Posted October 3, 2017 by Simon Jenvey
It’s time for financial services organisations to rethink how they see regulatory compliance. With the right regulatory-focused technology, or RegTech, risks can potentially be transformed into competitive advantage.
The constantly evolving nature of regulation presents a challenge for large financial services firms, which can struggle to implement change quickly. But with the right help, there are advantages to be had.
A raft of new technologies in this space – known as RegTech – have the potential to improve implementation time and introduce cost savings for organisations with the vision to see the possibilities.
The natural result of increasing levels of regulation and a greater focus on data and reporting by authorities, RegTech is a niche proposition which calls upon digital technologies – including big data analytics, cloud computing and machine learning – to help facilitate regulatory compliance for companies of every kind.
While financial services is a sector that has always relied on technology – and it does the job, mostly – today’s solutions transcend what could have been imagined possible 20 years ago.
In fact, a Deloitte study highlights four distinct ways that RegTech is better than legacy offerings at making raw data make sense, and often without the need to replace older systems.
This system agility is the main advantage, it says. Legacy technology may be robust, but it can lack flexibility and require deep development or re-configuration work to cater to changes.
For instance, Deloitte argues that “cluttered and intertwined data sets can be de-coupled and organised” using ETL (Extract, Transfer, Load) technologies, slicing and dicing, and re-presenting data from different angles, according to user requirements.
Speed is also of the essence and RegTech can mean that reports are configured and generated quickly, as and when the need arises.
The third RegTech element – integration – typically introduces shorter timeframes for getting solutions up and running. This makes it cheaper and less risky to implement.
Finally, Deloitte cites the analytics capabilities of RegTech as being a true advantage. Indeed, it says some solutions use analytic tools to “intelligently mine existing big data sets and unlock their true potential”.
In fact, the tendency of RegTech solutions to be cloud-based means systems and data are remotely maintained, managed, and backed up. There is an expected cost advantage as users typically do not have maintenance and updates to manage. In theory, users also have access to as much or as little of the technology as they need and can scale up or down accordingly.
What users might also currently seek from RegTech is the automation of labour-intensive tasks, allowing them to stay abreast of regulatory changes around the world, and reducing operational risks around compliance and reporting.
The current crop of tools is likely to prove most successful where heavily information-based obligations, risk identification, and management tools are needed. Transaction and regulatory reporting, along with activity monitoring are areas of particular interest.
And regulatory support for compliance technology indicates where the authorities see this heading.
Since 2014, the Financial Conduct Authority (FCA) has required regulatory agencies in the UK with oversight of financial institutions to identify technologies that will support compliance efforts. The result is Project Innovate, which helps companies to deliver innovative products to market and which, in its first year alone, supported 177 companies.
In 2016, FCA’s ‘regulatory sandbox’ also encouraged financial firms to test radical new products without regulatory consequences. It enabled regulators to see how best they could apply rules to these new offerings without discouraging innovation.
As new vendors enter the space, including many start-ups, the focus is shifting rapidly to scenario modelling and forecasting, identity validation – especially for ‘anti-money laundering’ and ‘know your customer’ purposes – and real-time monitoring and behavioural analytics. It is these RegTech tools which allow compliance functions to inform risk mitigation decisions.
RegTech is not a cure for every compliance issue, however. In its whitepaper on sector developments, international legal firm White & Case advises that there are certain caveats in this area of technology – the key being uncertain development paths for some new advances.
Early adoption brings risks, it points out, and firms “may need to abandon it in favour of another down the line as new technologies emerge and new standards take shape."
It also adds that companies implementing and relying on RegTech to gather additional data “may also be required to share such information with regulators, even if the data was expected to remain private”. This clearly means the possibility of increased regulatory scrutiny as new methods of enquiry come to fruition.
And, most worryingly, it warns that although algorithmic processes used in data analysis can be extremely efficient, “they can also replicate errors at extreme speeds that may be difficult to manage when something goes wrong.”
In the light of new, far-reaching regulations, such as the EU’s General Data Protection Regulation, technologies that “systematically monitor individuals to identify security threats or regulatory and legal violations may present privacy risks.”
Of course, third-party risk is evident with any technology partner, says the report. But with access to sensitive information and with responsibility for critical tasks, careful partner due diligence is strongly advised in the RegTech space.
There is little doubt that RegTech comes with genuine benefits, such as enabling real-time alerts about compliance issues to help financial services firms keep in line. And, despite warnings about managing this transformation, when risks are handled, early adoption of appropriate RegTech can deliver competitive advantage.
However, DST-commissioned market research shows that, while 65% of firms we asked use the latest regulatory technology to help with compliance, a third (22%) do not.
What is known is that failing to embrace this sector-specific technology is likely to lead to non-compliance, the cost of which all organisations understand very well.
Combine that with the potential to save time and money through operational efficiencies, the future of regulatory technology looks promising.
Learn more about DST’s Risk and Compliance Intelligence Suite.