Israel relies heavily on its hi-tech industry, which is central to its economy and its leading export sector (Innovation Authority, 2024, p.12). Accordingly, government policy is set to promote the hi-tech industry (Government Resolution 212; Government Resolution 173). While Israel established a dedicated policy goal to advance its cybersecurity ecosystem as early as 2011 (Government Res. No. 3611 and 2334; Tabansky & Ben Israel, Reference Tabansky and Ben Israel2015; Sivan-Sevilla & Sharvit, Reference Sivan-Sevilla, Sharvit, Tevet, Shiffer and Galnoor2021), its AI strategy was significantly delayed by comparison.
AI regulation is slowly developing in Israel, mostly through policy papers. A key concept in the formation of Israeli AI regulation policy is the regulatory sandbox. First introduced by the British FCA, AI sandboxes were defined as “safe spaces” in which businesses can test innovative products, services, business models and delivery mechanisms without immediately incurring all the normal regulatory consequences of engaging in the activity in question (Financial Conduct Authority, 2015, p.1). The concept of AI sandboxes is frequently mentioned as a panacea for the challenges posed by the rapid developments in AI technology. Regulatory sandboxes are often invoked as a solution that balances the private sector’s pressures for an innovation-fostering “enabling” regulation with regulatory efforts to protect public interests, safety and human rights (Nahon, Reference Nahon2020, p.32).
This paper provides an overview of the emerging AI regulatory sandbox landscape in Israel, as inferred from policy white papers and legislative materials. Its first part surveys the main AI strategy, ethics and regulation whitepapers published in Israel since 2018, and maps the growing appeal of regulatory sandboxes within this context. The second part outlines the Israeli approach to regulating automatic vehicles (AVs) through statutory easements, accommodating the particular constraints of AV technology. The third part of the paper reviews the proposed regulatory sandbox framework for Fintech, and the fourth provides a glance into recently circulated general regulatory sandbox guidelines, which try to offer Israeli regulators a general design for a statutory regulatory sandbox framework. The fifth and final section of the paper comments on the developing Israeli sector-specific approach to AI regulation and sandboxes, particularly raising questions regarding its future implementation and effectiveness, its potential to form entry barriers for less established firms, and its ability to address broader AI governance concerns effectively.
1. AI regulatory policy in Israel
In 2018, the Prime Minister’s Office launched the “National Initiative for Smart Systems,” a forum developing Israel’s national AI strategy (The National Initiative for Smart Systems, 2020). The initiative’s ethics and regulation subcommittee recommended that regulators explore regulatory sandboxes as controlled environments that could balance innovation with societal considerations (Nahon, Reference Nahon2020, p.32).
In 2020, the Interdepartmental Forum for National Infrastructures for Research and Development established a committee examining the need for governmental intervention to accelerate AI development. While primarily focused on national AI infrastructure, its report included brief regulatory recommendations advocating “enabling regulation” that would not impede technological advancement with outdated rules, particularly via regulatory sandboxes (Berry report, 2020, p.63).
Pursuant to Government Resolution 212, which established a plan to promote innovation and strengthen technological leadership, the Ministry of Innovation, Science, and Technology was tasked with leading government AI policy, including regulatory and ethical considerations. In 2023, the Ministry jointly published an AI regulation white paper with the Office of Legal Counsel and Legislative Affairs in the Ministry of Justice (Cahane, Reference Cahane2022; Ministry of Innovation, Science and Technology & Ministry of Justice, 2023a). The 2023 white paper advocates for implementing sector-specific regulatory frameworks that correspond with its proposition for modular regulatory architectures, facilitated through experimental regulatory mechanisms (Ministry of Innovation, Science and Technology & Ministry of Justice, 2023b, p.97). It emphasizes regulatory sandboxes as crucial regulatory experimentation tools, suggesting that reverse sandboxes might allow regulators to study emerging technologies requiring stricter oversight before establishing permanent rules (Ministry of Innovation, Science and Technology & Ministry of Justice, 2023b, p.98).
Following the sector-based regulatory approach to AI recommended by the 2023 white paper, an interdepartmental team examining AI applications in the finance sector published an interim report (Capital Market, Insurance and Savings Authority, 2024). The report develops a financial sector regulatory approach that emphasizes flexible and adaptive regulation, preferring regulatory tools that facilitate experimentation and learning. It frames regulatory sandboxes, along with innovation hubs, as regulatory techniques promoting innovation (Capital Market, Insurance and Savings Authority, 2024, p.177).
Regulatory sandboxes have emerged in Israeli policy papers as a trending solution to the inherent uncertainties surrounding emerging technologies such as artificial intelligence, which develops at an unprecedented pace. These calls to utilize regulatory sandboxes represent a pragmatic approach for several reasons. They defer critical AI regulation decisions to “ground-level” actors, allowing postponement of definitive regulatory frameworks during periods of uncertainty. This aligns with Israel’s sectoral AI regulation approach, enabling customized oversight for different industries. Furthermore, given the Israeli economy’s reliance on the Information and Communication Technology (ICT) sector, sandboxes fostering cooperation with the private sector reassure that innovation will not be stifled by excessive regulation. While offering attractive temporary solutions, this approach might delay confronting AI’s complex regulatory challenges.
2. Israel’s approach to AV regulation: the regulatory sandbox framework
AV technology constitutes a transformative force (Seidman & Gaon, Reference Seidman and Gaon2025). The technology demonstrates the potential to enhance road safety, reduce traffic congestion and improve accessibility, particularly for populations with limited mobility. Yet AVs pose unique challenges, including establishing adequate safety standards, addressing cybersecurity vulnerabilities and adapting existing infrastructure. Israel has pioneered AV regulation through innovative regulatory sandboxes and progressive legislation.
In January 2017, the Israeli government passed Resolution 2316, establishing a five-year national smart transportation plan. Led by an interdepartmental team headed by the Director Generals of the Prime Minister’s Office and the Ministry of Transportation, approximately 240 million shekels were allocated (Government Res. No. 2316). Pursuant to the resolution, a testing center for smart transportation and AVs was established, and field trials and pioneering technological projects were promoted. Resolution 2316 also called for amending transportation regulations to facilitate AV introduction into the existing transportation infrastructure.
Israel’s efforts to regulate and promote AV technology beyond pilot projects and legislative updates represent an evolving experimental governance model in the mobility sector. Using regulatory sandboxes in AV deployment reflects Israel’s broader strategy of combining innovation promotion with risk management, an approach increasingly favored in domains characterized by technological uncertainty and complex societal implications (Marchant, Reference Marchant, Bazzi, Bowman, Connor, Davis, Kang, Konkoly-Thege, Liu, Lloyd-Jones, Manwaring, Bennett Moses and Marchant2024).
Resolution 2316, creating a national AV testing ecosystem, aligns with international trends but distinguishes itself through the state-led, cross-sectoral orchestration of AV innovation. Unlike jurisdictions where AV testing is driven primarily by the private sector, Israel’s top-down coordination ensures a cohesive regulatory vision integrating infrastructure adaptation.
The AV testing center established under Resolution 2316 became operational alongside broader smart mobility programs administered by the Israel Innovation Authority and the Fuel Choices and Smart Mobility Initiative at the Prime Minister’s Office. These institutions serve not only as funding bodies but also as regulatory intermediaries, facilitating interactions between startups, ministries and municipal governments (Abbott, Levi-Faur & Snidal, Reference Abbott, Levi-Faur and Snidal2017). Such institutional arrangements are essential for reducing bureaucratic friction and adapting regulations in real-time, a hallmark of sandbox governance.
From a comparative perspective, Israel’s approach shares some commonalities with regulatory models developed in countries such as Singapore, Germany and the Netherlands, where AV testing frameworks are embedded within living labs and real-world experimentation zones (Milakis, Snelder, van Arem, van Wee & Homem de Almeida Correia, Reference Milakis, Snelder, van Arem, van Wee and Homem de Almeida Correia2017). However, Israel’s emphasis on legal adaptation, reflected in planned transport laws and insurance framework amendments, demonstrates legal-infrastructural coupling less pronounced in other jurisdictions. This coupling is critical given liability, data protection and algorithmic transparency issues raised by AVs (Gless, Silverman & Weigend, Reference Gless, Silverman and Weigend2016).
Israel’s legal strategy also incorporates cybersecurity in AV deployment, leveraging national cyber technology expertise. Collaboration between the National Cyber Directorate and mobility regulators aims to develop pre-market standards and operational protocols addressing AV-specific digital vulnerabilities. Such cyber-readiness integration into mobility regulation remains globally rare (Seidman & Gaon, Reference Seidman and Gaon2025).
Overall, Israel’s AV regulation extends beyond rulemaking; it represents a deliberate effort to construct an innovation-friendly legal ecosystem through anticipatory governance, inter-agency coordination and regulatory experimentation.
2.1. Regulatory challenges
Initial AV trials in Israel faced significant obstacles under the existing vehicular transportation legal framework. For example, Traffic Regulation 28 required vehicle drivers to maintain control of the steering wheel, which impeded AV trials where safety operators were present in test vehicles but not actively holding the steering wheel during automated operation.
Another legal constraint stemmed from Traffic Regulation 282, which permits registration and licensing only for vehicles meeting international standards. Since no international AV standards existed, Regulation 282 precluded their registration and licensing.
These challenges highlighted the need for regulatory adaptation. Initially, the government amended the Traffic Regulations to vest appropriate authorities with the power to exempt vehicle operators from specific provisions for technological testing purposes. However, higher-level statutory law remained riddled with additional hurdles, necessitating a more comprehensive legislative approach with certain relaxations.
For example, one such hurdle was the requirement to have a human driver physically present in the vehicle during trials, permitting the use of fully autonomous operation under controlled conditions.
The amendment introduces significant regulatory relaxations by empowering the Minister and the National Traffic Commissioner to waive, adjust, or substitute existing Road Traffic Ordinance requirements for AV trials (Traffic Ordinance § 16f).
2.2. The 2022 amendment: comprehensive regulatory framework
Israel adopted a regulatory sandbox approach for AV testing and development. It provides a controlled environment for testing innovative technologies under regulatory supervision, with temporary exemptions from specific requirements contingent upon robust safety and monitoring protocols.
The regulatory sandbox mechanism for AVs was implemented through legislation. The Law to Amend the Traffic Ordinance (No. 130), 5772-2022, represents a significant milestone in Israel’s AV regulation approach. Published in 2022, this legislation established a structured framework facilitating driverless vehicle integration into the national transportation system while ensuring safety, fostering innovation and building public trust (Traffic Ordinance § 16c).
This amendment aims to enable AV trials on Israeli roads, including fare-based passenger services. With this legislation, Israel seeks to become the second country, after Germany, that regulate commercial driverless vehicle operations.
2.3. Key provisions of the amendment
2.3.1. Definitions and scope
The amendment provides clear definitions of key terms, establishing foundational clarity necessary for effective implementation of the sandbox:
“AV” is defined as “a motor vehicle in which an autonomous driving system and additional computer systems are installed, and which is specified in the vehicle license as an AV, whether the autonomous driving system installed therein is capable of operating without a defined operating space as defined in Section 16D, or whether the said system is capable of operating only within the framework of the said space defined therein” (Traffic Ordinance §1). This definition introduced AV technology into Israeli law, providing precision that assists lawmakers in determining when specific obligations, rights and liabilities apply in AV contexts.
“AV Trial” is defined as “using new technology or existing technology in a new way to operate an AV, to examine the function of said technology on the road” (Traffic Ordinance §16d). This definition formally establishes a lawful, regulated category for experimental AV activities, distinguishing them from ordinary road use. This clarity enables developers to test new or adapted technologies without violating traffic laws, while allowing regulators to set tailored safety, insurance and reporting requirements that protect the public.
“Safety incident” is defined as “an event that affected or was likely to affect the safety of the operation of an AV, including a violation of any of the provisions under this Ordinance regarding the road conduct” (Traffic Ordinance §16d). This definition establishes a standardized threshold for identifying, reporting and investigating actual and potential threats to the safe operation of AVs. The broad scope of the definition ensures that regulators can capture a comprehensive range of safety-relevant occurrences, enabling proactive risk mitigation, consistent enforcement and reliable data collection.
2.3.2. Permit requirements
Entities seeking to test AVs must obtain operation permits (Traffic Ordinance §16e). The law sets clear conditions for companies to obtain operating permits from the Supervisor of Transport at the Ministry of Transportation (Traffic Ordinance §16 f).
According to the amendment, AV operators must be Israeli-registered companies meeting cybersecurity protection conditions (Traffic Ordinance §16 f(a)(6)). While the amendment does not specify a rationale for limiting AV trial operators to Israeli entities, explanatory notes suggest that this limitation is based on safety considerations. The restriction appears designed to facilitate more effective regulatory oversight and auditing procedures within this high-risk technological domain by focusing on domestically-based companies under Israeli regulatory jurisdiction. The permit process involves a detailed evaluation of safety measures, cybersecurity plans and data protection protocols, ensuring that all trials adhere to the highest standards.
Operating permit holders are responsible for all vehicle operation aspects as if they were the owners, including incidents or contingencies during the experimental operation. Operating permits are valid for three years and can be extended, provided that the aggregate operational period does not exceed nine years.
2.3.3. Safety and cybersecurity provisions
Given AV’s reliance on digital systems, cybersecurity is a primary legislative focus, as AV systems are substantially exposed to cyber risks, increasing potential financial and human safety risks. Operators must comply with rigorous safety and cybersecurity standards, including the New Car Assessment Program (NCAP) test, the UNR-155 regulation for immunity to remote control, and the Israeli Privacy Protection Law.
A critical amendment element is the control center requirement, defined as “a manned facility available at all times to the Permit Holder, facilitating secure two-way communication with the self-driving system,” capable of overseeing and intervening in vehicle operations as needed (Traffic Ordinance §16 f(a)(4)). This ensures continuous monitoring and provides a mechanism for addressing operational anomalies in real-time.
2.3.4. Monitoring and oversight
Complementing the control center requirement is a robust incident reporting system, obligating operators to document and report safety or security incidents promptly (Traffic Ordinance §16o). Such transparency within the sandbox framework enables continuous refinement of safety standards and provides valuable data to inform public policy.
The National Traffic Commissioner must make information publicly available through the Ministry of Transportation and Road Safety website and may publish other AV operation details they believe should reach public attention (Traffic Ordinance §16p). This includes publishing information about valid operational permits, including the number of AVs, approved operational areas, essential conditions and severe safety incident disclosures.
Pursuant to the amendment, the Commissioner may issue regulations that exempt AV, their systems, or their operators from provisions that normally apply to conventional motor vehicles, vehicle owners, or drivers. The Commissioner is further authorized to tailor exemptions beyond those set by the Minister if necessary to achieve the objectives of a trial on a case-by-case basis.
2.3.5. Enforcement mechanisms
A key feature of this regulatory sandbox is the ability to terminate or suspend operational permits following safety violations or regulatory breaches. The National Traffic Commissioner can revoke, postpone, or restrict permits if operators fail to meet compliance requirements, provide false or misleading information, or if their vehicles are involved in severe safety incidents (Traffic Ordinance §16o).
Furthermore, the National Traffic Commissioner and designated supervisors may conduct inspections at the AV operational site, including control centers and the AVs themselves. Supervisors are empowered to demand documentation, inspect vehicle systems and verify cybersecurity compliance.
2.3.6. Implementation and advisory structure
Under the amendment, an advisory committee was established to provide recommendations to the Minister of Transportation, ensuring continuous regulatory adaptation to technological advancements and societal needs (Traffic Ordinance §16u).
2.4. Further developments
Following the amendment, several supporting documents and initiatives were developed. In 2024, a joint team from the Ministry of Justice and the Capital Market, Insurance and Savings Authority prepared a report examining the tort and insurance implications of AV deployment (Capital Market, Insurance and Savings Authority & Ministry of Justice, 2022).
This report directly relates to accountability principles by clarifying liability and insurance frameworks. It establishes that responsibility for AV-caused harms is clearly assigned and enforceable among manufacturers, operators and other stakeholders. By defining who bears legal and financial responsibility in safety incidents, the report supports transparent redress mechanisms, thereby operationalizing accountability within the broader AV regulatory framework.
The report finds that current legal frameworks possess sufficient flexibility to address AV-related accidents without requiring legislative amendments. The Road Accident Victims Compensation Law (1975) ensures no-fault compensation for bodily injuries, while the Motor Vehicle Insurance Ordinance mandates compulsory insurance.
Additionally, in April 2022, the Israel Innovation Authority published a Call for Proposals to examine the integration of independent buses into service lines in Israel, further supporting the practical implementation of the sandbox framework.
Following the introduction of the sandbox, AVs were tested in the northern city of Nahariya. Nahariya became the first city in Israel where an autonomous bus was granted a permit to operate on a public road on a regular route under the operational provisions of the sandbox (Israeli Ministry of Transportation, 2024). Israel’s AV regulatory framework exemplifies a sophisticated experimental governance approach to emerging technologies. The Traffic Ordinance Amendment establishes a clear AV testing lifecycle, encompassing preliminary assessment, advisory committee evaluation of permit applications, structured experimental planning with specific safety and cybersecurity conditions, active monitoring via control centers, mandatory incident reporting and post-experiment assessment through data collection and analysis, informing potential regulatory changes.
The framework grants targeted exemptions from existing traffic regulations while imposing careful limitations: three-year permits with maximum nine-year extensions, geographic operating boundaries, and participation restricted to Israeli-registered companies. These measures enabled real-world trials addressing critical information gaps, as evidenced by the autonomous buses’ deployment on public roads in Nahariya. As AV technology matures, Israel’s structured yet flexible approach enables regulators to make evidence-based decisions about permanent regulatory frameworks while fostering innovation in controlled environments, prioritizing public safety.
3. Israel’s fintech regulatory sandbox framework
Following global trends in fintech regulation, Israel has recently joined the movement to establish regulatory sandboxes in the fintech sector. In early 2019, the interdepartmental team commissioned by the Ministry of Finance to evaluate the establishment of a relaxed regulatory framework for corporate entities providing fintech products and services released its final report (Ministry of Finance, 2019). The report recommended establishing a program designed to address the regulatory challenges confronting fintech developers and providers through the provision of targeted regulatory relief to participating entities subject to statutory licensing obligations, either by tailoring licensing requirements to their specific operational parameters or by granting initial, limited licenses or regulatory exemptions. The report further recommended establishing a specialized interdepartmental committee to administer this pilot program. This committee would simultaneously function as an interdepartmental forum to formulate solutions for fintech entities that do not require formal licensing yet may encounter specific challenges arising from regulatory oversight, including anti-money laundering compliance requirements.
In January 2021, the Israeli government published the Bill to Encourage Technology Development in the Financial Field Sector in Israel, 5781-Reference Bill2021 (Plato-Shinar, Reference Plato-Shinar2021). The Bill aims to create a controlled experimental environment where fintech companies can operate while enjoying regulatory relief, enabling them to test and implement innovative financial technologies under supervision (Plato-Shinar, Reference Plato-Shinar2025). The sandbox approach reflects Israel’s recognition that traditional regulatory frameworks may not adequately address the rapid pace of innovation in financial services.
Implementing the 2019 report, the Bill’s centerpiece is a dedicated committee serving as the central coordinating body for Fintech sandbox programs. It should be noted that the Israeli model differs from the UK model, as the Bill stipulates multi-agency committee management, whereas the UK grants the financial consumer regulator independent authority to establish and operate sandboxes.
The committee comprises five members representing principal financial regulatory authorities: the Ministry of Finance, the Bank of Israel (banking supervision), the Capital Market, Insurance and Savings Authority, the Israel Securities Authority and the Israel Money Laundering and Terror Financing Prohibition Authority. This multi-regulator structure ensures comprehensive oversight while facilitating coordination across different financial regulatory domains (Fintech Bill §2).
However, this institutional design may constrain regulatory agility by necessitating consultation among disparate regulators, some lacking domain expertise in specific Fintech products under consideration, and potentially importing pre-existing interdepartmental tensions into otherwise unrelated matters. Moreover, given existing inter-regulatory tensions, internal political dynamics may infiltrate the committee, as the proposed mechanism lacks adequate safeguards ensuring regulatory cooperation.
Some concerns may be mitigated by provisions designating the authorized competent regulator per application (Fintech Bill §15, §14(b)), which serves as the lead regulatory authority overseeing the applicant’s activities during trials and setting licensing terms and conditions (Fintech Bill §16). This maintains the independence of existing financial regulators while ensuring coordination, as the committee can only select entities subject to the consent of their applicable competent regulator (Fintech Bill §14(b)).
The committee assumes responsibility for designing and operating fintech sandbox programs, with authority to run multiple concurrent programs (Fintech Bill §3(1)). It determines the maximum number of participating companies per program (Fintech Bill §12) and defines application, submission and evaluation processes (Fintech Bill §11(d)). The committee establishes transparent selection criteria, including specific scoring methods and minimum acceptance thresholds (Fintech Bill §3(3), §3(4), §14(a)).
An important committee function is preparing summary reports after two years of program operation, detailing committee activities, participating company performance, and overall program results (Fintech Bill §3(5)). The committee also serves in an advisory capacity, discussing sandbox-related matters at any committee member’s request and submitting recommendations to relevant bodies (Fintech Bill §3(6)).
The bill creates a dual-track system for regulatory relief. The licensing track serves companies whose financial activities would typically require a license from financial supervisory authorities, providing temporary relief from full licensing requirements while maintaining appropriate oversight. The oversight track serves companies whose activities do not require specific licenses but benefit from regulatory guidance and supervision (Fintech Bill §9). This dual-track approach enables the sandbox to accommodate diverse fintech innovations across various financial services segments.
While the bill does not specify fixed time limits for sandbox programs, it requires the committee to prepare comprehensive summary reports after two years of program operation. These reports must detail committee activities, participating company operations and performance, and overall program achievements and results (Fintech Bill §3(5)). This evaluation mechanism ensures regular sandbox effectiveness assessment.
To promote transparency and public confidence, the committee must publicly disclose its procedures and decisions, the identity of companies accepted into the program, information published by competent regulators about licenses or oversight letters granted to participants, and the biennial summary report on program operations (Fintech Bill §7). These transparency requirements help build stakeholder trust and provide valuable information to the broader fintech ecosystem.
The Capital Market, Insurance and Savings Authority’s interim report on AI in the financial sector, published after the Fintech Bill, acknowledged that while regulatory sandboxes are a global phenomenon, academic literature expresses doubts about them. The report noted that the contribution of regulatory sandboxes to innovation in the global financial sector remains unclear (Capital Market, Insurance and Savings Authority, 2024, p.178).
However, the report proposes several Fintech Bill updates, focusing on expanding the effective period for sandbox operation, which might not provide sufficient time to develop post-sandbox regulatory regimes. Another aspect requiring attention, according to the report, is that the multi-regulator committee may be cumbersome, and financial regulators should independently set regulatory sandboxes for matters that fall within their core responsibility areas and initiate legislative amendments to the relevant financial laws to enable sandboxes where existing law does not permit them (Capital Market, Insurance and Savings Authority, 2024, p.185).
Israel’s Fintech sandbox framework exemplifies several key principles of effective regulatory experimentation. The multi-regulator committee structure mirrors the cross-governmental coordination approach recommended for complex technological domains. The dual-track system demonstrates a tailored approach to different regulatory intensity levels, aiming to ease existing constraints (as the later Legislative Guidelines suggest, see Part 4 below). Transparency requirements and a biennial reporting mechanism reflect emphasis on public accountability and systematic learning throughout the sandbox lifecycle.
Most notably, the requirement for regulator consent before company selection illustrates how sandboxes can provide flexibility while maintaining essential regulatory protections, addressing the critical balance between innovation and risk management that underlies successful regulatory experimentation. By implementing these elements, Israel’s Fintech sandbox creates a structured yet adaptable framework for fostering financial innovation while gathering the empirical evidence needed to inform long-term regulatory approaches.
Moreover, Israel’s regulatory sandbox framework incorporates international best practices and reflects broader experimental governance trends for emerging technologies. Drawing from models developed by the UK’s Financial Conduct Authority and Singapore’s Monetary Authority, the Israeli approach demonstrates high institutionalization and inter-agency coordination levels (Zetzsche, Buckley, Barberis & Arner, Reference Zetzsche, Buckley, Barberis and Arner2017). The bill’s multi-regulator committee ensures comprehensive sectoral coverage while addressing regulatory fragmentation risk often associated with Fintech oversight (Arner, Barberis & Buckley, Reference Arner, Barberis and Buckley2016).
The dual licensing and oversight tracks underscore the bill’s responsiveness to regulatory heterogeneity across different financial technologies. It allows for calibration of supervision intensity, a principle increasingly advocated in adaptive regulation literature (Gunningham, Reference Gunningham2010), provided that existing inter-agency power struggles do not impede the process (Plato-Shinar, Reference Plato-Shinar2021). This design accommodates firms operating in regulatory grey zones while avoiding full deregulatory exemptions, thus preserving state capacity to manage risk and protect consumers (Black & Baldwin, Reference Black and Baldwin2012).
The transparency provisions contribute to the sandbox’s function as a knowledge-generating institution. Public disclosure of company participation, regulatory actions and biennial performance reports transforms the sandbox into a site of regulatory learning, promoting diffusion of best practices and comparative benchmarking (Baldwin, Cave & Lodge, Reference Baldwin, Cave and Lodge2012). These mechanisms reflect the sandbox’s dual role as both a facilitative innovation space and a regulatory observatory for state actors. However, within the AI-based Fintech context, more detailed transparency provisions may be required to enable proper regulatory and public oversight of the datasets used by participating entities.
Moreover, the committee’s advisory role and mandate to evaluate long-term program impacts position the sandbox as an instrument of reflexive regulation. This approach emphasizes iterative feedback, institutional learning and flexible rulemaking in response to technological uncertainty (Scott, Reference Scott2017). This reflexivity is especially pertinent in financial ecosystems undergoing rapid change due to AI-driven solutions, decentralized finance (DeFi) and real-time data analytics.
The sandbox also enables regulators to experiment with their internal tools, procedures and standards beyond regulated entities. It exemplifies Sabel and Zeitlin’s (Reference Sabel and Zeitlin2008) notion of “experimentalist governance,” wherein rules are provisional, subject to revision and oriented toward continuous problem-solving. This model, when successful, transforms ad hoc relief measures into structured pathways for systemic legal adaptation.
The establishment of a multi-regulator committee reflects an effort to create a coordinated “one-stop shop” for fintech innovation, but its practical effectiveness is uncertain. Israel’s regulatory history demonstrates recurring inter-agency rivalries and limited transparency in past coordination mechanisms, suggesting that reliance on smooth collaboration may be overly optimistic (Plato-Shinar, Reference Plato-Shinar2021, pp. 468–470). While the bill’s dual-track system – dividing companies into a licensing track and an oversight track – provides a structured approach, it does not clearly articulate how firms should transition from temporary relief under the sandbox to permanent licensing or regulation (Plato-Shinar, Reference Plato-Shinar2021, pp. 474–476). Moreover, the framework is primarily designed with fintech in mind and offers only limited adaptation for broader technological applications, despite the increasing use of algorithmic and data-driven tools in financial services (Plato-Shinar, Reference Plato-Shinar2021, pp. 477–478).
Finally, the sandbox’s legal architecture demonstrates a growing regulatory design trend: using institutionalized experimentation as a strategic response to command-and-control and laissez-faire regulation limitations. Israel’s decision to enshrine the sandbox structure in formal legislation (rather than rely solely on administrative discretion) marks a shift toward legal codification of regulatory flexibility, which may serve as a model for other countries navigating the intersection of innovation and rule of law.
4. Regulatory sandbox legislative guidelines
In January 2025, Israel’s Ministry of Justice released two white papers on regulatory sandboxes: a guide for legislating regulatory sandboxes, released by the Legal Counsel Office (Legal Counsel Office, Ministry of Justice, 2025), and a concise version of the Legislative Guidelines for regulators and decision makers on regulatory sandbox design, excluding legal materials, released by the Regulatory Authority (2025). Both these regulatory guidelines, though not explicitly AI-focused, emphasize sandboxes designed for technological innovation rather than regulatory experimentation. The Legislative Guidelines acknowledge how recent technological revolutions have disrupted traditional systems, challenging regulators to keep pace with rapid changes despite information and expertise gaps. These technologies pose cross-governmental challenges and require substantial internal coordination. As most of these technologies are global and subject to various external legal regimes, this limits the Israeli regulator’s practical scope. Additionally, the wide scope of these technologies across users and domains increases the likelihood of error on the part of regulators, given the inherent uncertainty associated with new technologies.
A regulatory system unable to evolve into a more dynamic and flexible mode of operation or develop experimental capabilities and culture (Allen, Reference Allen2019; Zetzsche et al., Reference Zetzsche, Buckley, Barberis and Arner2017; Zetzsche, Veidt, Arner & Buckley, Reference Zetzsche, Veidt, Arner and Buckley2019) cannot properly and timely address these challenges. Accordingly, the Legislative Guidelines determine that regulatory experimentalism is imperative.
The Legislative Guidelines build on the OECD definition of sandboxes as specific tools for flexible regulation that provide limited regulatory waivers or accommodations for selected participants, enabling them to test innovative business models under reduced regulatory requirements within a supervised framework (Legal Counsel Office, Ministry of Justice, 2025, p.15).
The Legislative Guidelines differentiate regulatory sandboxes from other experimental instruments: pilot experiments (lacking regulatory waivers), sunset clauses (which, despite temporal limitations, apply more widely than to a limited group of predetermined participants), and regulation of experiments and testing (conducted prior to market introduction or as a licensing prerequisite) (Legal Counsel Office, Ministry of Justice, 2025, pp. 17–18).
When facing new business or technological models, regulators can create new regulations, apply existing regulations, or use experimental tools. The Legislative Guidelines recommend considering regulatory sandboxes when there is insufficient information, experience (domestic or international), or sufficient theoretical grounds; when stable regulation may have adverse effects; when experimental timeframes are adequate, and where no ethical implications exist.
The Legislative Guidelines stipulate that regulatory sandboxes are most suitable for circumstances where existing regulations must adapt to emerging business or technological models. Therefore, sandbox design must begin with mapping existing regulations for rules that limit or block these models. Proper mapping may reveal alternatives to sandboxes, such as regulatory guidelines or administrative interpretations that facilitate development. The Legislative Guidelines acknowledge alternative circumstances where developers require experimental oversight despite no regulatory limitations.
After mapping applicable regulatory rules, the second stage considers required adjustments. The Legislative Guidelines identify main sandbox scenarios: easing existing regulatory constraints or adjusting regulation to specific technological or business circumstances; adding constraints to unregulated markets (a “reverse sandbox”); or providing temporary approval while regulatory compliance approval is pending.
Under the Legislative Guidelines, there are four regulatory sandbox lifecycle stages. The preliminary phase precedes the experiment itself, where regulators examine whether the innovative models or technologies suit sandboxes. Regulators should consider the sandbox’s purposes, risk levels and scope of both the proposed experiment and regulatory easement. Additionally, regulators should evaluate participants based on product maturity, previous regulatory experience and perceived ability to partake in the experiment.
In the second stage, regulators establish the experiment plan, taking into consideration possible risks, the regulator’s modification powers, the set of specific conditions for the experiment, and supervisory activities throughout the experiment’s duration.
The third phase is the experiment itself, executed under predetermined conditions within the set timeframe. Regulators will monitor the experiment and receive periodical reports from its participants.
The fourth stage is ex post facto analysis. Regulators analyze the experiment, extract empirical findings and implement predetermined exit strategies while evaluating feasibility for permanent frameworks. Four potential outcomes exist: extending provisional authorization within the sandbox; granting permanent approval for the participants under existing regulatory frameworks (for instance, if the experiment demonstrated that compatibility with applicable existing regulatory frameworks); terminating the experiment and withdrawing from the experimental regulatory framework; or amending existing regulations based on the sandbox’s lessons.
The guidelines recommend supporting the sandbox lifecycle through an advisory committee. This departmental or interdepartmental committee would examine participation applications, devise exit strategies and recommend ex post regulatory adjustments following the experiment’s results.
A second support pillar to the sandbox lifecycle is underlying public procedures outlining sandbox components: participation applications, authorization processes and considerations, proposed experiments, termination conditions and reports. However, the Legislative Guidelines emphasize that, beyond institutional support and a procedural framework, regulatory sandboxes require organizational cultures that promote regulatory experimentation and effective risk management.
The Legislative Guidelines then offer normative design principles for Israeli regulatory sandboxes, each supplemented with proposed statutory language.
The power to grant exemptions for experimental purposes is a core consideration. Since regulatory easement or exemptions constitute the sandbox’s core, authorization powers should be addressed. Provisions granting powers should match the normative level of the substantial provisions from which the exceptions are sought. However, some trials require no particular exception, yet a formal designation of the regulator as a government trial overseer may be appropriate.
These exception powers should be granted directly to regulators for execution flexibility and cannot be further deferred. While this provision allows expert consultation, cases where experiments significantly affect the domain of other regulators may require supplementary provisions mandating prior professional consultation. For complex cases, the Legislative Guidelines suggest granting exemption authority to interdepartmental or expert committees chaired by the regulator.
Additionally, the guidelines recommend clearly defining the terms “experiment” or “trial” to clarify their temporary nature, with expansive language describing their purpose to include new technologies or business models, or new uses of existing ones.
Establishing exemption conditions and limitations is another key principle. The Legislative Guidelines stress the importance of legal frameworks that protect consumers and users participating in trials, and affected third parties, minimize interference with interests within the regulator’s jurisdiction, ensure equality and fair competition in the regulated sector and enable regulators to study the innovative field to which the trial pertains. This requires setting limits and conditions for the experiment to contain potential harms within the sandbox boundaries.
Accordingly, while regulators should have general authority to set conditions preventing harm to the protected interests, the Legislative Guidelines recommend considering certain specific limitations: temporal constraints; scope limitations (geographic, participant number, budget); participant identity restrictions (limiting the trial to categories such as regulated entities, new unfamiliar entities or to Israeli-registered companies); user protection measures (age groups, consent, etc.), and other safeguards (such as insurance). Similar to the exemption power, the section of the Legislative Guidelines discussing limitations and conditions for sandboxes provides proposed statutory language.
The Legislative guidelines also address exemption application evaluation processes, suggesting, for example, that the statutory framework for sandboxes should include provisions for equal treatment, ensuring similar business entities receive similar conditions. Regulators should also consider their available oversight resources for the trial.
Trial management is another key aspect. The guidelines suggest several statutory trial management provisions. First, granting sandbox easements and exemptions should follow predetermined criteria – mandatory or optional – including safety considerations, minimizing adverse effects, potential remedies, and the potential emergency response management by the applicant. Correspondingly, regulators should have the authority to revoke, limit, or condition regulatory easements when participants breach applicable legal provisions or material trial participation conditions. The Legislative Guidelines suggest that, generally, participants facing revocation of sandbox exemptions should have opportunities to present arguments before regulatory decisions.
Additional proposed provisions regard the duty to render public any sandbox exemptions-related decisions to ensure public transparency and accountability. Users and consumers taking part in the trial also require transparency, as they should be informed and allowed to refuse participation. The Legislative Guidelines further suggest that information rendered public under these provisions will preclude information that public authorities are not required to provide under the Israeli Freedom of Information Act.
The regulatory sandbox “day after” must also be considered. The Guidelines stipulate that since regulatory sandboxes are temporary by definition, regulators should plan their exit strategies, addressing both general legislative amendments needs and particular long-term trial impacts. Regulators should carefully manage transitions from sandbox testing to permanent regulatory changes, acting decisively to prevent regulatory uncertainty in their supervised sector. Additionally, regulators should be mindful of market dynamics and the potential competitive advantages gained by sandbox participants, and devise exit strategies ensuring fair starting points for all potential market actors.
Israel’s regulatory sandboxes approach attempts to address innovation challenges while maintaining oversight. The guidelines provide a structured four-phase lifecycle from preliminary assessment through implementation to post-experimental evaluation. This process creates frameworks where technological innovation occurs within defined boundaries, balancing flexibility with consumer protection. Advisory committees, clear exemption authorities, and transparent procedures ensure accountability throughout the experimental process.
The Legislative Guidelines appear to represent a mature and forward-looking regulatory philosophy. Their emphasis on systematic design, transparency and exit strategies reflects awareness of both the opportunities and risks inherent in regulatory experimentation. However, the guidelines should further elaborate on mechanisms for evaluating the long-term socio-economic impacts of sandbox experiments beyond their immediate regulatory outcomes. While the four-phase lifecycle provides a robust structure for managing experiments, there is less detail on how lessons learned will be integrated into broader policy planning or cross-sector regulatory reforms. Expanding this dimension could enhance the capacity of sandboxes to serve not only as tools for targeted regulatory adaptation but also as drivers of systemic governance improvements.
In addition, the guidelines could place greater emphasis on mechanisms for public engagement throughout the sandbox process. Although transparency provisions are addressed, they focus primarily on the publication of decisions and participant information. We believe that incorporating structured channels for stakeholder feedback – both during and after experiments – would strengthen the legitimacy of the process, improve the quality of regulatory learning, and ensure that a diverse range of perspectives informs the transition from experimental frameworks to permanent regulation.
Although aiming to address technological innovation, the technology-neutral tone of the Legislative Guidelines overlooks particular contemporary emerging technologies and their unique challenges, most notably AI. Overarching questions of data governance, privacy protection and cybersecurity – which may be even more critical in experimental settings – are not raised nor answered by these documents. Perhaps AI-specific issues are meant to be resolved through an interdepartmental AI coordinating body, as proposed in the AI regulation white paper (Ministry of Innovation, Science and Technology & Ministry of Justice, 2023b). However, the interface between such an AI-dedicated body and the regulator designing a particular sandbox should be considered and outlined in detail.
The guidelines reflect a sophisticated understanding of sandbox mechanics but remain notably technology-neutral. This approach avoids the complexity of AI-specific regulation but may inadequately address the unique challenges of algorithmic systems, as data governance, explainability and bias concerns receive minimal attention. The emphasis on “easing existing constraints” rather than proactive risk management suggests sandboxes may be better suited for regulatory relief than emerging technology governance.
5. Concluding remarks
Regulatory sandboxes in Israel are still in their early stages of development. This paper has examined the efforts to establish both general and sector-specific regulatory sandbox frameworks. Future research could evaluate the practical implementation of these frameworks, particularly in comparative analysis with alternative regulatory approaches under consideration, such as innovation hubs (Capital Market, Insurance and Savings Authority, 2024, p.179).
These hubs differ from regulatory sandboxes in that they primarily serve as an advisory and engagement platform, enabling developers to consult with regulators, clarify applicable rules and receive guidance without altering their legal or regulatory obligations. In contrast, the regulatory sandboxes that are discussed herein are experimental regulatory frameworks that temporarily grant selected participants exemptions or modifications to existing requirements, allowing them to test innovative products or services in a controlled, supervised environment. While the innovation hubs focus on information exchange and fostering compliance, sandboxes generate empirical evidence from real-world trials.
The Legislative Guidelines reflect Israel’s technology-neutral approach to regulatory sandboxes. Rather than specifically addressing the unique challenges posed by AI technology, their solution provides regulators with general powers to tailor experimental settings, primarily by removing legal barriers that may impede the development of emerging technologies. This approach builds on two earlier sectoral precedents: the fintech framework, which addresses financial innovation broadly with only tangential consideration of AI applications, and the AV regulatory framework, which targets a specific AI-adjacent technology rather than comprehensively addressing AI. This sectoral strategy reflects Israel’s preference for adapting existing regulatory structures rather than creating new, overarching AI-governance mechanisms. This targeted approach facilitates innovation but may neglect broader AI-governance concerns, including algorithmic accountability, human oversight and documentation requirements.
Israeli policy papers have consistently advocated for an agile regulatory approach to AI, highlighting regulatory sandboxes as a key tool for implementation. However, it remains premature to conclude whether regulatory sandboxes in Israel have successfully created the so-called “enabling regulation” that fosters innovation while addressing the unique challenges of AI governance. Among the developments examined in this paper, most remain in preliminary stages. Only the AV regulation has been implemented, while the Fintech sandbox legislation is still at the bill stage, and the Legislative Guidelines have yet to be tested in practice.
While AI presents challenges of uncertainty across a wide range of sectors, regulatory sandboxes should not be framed as its ultimate panacea. Aiming to facilitate innovation while managing risks, the actual effectiveness of regulatory sandboxes remains understudied. There is a growing need for empirical research evaluating their general impact on innovation, compliance outcomes and consumer protection, particularly in comparison to traditional regulatory methods (Capital Market, Insurance and Savings Authority, 2024, p.178).
In AI contexts, Israel employs sector-specific AI regulation rather than a comprehensive framework like the European AI Act. Consequently, unlike overarching data protection or cybersecurity rules, there are no AI-specific regulations requiring exemptions under a sandbox scheme. For example, both the AV and Fintech sandboxes discussed in this paper primarily provide relief from existing sector-specific regulations, rather than address broad AI threats. These gaps may be addressed through reverse regulatory sandboxes. Unlike traditional sandboxes, which merely grant regulatory relief, reverse sandboxes enable regulators to proactively examine potential risks of emerging technologies and develop appropriate constraints. Reverse sandboxes may allow Israeli regulators to move beyond providing easements towards preventing potential AI harms, should they choose to take up this challenge.
Additionally, sandboxes might not be the best fit for all AI systems. For example, the financial sector in Israel is characterized by a dominant, expert regulatory environment, which may be more suitable for an experimental sandbox project than others. The financial private sector offers lucrative potential gains for innovation, thereby providing developers and entrepreneurs with sufficient incentives to experiment. This is not necessarily the same in other sectors, where risks are allocated differently. Furthermore, the regulatory sandbox model may prove less efficient for public sector AI applications, where the regulator is also the user or even the in-house developer.
Subsequent scholarship should examine whether, once implemented, Israel’s regulatory sandboxes will align with the foundational purpose established by the British Financial Conduct Authority in 2015, or whether they will evolve primarily as tools to attract market participants or as legislative initiatives demonstrating regulatory engagement with innovation.
Funding statement
This article was supported by ERC Grant No. 101054745: Three Generations of Digital Human Rights and by a scholarship given by The James J. Shasha Center for Strategic Studies (SCSS) at the Hebrew University of Jerusalem, Israel.
Competing interests
The authors declare none.
Amir Cahane is a doctoral candidate at the Hebrew University, Faculty of Law. He is a research fellow in the ERC project Three Generations of Digital Human Rights, and a fellow in the Federmann Cyber Security Research Center – Cyber Law Program. Amir also serves as the academic coordinator of the Israeli Forum for Intelligence Studies (IFIS). Prior to his Ph.D. studies, Amir served as a researcher at the Israel Democracy Institute. His research interests are surveillance law, privacy, and AI regulation.
Adv. Michael Sierra is a doctoral candidate at the Hebrew University, Faculty of Law, and a Fellow at the J. Shasha Center for Strategic Studies. His doctoral research, supervised by Prof. Yuval Shany and Prof. David Levi-Faur, explores the role of regulatory intermediaries in the governance of artificial intelligence (AI), combining insights from regulatory theory and human rights. He holds an LL.B. and an LL.M. (magna cum laude) – as well as a B.A. in International Relations, all from the Hebrew University. Michael has served as a research assistant to leading scholars in AI regulation, including Prof. Tal Zarsky, and as a member of the Research Division of the Israeli Supreme Court. He previously served as a legal assistant to the Vice President of the Jerusalem District Court.
Open access
