Building Socio-Technical Trust in Kazakhstani Banking Audits Through Estonia’s Digital Governance Model

The purpose of this study is to develop and substantiate the socio-technical trust architecture (hereinafter – STTA) model, adapted to the national practice of banking audit, drawing on Estonia’s experience and on the theoretical frameworks of socio-technical systems and institutional trust. The research methodology is based on a documentary analysis of Kazakhstan’s regulatory framework, a comparative study of international experiences (in particular, the Estonian X-Road model and KSI blockchain technology), as well as theoretical modelling. The work uses statistical materials from the National Bank of the Republic of Kazakhstan, the Agency for Regulation and Development of the Financial Market (2022-2024), data from international organizations (the World Bank, the OECD), as well as empirical research on the Estonian practice of digital auditing. A four-level STTA model has been developed, comprising the user level (portals for civil audit via NDID), the management level (regulatory sandboxes), the technical level (blockchain audit, API infrastructure), and target trust indicators (Public Verifiability Index, “trust rate” metric). The model assumes an increase in the level of public trust in banking auditing in Kazakhstan to 80% by 2030 (from the current ~38%), a 30% reduction in repeated violations, and a significant decrease in fraudulent transactions. The study highlights the need for regulatory recalibration and IT infrastructure upgrades to build trust through Estonia-inspired mechanisms. The results are practically relevant for transition economies seeking to strengthen digital accountability and citizen engagement in financial oversight.

1. Agency for Regulation and Development of the Financial Market. (2024). O merakh po obespecheniyu informatsionnoi bezopasnosti finansovykh organizatsii i protivodeistviyu moshennichestvu [On measures to ensure information security of financial organizations and countering fraud]. FinGramota.kz. Retrieved June 23, 2025 from https://fingramota.kz/ru/news/post/o-merah-po-obespecheniyu-informacionnoj-bezopasnosti-finansovyh-organizacij-i-protivodejstviyu-moshennichestvu

2. Bannister, F., & Connolly, R. (2014). The trouble with transparency: A critical review of openness in e-government. Policy & Internet, 3(1), 1-30. https://doi.org/10.2202/1944-2866.1076

3. Bostrom, R. P., & Heinen, J. S. (1977). MIS problems and failures: A socio-technical perspective. MIS Quarterly, 1(3), 17–32. https://doi.org/10.2307/248710

4. Cherns, A. (1976). The principles of socio-technical design. Human Relations, 29(8), 783–792. https://doi.org/10.1177/001872677602900806

5. Clegg, C. W. (2000). Sociotechnical principles for system design. Applied Ergonomics, 31(5), 463–477. https://doi.org/10.1016/S0003-6870(00)00009-0

6. e-Estonia. (2019). Interoperability as the meeting point for a digital Nordic league. Retrieved June 23, 2025 from https://e-estonia.com/interoperability-as-the-meeting-point-for-a-digital-nordic-league/

7. e-Estonia. (2024). X-Road: Interoperability services. Retrieved June 23, 2025 from https://e-estonia.com/solutions/interoperability-services/x-road/

8. ENISA. (2017). Blockchain cybersecurity: Key recommendations. Publications Office of the EU. Retrieved June 23, 2025 from https://www.enisa.europa.eu/news/enisa-news/enisa-report-on-blockchain-technology-and-security

9. ERR. (2021). Audit Office: IT security of firms using X-Road not sufficiently checked. Retrieved June 23, 2025 from https://news.err.ee/1608127567/audit-office-it-security-of-firms-using-x-road-not-sufficiently-checked

10. Estonian Financial Supervision Authority. (2020). Annual report 2019. Retrieved June 23, 2025 from https://www.fi.ee/en/publications/finantsinspektsioon-annual-report-2019

11. Estonian Information System Authority. (2023). Data Exchange Layer X-tee. Retrieved June 23, 2025 from https://www.ria.ee/en/x-road.html

12. EuroEuropean Commission. (2020). eGovernment benchmark 2020: eGovernment that works for the people: Insight report. Publications Office of the European Union. Retrieved June 23, 2025 from https://data.europa.eu/doi/10.2759/24753

13. Eurostat. (2022). Digital economy and society statistics – households and individuals. European Commission. Retrieved June 23, 2025 from https://ec.europa.eu/eurostat/statistics-explained/index.php?title=Digital_economy_and_society_statistics_-_households_and_individuals

14. Guardtime. (2017). GDPR compliance using KSI® blockchain (Guardtime white paper; VOLTA – Compliance with GDPR, v2). Retrieved June 23, 2025 from https://m.guardtime.com/files/guardtime-whitepaper-volta-v2.pdf

15. Hofstede, G. (2001). Culture’s consequences: Comparing values, behaviors, institutions, and organizations across nations (2nd ed.). Sage Publications.

16. Inbusiness.kz. (2025). 2024 god stal rekordnym po effektivnosti gosaudita v RK [2024 was a record year for state audit effectiveness in the Republic of Kazakhstan]. Retrieved June 23, 2025, from https://inbusiness.kz/ru/last/2024-god-stal-rekordnym-po-effektivnosti-gosaudita-v-rk

17. Kattel, R., & Mergel, I. (2019). Estonia’s digital transformation: Mission mystique and the hiding hand. In M. E. Compton & P. ’t Hart (Eds.), Great policy successes (pp. 143–160). Oxford University Press. https://doi.org/10.1093/oso/9780198843719.003.0008

18. KazCERT. (2022). Kazakhstan Computer Emergency Response Team. Retrieved June 23, 2025, from https://www.cert.gov.kz/

19. Kazinform. (2025). MVD Kazakhstana prokommentirovalo fakty ukrytiya moshennichestva [The Ministry of Internal Affairs of Kazakhstan commented on concealment of fraud cases]. Kazinform. Retrieved June 23, 2025 from https://www.inform.kz/ru/mvd-kazahstana-prokommentirovalo-fakti-ukritiya-moshennichestva-e92ba4

20. Lewicki, R. J., Tomlinson, E. C., & Gillespie, N. (2006). Models of interpersonal trust development. Journal of Management, 32(6), 991–1022. https://doi.org/10.1177/0149206306294405

21. Shaw, D. R., Achuthan, K., Sharma, A., & Grainger, A. (2019). Resilience orchestration and resilience facilitation: How government can orchestrate the whole UK ports market with limited resources – The case of UK ports resilience. Government Information Quarterly, 36(2), 252–263. https://doi.org/10.1016/j.giq.2018.12.003

22. McKnight, D. H., Choudhury, V., & Kacmar, C. (2002). Developing trust measures for e-commerce. Information Systems Research, 13(3), 334–359. https://doi.org/10.1287/isre.13.3.334.81

23. Ministry of Artificial Intelligence and Digital Development of the Republic of Kazakhstan. (2023). Retrieved June 23, 2025, from https://www.gov.kz/memleket/entities/mdai

24. Mumford, E. (2006). The story of socio-technical design: Reflections on its successes, failures and potential. Information Systems Journal, 16(4), 317–342. https://doi.org/10.1111/j.1365-2575.2006.00221.x

25. Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. SSRN. http://dx.doi.org/10.2139/ssrn.3440802

26. NBK. (2022). On banking audits (Regulation No. 567). National Bank of Kazakhstan. Retrieved June 23, 2025 from https://nationalbank.kz/en/legislation/regulations

27. NBK. (2023a). Ob utverzhdenii Kontseptsii tsifrovogo tenge [On approval of the Digital Tenge Concept] (Regulation No. 43). National Bank of Kazakhstan. Retrieved June 23, 2025 from https://nationalbank.kz/en/news/on-approval-the-digital-tenge-concept

28. NBK. (2023b). Report on Bank CenterCredit rehabilitation. National Bank of Kazakhstan. Retrieved June 23, 2025 from https://nationalbank.kz/en/news/report-on-bcc-rehabilitation

29. OECD. (2023). Improving framework conditions for the digital transformation of businesses in Kazakhstan. OECD Publishing. Retrieved June 23, 2025 from https://doi.org/10.1787/368d4d01-en

30. OECD (2025), OECD Integrity Review of Kazakhstan: Advancing Integrity for Economic Development, OECD Public Governance Reviews, OECD Publishing. Retrieved June 23, 2025 from https://doi.org/10.1787/d705d02f-en

31. Ølnes, S., Ubacht, J., & Janssen, M. (2017). Blockchain in government: Benefits and implications of distributed ledger technology for information sharing. Government Information Quarterly, 34(3), 355–364. https://doi.org/10.1016/j.giq.2017.09.007

32. Pasmore, W., Francis, C., Haldeman, J., & Shani, A. (1982). Sociotechnical systems: A North American reflection on empirical studies of the seventies. Human Relations, 35(12), 1179–1204. https://doi.org/10.1177/001872678203501207

33. Ranking.kz. (2025). Uscherb ot internet-moshennichestva v Kazakhstane vyros pochti vtroe [Damage from internet fraud in Kazakhstan has almost tripled]. Ranking.kz. Retrieved June 23, 2025 from https://ranking.kz/digest/regions-digest/uscherb-ot-internet-moshennichestva-v-kazahstane-vyros-pochti-vtroe.html (In Russ.)

34. Statistics Estonia. (2023). Statistics Estonia. Retrieved June 23, 2025, from https://www.stat.ee/en

35. Suleimenov, B. (2020). Problemy regulirovaniya bankovskogo sektora v Kazakhstane [Banking regulation challenges in Kazakhstan]. Eurasian Law Journal, 3(142), 45–49. (In Russ.)

36. Supreme Audit Chamber of the Republic of Kazakhstan. (2024). Supreme Audit Chamber of the Republic of Kazakhstan. Retrieved June 23, 2025 from https://www.gov.kz/memleket/entities/esep?lang=en

37. TALAP. (2024). Byudzhetnye narusheniya i neeffektivnoe ispol’zovanie sredstv: neuteshitelnye vyvody VAP Kazakhstana za 2023 god [Budget violations and inefficient use of funds: disappointing findings of the Supreme Audit Chamber of Kazakhstan for 2023]. Retrieved June 23, 2025 from https://openbudget.kz/news/22/

38. The Tenge. (2024). Itogi indeksa doveriya kazakhstanskikh bankov ot @FINANCEkaz za 2024 god [Results of the bank trust index in Kazakhstan by @FINANCEkaz for 2024]. Retrieved June 23, 2025 from https://the-tenge.kz/articles/indeks-doveriya-k-bankam-

39. Tammpuu, P., & Masso, A. (2018). ‘Welcome to the virtual state’: Estonian e-residency and the digitalised state as a commodity. European Journal of Cultural Studies, 21(5), 543–560. https://doi.org/10.1177/1367549417751148

40. Trist, E., & Bamforth, K. (1951). Some Social and Psychological Consequences of the Longwall Method of Coal-Getting: An Examination of the Psychological Situation and Defences of a Work Group in Relation to the Social Structure and Technological Content of the Work System. Human Relations, 4(1), 3–38. https://doi.org/10.1177/001872675100400101

41. Tyler, T. R. (2006). Psychological perspectives on legitimacy and legitimation. Annual Review of Psychology, 57, 375–400. https://doi.org/10.1146/annurev.psych.57.102904.190038

42. World Bank. (2020). Global experiences from regulatory sandboxes (Finance, Competitiveness & Innovation Global Practice, FinTech Note No. 8). World Bank. Retrieved June 23, 2025 from https://documents.worldbank.org/en/publication/documents-reports/documentdetail/912001605241080935/global-experiences-from-regulatory-sandboxes

43. World Bank. (2021). Kazakhstan Economic Update, Summer 2021: Turning the Tide on the COVID-19 Crisis. World Bank. Retrieved June 23, 2025 from https://openknowledge.worldbank.org/entities/publication/27afe1412cfa-5e08-907d-324c9aaf16c4

44. Zucker, L. G. (1986). Production of trust: Institutional sources of economic structure. Research in Organizational Behavior, 8, 53–111.