Originally published: July 12, 2017, updated to reflect the latest industry news, trends and insights.
What is RegTech? Discover the five steps of a regulation technology program and how it affects compliance, financial institutions, fintechs and financial inclusion.
In life, there always seems to be a battle between risk and reward. Take a chance, something great can come about versus don’t rock the boat, it can lead to trouble. Whether it’s politics (conservative vs progressive), personal life decisions (a new job versus the tried and true) or finance (cost benefit analysis), we tend to always connect increasing risk with an increase in potential reward.
For financial institutions (FIs), many on the revenue generation side look at compliance as a hindrance, limiting their revenue potential. And, those on the compliance side, may perceive some business practices inviting undue risks, pushing the envelope of good judgement.
But what if increasing compliance can not only can decrease risk, but simultaneously, increase revenue? Welcome to the new world of RegTech (regulation technology), which promises to ease the burden of compliance, improve insight, and enable new revenue opportunities.
Heralded by Deloitte as the “the new FinTech,” RegTech quickly rose to prominence in 2015. As its name implies, regulation technology, according to Deloitte, seeks to provide “nimble, configurable, easy to integrate, reliable, secure and cost-effective” regulatory solutions. However, as Deloitte also notes, “RegTech will mean different things to different people in this developing area.”
For banks’ bottom lines and for customers wanting quick onboarding, the new technology for digitizing manual reporting and compliance processes eases the burden of compliance and lowers operational costs. Instead of hiring 8,000 new compliance employees (like JP Morgan) to manage the paperwork, forward-thinking FIs are taking advantage of automation and algorithms to process compliance information faster and more accurately.
RegTech is not only good for FIs, but also the regulators themselves. Financial evolution is bringing about whole new areas of regulatory concerns; from new financial instruments to complex multi-party international transactions, how can risk and fraud be managed both in-house and for the whole financial system? More complex regulatory requirements imply more data to check, more information to analyze. If the regulators can’t analyze what they are asking for, why ask for it in the first place?
There’s a whole host of financial regulations already in place, have an upcoming implementation date, or are making their way through the legislative process, that rightfully have the attention of financial services companies doing business across borders. Basell III, Dodd-Frank, MiFID II, IFRS 9, and PSD2, are just some of the regulations that have to be considered as well as AML and KYC laws.
Companies need to understand these laws, create strategies, determine responsibilities, define workflows, implement procedures, perform operations and monitor results; of course, financial institutions (FIs) are focusing on the compliance aspect of RegTech.
“The financial industry needs to devise a three bears outlook on financial regulation,” advises Stephen Ufford, CEO and Founder of Trulioo. “Not too fast, not too slow, but just right. New technologies promise many benefits from lower costs to easier and faster services. But all parties need to effectively manage the risk, or fintech will take the blame for the resulting havoc.”
RegTech Supply Chain
Onboarding refers to signing up new customers and the process they go through to become users. To counter threats from money laundering and Anti-Terrorism Financing, financial institutions must be able to identify the individual and perform various checks to ensure the customer and their funds are legitimate.
Monitoring refers to the analysis of continual, ongoing activities to ensure activities remain in compliance, such as exceeding thresholds, suspicious activities, change of status, recording of communications, surveillance of employees, watchlists, market trends, new regulations, and trade data.
There are various activities to keep track of, such as signs of risk signals and fraud flags, and various other market and transaction detection needs. Financial institutions must use detection tools to ensure fraud is not committed, or that money laundering or terrorist financing funds enter their system.
Reporting to regulators is critical to ensure their compliance requirements are met. FIs must use reporting tools to ensure that they effectively meet all compliance requirements and maintain the trust of regulators, customers, partners, and investors.
Process tools and controls help support consistency across each process from onboarding, monitoring, detection, and reporting. Controls ensure that all requirements are met across each process, which is essential for meeting compliance requirements and mitigating potential risks.
Sweeping advances in technology and the consequences of the financial crisis ultimately incubated innovations that would aid businesses with their regulatory compliance needs. The age of RegTech – a portmanteau of “regulatory technology” – had begun.
The regulatory environment is becoming increasingly complex; approximately 300 million pages of regulatory documents is expected to publish by 2020 and between 2008 and 2016, there was a 500 percent increase in regulatory changes in developed markets, highlights the significant need for scalable, efficient, reliable RegTech solutions.
As the amount of regulations and the associated costs of compliance continue to rise, regulation technology (RegTech) has gained significant traction within the fintech and banking industries. RegTech offers opportunities to gain a competitive advantage, deliver customer-centric innovations and ease integration of other technologies.
Whether if it is protecting PII, making operations more cost effective (while maintaining compliance), gathering intelligence about prospective business clients, using biometrics and other technologies to improve mobile commerce, or improving cross-border transactions, new technology can improve compliance, customer experience, work life, and the bottom line.
By leveraging the advantages offered by RegTech solutions, fintech companies can decisively address concerns that banks might have about risk in the sector. Companies that adopt RegTech make a strong statement by showing their commitment to innovation in regulatory compliance.
“Businesses are only as strong as their weakest link, which is often outside of their direct sphere of influence,” said Jon Jones, President at Trulioo. “Any RegTech solution needs to be fully transparent and trusted in regards to data flow, data retention, data use – all elements that we take to heart.
By 2020, the demand for governance, regulatory, and compliance (GRC) software worldwide is expected to be just under $120 billion. Although [tweet_dis excerpt="#RegTech solutions could lead to a 600 percent return on investment with a payback period of under three years"]RegTech solutions could lead to a 600 percent return on investment with a payback period of under three years[/tweet_dis], most financial service providers are still slow to invest in RegTech.
As it becomes more feasible to use RegTech solutions to automate the compliance process, many gains can be expected. Some of these gains include better customer experience, greater financial inclusion, improved Know Your Customer (KYC) compliance, increased profitability, and lower operating costs.
The Institute of International Finance reported that a major U.S. bank said in a 2014 letter to its shareholders that it spent $2 billion to hire 13,000 new employees between 2012 and 2014 to support its regulatory compliance function. During that same period, this bank spent $600 million on regulatory and control technology.
RegTech in the News:
The global RegTech market size is expected to reach USD 55.28 billion by 2025, expanding at a CAGR of 52.8% over the forecast period, according to a new report.
Over the past decade, regulators have asked financial institutions to undertake several modernizations on their businesses and many of the organizations have struggled with regulatory-driven transformations.
According to the research, any heavily regulated business sector not prioritising Regtech adoption would risk damaging fines from failing to keep pace with regulatory changes.
FINRA today released a white paper outlining recent regulatory technology (RegTech) developments within the securities industry and potential opportunities and implications these technologies may have for broker-dealers.
Machine learning in particular, is rapidly gaining traction in the world of model risk management, where the increased number of models to be managed, requires a consolidation of effort across the entire model landscape.
The data and analytic techniques that satisfy regulators’ demands can also deliver commercially valuable insights about customers and markets. Used properly, regtech can become a source of competitive advantage.
One organization, globally, has had to field over 300 regulatory changes worldwide already through this point in the year. They not only have to be analyzed, but also weighed for potential contradiction with rules in other jurisdictions where the bank does business.
With the UK’s Anti-Money Laundering (AML) regime amendments to implement the Fourth Money Laundering Directive (MLD4) last year, compliance teams around the world are under even more pressure to deliver on their obligations.
Organisations that can see the opportunities that exist through the regulatory change agenda and use their RegTech solutions to maximise these will have a greater chance of succeeding in this ever-changing and challenging marketplace.
Banks and regulators need semantically enabled regulatory technology to deal with the huge, and constantly expanding, volumes of regulations, according to a new report.
Moving beyond manual reporting to system-to-system communication would enable rapid blocking of new kinds of attacks by both industry and the government, making life much harder for criminals.
As is the case with fintech, therefore, one can expect financial institutions of all sizes to adopt regtech solutions with increasing frequency during the coming months and years.
The strict regulatory fashion of the finance industry makes it an ideal sector to invest in AI, because the technology can automate tasks that are based on specific systems, set rules and procedures.
For those who work in compliance, the big question is whether advanced technologies like artificial intelligence and blockchain will ultimately replace people.
Dilip Krishna, a managing director at Deloitte & Touche LLP specializing in risk analytics, states, “A lot of the investment that banks made has been strategic in nature, not tactical. And if it is strategic, what they have done is they have basically given themselves additional flexibility to do not just regulatory work, but even allow themselves to be much better prepared to deal with other implications to their business.”
It is clear that new and emerging technologies have genuine potential to have a transformative impact on AML compliance, both in helping to prevent money laundering and in reducing the cost of compliance.
Asic commissioner John Price says, "Asic does not regulate RegTech directly but we do want to promote it to improve compliance outcomes, and think we have an important role to play as a facilitator of RegTech engagement within the sector."
Commenting in a statement released with the report, Daniel Morgan, director of policy and regulation at Innovate Finance, claimed that: "The second wave of [regtech] systems will fundamentally reduce the cost and burden of regulation and require a radical rethink of regulatory processes."
It is therefore imperative that a thorough assessment of the transformative possibilities of technology in tackling financial crime is taken, and that organisations such as FATF and national regulators drive forward innovation as a means not only of making the financial system more efficient for its users, but also more effective at disrupting and reducing the harm that illicit financial flows cause to the same system.