RegTech: Making Fintech Safer for the Future
Financial technology (fintech) is already changing the way that we use our money. Whether it’s payments, investing, or banking, there is a high likelihood that your transaction has been influenced in some way by fintech, even if you are still doing business with a traditional financial institution. Fintech innovations such as mobile check deposit and automated investment portfolio management using robo-advisers have found their way into mainstream use.
As more money moves to fintech from both consumers and investors alike, the industry will gain greater attention from those who have less than noble intentions seeking to make gains at another’s expense. Like all financial services, there is a need for regulatory oversight for fintech solutions. This is to protect consumers from fraudulent activity and also to prevent other illicit transactions like money laundering or terrorist financing.
Regulatory technology (RegTech) has emerged as a distinct industry sector from fintech as regulations worldwide become more complex. Many of the regulatory updates are in response to both how the financial services business and criminals are evolving as a result of the emergence of new technology.
“Businesses are only as strong as their weakest link, which is often outside of their direct sphere of influence,” said Jon Jones, President at Trulioo. “Any RegTech solution needs to be fully transparent and trusted in regards to data flow, data retention, data use – all elements that we take to heart.”
How can RegTech make fintech safer for service providers and consumers? The Institute of International Finance released a report in March 2016 that highlights several ways that RegTech can help.
Real-time Transaction Monitoring
Anti-money laundering (AML) and counter-terrorist financing (CTF) regulations require that trades and transactions are monitored and reported. Financial institutions are also required to report any transactions that might indicate suspicious activity. The lack a single global payments standard means that different systems use different methods to handle and store transaction information. This makes it very difficult when dealing with cross-border suspicious transactions.
Ideally, there should be one international standard for payments in order to allow seamless reporting to regulators from any jurisdiction. In the meantime, RegTech companies can provide platforms that can bridge the communications gap between different systems would greatly facilitate the compliance process.
Another requirement that comes from AML/CTF regulations is the need for customer due diligence (CDD) that is fulfilled using methods like the know your customer (KYC) process. The Financial Action Task Force (FATF), an international body that defines and promotes AML and CTF policies, has developed a set of KYC standards but these may be implemented differently depending on the country.
To improve the efficiency and effectiveness of KYC processes, reference data utilities are gaining in popularity as a means of providing a centralized repository to streamline due diligence checks. In some cases, cross-border restrictions on the usage, storage, and transfer of data may limit where these utilities may be used. RegTech solutions that leverage different forms of online identity verification, where personally identifiable information (PII) is not stored in a single storage location but rather queried from the original data source only as needed, are able to circumvent these restrictions.
Keeping Up with New Regulations
In a regulatory environment that is continually changing, financial services companies need to stay abreast of new regulations in order to stay compliant. This can be especially challenging for multinational financial institutions that operate in several jurisdictions.
There is an opportunity for RegTech businesses to provide solutions that track the regulatory changes in each region or country and run internal audits to ensure companies are complying with the most current requirements. A key step in order to make automation for global compliance a reality, regulators need to agree on using a standard machine-readable format when issuing regulations so that they can be readily used by software. The Extensible Business Reporting Language (XBRL) is already widely used by regulators in the UK, Ireland, and Denmark, according to the U.S. Securities and Exchange Commission (SEC). While XBRL is primarily focused on business reports, a similar standard could be created for regulations worldwide.
For RegTech to be successful, it must be fully supported by governments and regulators. The UK, a country that is earning a reputation for leadership in fintech, is one example where this is already happening. The country’s 2015 budget announced that the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) – two of the UK’s primary financial regulators – would “identify ways to support the adoption of new technologies to facilitate the delivery of regulatory requirements”. In effect, the UK government has given its regulators a mandate to make the widespread use of RegTech for compliance a reality within the country.
Just as fintech has pushed the envelope for financial services innovation, the same is also true for RegTech and regulatory compliance. It seems only fitting that how businesses comply with ever-changing regulations in the face of fintech should be driven by one of its close relatives.
What role do you think that government and regulators should take in developing RegTech?