allowing for “informed risk” in a stable environment [43].

 

This airport model is preferable to light-touch sandboxes because it ensures market integration through two specific mechanisms. First, airports facilitate banking partnerships that localize capital within the regulated system, enhancing consumer and market protections. Second, they provide commercial passporting: setting conditions for an extended regulatory stay that allows responsible innovation to scale across broader markets with a “regulatory imprimatur” [44, 45]. With this point in mind, regulatory airports should be implemented in place of regulatory sandboxes for their ability to avoid the hidden costs of a light-touch regulatory approach [46]. Together, these mechanisms replace the regulatory uncertainty of sandbox waivers with regulatory depth by providing the clarity needed to foster innovation that is safe, scalable, and integrated into the global economy [47, 48].

 

This model is also politically feasible. It offers a middle ground that satisfies the push for American AI leadership by providing a structured environment for global investors, while simultaneously addressing the concerns of civil rights and labor groups by not granting the decade-long immunities and narrow definitions of harm found in the SANDBOX Act [49, 50, 51].

 

The transition from regulatory sandboxes to regulatory airports is not without its challenges. Maintaining airport models is a resource-intensive endeavor that requires extensive staffing to monitor results and assess complex AI applications, and it risks becoming a “regulatory resource tax” without adequate funding [52, 53]. More importantly, because airports require stringent regulatory compliance from the start, the high bar for entry may inadvertently favor large incumbents or Big Tech firms over under-resourced startups, potentially distorting the market signals that drive innovation [54, 55]. This incumbent-favoritism risk is real and should not be minimized. However, it is addressable through structural design choices that sandboxes do not offer: tiered compliance requirements scaled to firm size, subsidized entry pathways for startups, and phased implementation schedules that allow smaller firms to build compliance capacity over time. The airport model’s framework at least creates the conditions for these mitigations to be built in. In contrast, the sandbox model insulates firms from compliance regardless of size and offers no leverage point for such calibration. Finally, while the airport model emphasizes disclosure, there remains a risk of “informed recourse” gaps, in which vulnerable consumers lacking in financial literacy may still be exposed to predatory behavior if they do not fully comprehend the complexities of the tools they use [56]. This risk necessitates continued attention toward implementation design.

 

While empirical research specifically on regulatory airports is still emerging compared to the decade-long track record of fintech sandboxes, this model appears fundamentally more conducive to responsible innovation because it replaces temporary, isolated experiments with market-integrated standards [57]. Unlike regulatory sandboxes, which often “conflate too many aims” and risk burying good ideas or creating technological obsolescence, the airport model focuses on regulatory legitimacy as a competitive advantage [58]. Current scholarship is already shifting away from viewing these tools as mere “innovation incubators” and toward analyzing them as learning-centric mechanisms that help policymakers close “legal lags” by observing real-world operational dynamics [59]. Significant research is still needed to determine whether the high resource requirements of maintaining an airport can be scaled across diverse AI applications and whether airports truly prevent the market distortions seen in sandbox regimes [60, 61, 62]. Most importantly, the structural logic behind airports is sound, and the existing international examples provide viable proofs of concept.

 

Conclusion

The SANDBOX Act and AI FSA represent a coherent legislative vision of accelerating American AI leadership by giving developers room to experiment and letting the data that experimentation yields guide future regulation. This instinct is not unreasonable, but the framework through which it is pursued repeats an error that American policymakers have made before. Early internet policy treated network services as the relevant unit of regulation and left the foundational infrastructure beneath them undergoverned. The result was a deregulatory posture that applied to the roads rather than the destinations, enabling innovation at the application layer while allowing systemic harm to accumulate elsewhere. The SANDBOX Act risks the same outcome by treating AI as a software service subject to temporary waivers and leaving the logic and communication layers effectively ungoverned.

 

Regulatory airports resolve this issue by treating AI as the layered, systemic technology that it is. By requiring compliance across all layers from the outset, mandating operational accountability, and enabling commercial passporting that scales responsible innovation across broader markets, airports replace regulatory uncertainty with regulatory depth. The approach avoids the historical pitfalls of internet policy, where a light-touch deregulatory posture inadvertently and inappropriately resulted in policy that applied only to services, leaving foundational network infrastructure undergoverned. Airports do not force a choice in the false dichotomy between innovation and accountability because they make accountability a condition of innovation. While transitioning to this model will require significant resources, careful design to prevent incumbent favoritism, and continued empirical study, current international examples demonstrate its efficacy. The race for American AI leadership should not be a race toward diminished safeguards. Only by rejecting the inherent fragility of light-touch regulation and embracing a layered, market-integrated framework can the United States ensure that its AI leadership is efficient and durable.


Sources

Image: Martin Falbisoner, “Capitol at Dusk,” Wikimedia Commons, September 3, 2013, https://commons.wikimedia.org/wiki/File:Capitol_at_Dusk.JPG.
[1] “Regulatory Sandbox vs. Digital Sandbox for AI: What’s the Difference?” KnowledgeBase, July 31, 2025, https://nayaone.com/knowledgebase/regulatory-vs-digital-sandbox-for-ai-you-need-to-know/.
[2] “Digital Sandbox,” Financial Conduct Authority, April 28, 2020, https://www.fca.org.uk/firms/innovation/digital-sandbox.
[3] “What’s the Difference?”
[4] Ryan Nabil, “Why the United States Needs Better-Designed AI Sandboxes,” National Taxpayers Union Foundation, October 15, 2025, https://www.ntu.org/library/doclib/2025/10/Rethinking-the-SANDBOX-Act-Why-the-United-States-Needs-Better-Designed-AI-Sandboxes-1.pdf.
[5] “What’s the Difference?”
[6] John Blevins, “The Use and Abuse of ‘Light-Touch’ Internet Regulation,” Boston University Law Review 98 (2019), 177–232, http://dx.doi.org/10.2139/ssrn.3168055.
[7] “A Legislative Framework for American Leadership in AI,” U.S. Senate Committee on Commerce, Science, and Transportation, n.d., https://www.commerce.senate.gov/services/files/50958F76-A64C-418A-8FCA-650D9DE2602B.
[8] Blevins, “‘Light-Touch’ Internet Regulation,” 180–181, 191–192.
[9] Blevins, “‘Light-Touch’ Internet Regulation,” 180–181, 194–197.
[10] “American Leadership in AI.”
[11] Blevins, “‘Light-Touch’ Internet Regulation,” 182–184.
[12] Blevins, “‘Light-Touch’ Internet Regulation.”
[13] Blevins, “‘Light-Touch’ Internet Regulation,” 194.
[14] Amandeep S. Gill and Stefan Germann, “Conceptual and Normative Approaches to AI Governance for a Global Digital Ecosystem Supportive of the UN Sustainable Development Goals (SDGs),” AI and Ethics 2 (2022), 293–301, https://doi.org/10.1007/s43681-021-00058-z.
[15] Gill and Germann, “Conceptual and Normative Approaches,” 294–295.
[16] Gill and Germann, “Conceptual and Normative Approaches,” 218–220.
[17] “American Leadership in AI.”
[18] Executive Office of the President, “Executive Order: Accelerating Federal Permitting Of Data Center Infrastructure,” The White House, July 23, 2025, https://www.whitehouse.gov/presidential-actions/2025/07/accelerating-federal-permitting-of-data-center-infrastructure/.
[19] Executive Office of the President, “Preventing Woke AI in the Federal Government,” The White House, July 23, 2025, https://www.whitehouse.gov/presidential-actions/2025/07/preventing-woke-ai-in-the-federal-government/.
[20] Holly Fechner, Matthew Shapanka, and August Gweon, “Senator Cruz Unveils AI Framework and Regulatory Sandbox Bill,” September 17, 2025, https://www.globalpolicywatch.com/2025/09/senator-cruz-unveils-ai-framework-and-regulatory-sandbox-bill-2/.
[21] Executive Office of the President, “Removing Barriers to American Leadership in Artificial Intelligence,” The White House, January 23, 2025, https://www.whitehouse.gov/presidential-actions/2025/01/removing-barriers-to-american-leadership-in-artificial-intelligence/.
[22] Executive Office of the President, “Winning the Race: America’s AI Action Plan,” The White House, July 2025, https://www.whitehouse.gov/wp-content/uploads/2025/07/Americas-AI-Action-Plan.pdf.
[23] “The SANDBOX Act: Strengthening Artificial intelligence Normalization and Diffusion By Oversight and eXperimentation,” U.S. Senate Committee on Commerce, Science, and Transportation, n.d., https://www.commerce.senate.gov/wp-content/uploads/media/image/Chairman%20Cruz%20SANDBOX%20Act.png.
[24] “Text - S.2750 - 119th Congress (2025-2026): SANDBOX Act,” Congress.gov, September 10, 2025, https://www.congress.gov/bill/119th-congress/senate-bill/2750/text.
[25] “The SANDBOX Act.”
[26] “The SANDBOX Act.”
[27] “The SANDBOX Act.”
[28] “S.2750.”
[29] “S.2750.”
[30] Matt Mittelsteadt, “Digging into AI Sandboxes: Benefits, Risks, and the Senate SANDBOX Act Framework,” CATO at Liberty, September 24, 2025, https://www.cato.org/blog/digging-ai-sandboxes-benefits-risks-senate-sandbox-act-framework.
[31] Executive Office of the President, “Preventing Woke AI.”
[32] Dan Quan, “A Few Thoughts on Regulatory Sandboxes,” Stanford Center on Philanthropy and Civil Society, n.d., https://pacscenter.stanford.edu/a-few-thoughts-on-regulatory-sandboxes/.
[33] Jayoung J. Goo and Yoo-Yeun Heo, “The Impact of the Regulatory Sandbox on the Fintech Industry, with a Discussion on the Relation between Regulatory Sandboxes and Open Innovation,” Journal of Open Innovation: Technology, Market, and Complexity 6 (2020), 1–18, https://doi.org/10.3390/joitmc6020043.
[34] “Re: Oppose the Unleashing AI Innovation in Financial Services Act (Rep. Hill H.R. 4801/Sen. Rounds S. 2528),” National Consumer Law Center, December 10, 2025, https://www.nclc.org/wp-content/uploads/2025/12/Coalition-Letter-Opposing-AI-Sandbox-HR-4801-12-10-2025.pdf.
[35] “Oppose Unleashing AI Innovation.”
[36] Goo and Heo, “Impact of the Regulatory Sandbox.”
[37] Jody Calemine, “Letter Opposing Legislation that Would Exempt Companies from Future AI Regulations,” AFL-CIO, October 16, 2025, https://aflcio.org/about/advocacy/legislative-alerts/letter-opposing-legislation-would-exempt-companies-future-ai.
[38] Dante Disparte, “Fintech Has Outgrown Sandboxes. Now It Needs Airports,” World Economic Forum, September 27, 2024, https://www.weforum.org/stories/2024/09/fintech-regulatory-airport-sandbox/.
[39] Matthew J. Razzano, “An Unsafe Sandbox: Fintech Innovation at the Expense of Consumer Protection?” University of Illinois Law Review 125 (2019), 132–139, https://illinoislawrev.web.illinois.edu/wp-content/uploads/2019/11/Razzano-final.pdf.
[40] Disparte, “Fintech Has Outgrown Sandboxes.”
[41] Disparte, “Fintech Has Outgrown Sandboxes.”
[42] Disparte, “Fintech Has Outgrown Sandboxes.”
[43] Disparte, “Fintech Has Outgrown Sandboxes.”
[44] Disparte, “Fintech Has Outgrown Sandboxes.”
[45] Razzano, ”An Unsafe Sandbox.”
[46] Razzano, ”An Unsafe Sandbox.”
[47] Razzano, ”An Unsafe Sandbox.”
[48] Quan, “Thoughts on Regulatory Sandboxes.”
[49] Armando G. Español and Pascal D. Koenig, “Regulatory Sandboxes for AI in the Majority World: A Learning-Centric Approach to Legal Adaptation,” Cambridge Forum on AI: Law and Governance 1 (2025), 1–20, https://doi.org/10.1017/cfl.2025.10015.
[50] Disparte, “Fintech Has Outgrown Sandboxes.”
[51] “Chair Cruz Introduces ‘Sandbox’ Bill/AI Framework,” Akin, September 10, 2025, https://www.akingump.com/en/insights/ai-law-and-regulation-tracker/chair-cruz-introduces-sandbox-billai-framework.
[52] Mittelsteadt, “Digging into AI Sandboxes.”
[53] Brian R. Knight and Trace E. Mitchell, “The Sandbox Paradox: Balancing the Need to Facilitate Innovation with the Risk of Regulatory Privilege,” South Carolina Law Review 27 (2020), 445–475, https://scholarcommons.sc.edu/sclr/vol72/iss2/7/.
[54] Mittelsteadt, “Digging into AI Sandboxes.”
[55] Knight and Mitchell, “The Sandbox Paradox.”
[56] Disparte, “Fintech Has Outgrown Sandboxes.”
[57] Disparte, “Fintech Has Outgrown Sandboxes.”
[58] Disparte, “Fintech Has Outgrown Sandboxes.”
[59] Español and Koenig, “Regulatory Sandboxes for AI.”
[60] Mittelsteadt, “Digging into AI Sandboxes.”
[61] Knight and Mitchell, “The Sandbox Paradox.”
[62] Español and Koenig, “Regulatory Sandboxes for AI.”