The Taiwan Banker

The Taiwan Banker

Regtech:A Promise For Smarter Regulatory Compliance?

Regtech:A

2020.01 The Taiwan Banker NO.121 / By Olga Rakhmanina

Regtech:A Promise For Smarter Regulatory Compliance?Bankers Digest
Advances in technological innovation touch on all aspects of financial services, including such non-consumer facing functions as regulatory compliance. Companies seek to harness the latest technology and data management capabilities to help them meet regulatory demands in a more efficient and cost-effective way. RegTech holds significant promise for an industry grappling with a never ending torrent of new regulations, but challenges remain for the adoption of new technology. Discussions about the financial services regulatory framework invariably start with the global financial crisis of a decade ago. Largely blamed on the laissez-faire approach to supervision, it led to the surge of new laws and regulations aimed at making financial markets and firms more resilient to economic shocks. Unsurprisingly, compliance costs went up at the same rate with firms facing pressure to recruit more staff and enhance their processes to meet new requirements. According to the Financial Times’ analysis in 2017, the banking industry spends around $270 billion annually on compliance, accounting for 10% of businesses’ operating expenditure . A widely quoted example refers to the implementation of the European Union’s investment rules – Markets in Financial Instruments Directive II (MiFID II) – which took around 30,000 pages and 1.5 million paragraphs to describe the regulatory framework. RegTech Council, a think-tank, estimated in 2018 the MiFID’s implementation cost to have reached €2.5 billion by that time; most of this was directed to interpreting and re-writing the rules into business texts and computer codes. The Dodd-Frank Act, post-crisis legislation enacted in the United States in 2010, has so far cost the industry $36 billion (although some provisions have been recently scaled back under the Trump administration). Throughout the last decade, the tide of new regulations has not shown any signs of abatement: There were over 50,000 regulatory updates in 2015 with the average daily volume at 155 alerts . Compliance costs are high, but they are even greater if firms fail to implement, and abide by, the regulatory requirements. Boston Consulting Group, a management consultancy, estimates that global banks paid over $320 billion in fines and legal costs for their misconduct between the financial crisis and the end of 2016 . To cope with this ever increasing body of regulations without the prohibitive cost associated with their interpretation and implementation, financial industry players are exploring how technology can bring efficiency and precision to the compliance function. Ready For DisruptionRegTech, which broadly refers to the use of new technologies – such as machine learning, artificial intelligence, blockchain and cloud computing – to meet regulatory requirements in a more cost-effective way, promises to help firms navigate the existing labyrinth of financial regulations as well as implement new rules in a quicker and easier way. Institute of International Finance, a global financial industry association, considers that ‘by making compliance less complex and capacity-demanding, RegTech solutions could free up capital which could then be put to more productive uses, increase competition by removing a barrier to entry, improve the quality and efficiency of supervision, and reduce risk in the system’ .In some ways, RegTech has been in existence since 1990s when firms engaged emerging technologies to monitor and analyse risks. With the advent of new capabilities, the industry is now capable to harness data in even more sophisticated ways to manage its regulatory responsibilities. RegTech seems to be the next logical step after the rapid advancement of fintech and its application is tested in certain back office functions which previously relied on extensive manual operation. RegTech has wide application at financial firms, including areas such as regulatory reporting, transaction monitoring, risk management and financial crime prevention. For instance, RegTech solutions can enhance data analysis, modelling and forecasting which feed into stress testing exercises; produce evidence and make it easier to audit activities; monitor organisational culture using a more scientific and quantitative methodology; and improve customer due diligence and ongoing relationships management. Whilst firms stand to benefit from the efficiency and greater precision that the new technology promises, customer experience is also likely to improve as a result of smoother service with limited scope for human error. The RegTech scene has been dynamic over the last few years with a significant number of firms springing up to offer various solutions. Investments into the new sector have been strong: According to KPMG, a consultancy, RegTech investments more than tripled from $1.2 billion in 2017 to $3.7 billion in 2018 . Although the first half of 2019 experienced a considerable drop, it is unlikely to indicate a total retreat as recent implementation of such game-changing frameworks in Europe as data protection and open banking rules will attract interest in related solutions. KPMG estimates that RegTech will make up 34% of all regulatory spending by 2020 . The sector is quickly becoming international too: Whilst development has been primarily driven by the EU, other major financial centres, including Singapore and Hong Kong, are paying close attention. Straight From The Science-Fiction HandbookIt is not just the firms which take interest in RegTech, but policymakers and financial regulators also see the benefit and potential of the new technology. In 2015, the UK’s Financial Conduct Authority (FCA) published a Call for Input asking for industry’s views on what RegTech capabilities should be introduced and what role the regulator should play in this emerging area. Overwhelming response demonstrated the importance that the industry attaches to the development of new solutions; the FCA particularly noted that the debate attracted a large number of the industry’s senior executives indicating strong business impetus to search for smarter compliance techniques . Respondents to the FCA’s consultation highlighted potential for new ways of reporting regulatory data, introducing shared capabilities to conduct customer due diligence and employing real-time compliance monitoring. Perhaps the most exciting area to emerge is the technology that supports machine-readable regulation which converts regulatory text into computer code that can then be read and applied by the financial industry in a consistent way and as intended by the rule-makers. Going one step further, technology can then be used to execute the regulatory requirements, for example, in the context of regulatory reporting, where the different systems can interface with each other and supply relevant information without any human intervention. The FCA subsequently conducted a two-week TechSprint – in association with the Bank of England – to develop a proof of concept confirming the possibility of translating reporting requirements into machine-readable instructions which would remove the need for human interpretation and therefore help ensure consistent application. Based on reporting instructions expressed in code, machines were programmed to pull the necessary datasets directly from firms’ information systems . The regulator and the industry took the project one step further by undertaking a pilot to evaluate the feasibility of scaling what is now termed Digital Regulatory Reporting (DRR). The first report – published in March 2019 – stressed the sheer ambition that the project is trying to achieve and said it would be prudent ‘to recognise that the path to DRR becoming a reality is uncertain’ . The challenges of introducing a uniform industry-wide framework for what is essentially a collection of very diverse businesses with unique internal processes are no doubt daunting. Technical issues associated with translating natural language into code also stand in the way. The ultimate prize, however, seems to be worth the effort and the next stage of the project is looking to conduct a cost-benefit analysis for the DRR’s industry-wide implementation.A Long Road AheadFor all the hype around RegTech, the industry is in its nascent stage. Whether it stands the test of times and unleashes its transformative potential on the largely manual world of regulatory compliance will depend on how the interested parties overcome the associated operational, structural and technical challenges. The continuously changing regulatory landscape may make today’s solutions redundant tomorrow if they fail to predict the form and content of the future requirements. This constantly moving target is deterring some companies from investing in the new capabilities. Others are looking for some form of regulatory ‘nod of approval’ before they commit to particular technology.Adoption of RegTech also relies heavily on cross-sector co-operation between financial industry, technology experts and regulatory bodies that can support development of workable solutions acceptable to everyone. Automation of regulatory reporting, for instance, requires data standardisation and consistency of definitions, an immense project in itself. The EU, which has one of the most sophisticated frameworks of financial services regulation around the world, is looking to develop common financial data language, which the industry believes is essential to reducing the reporting burden . There are also data processing and sharing restrictions which may inhibit effective co-ordination across borders and between legal entities within financial groups. Tackling financial crime efforts – which are by their nature both cross-sector and cross-border – stand to benefit significantly from RegTech innovation. The FCA conducted its latest global TechSprint on anti-money laundering in summer 2019 focusing particularly on encryption techniques that could enable information sharing without infringing on data protection laws. Held under the informal motto of ‘it takes a network to defeat a network’, the event brought together financial institutions, technology companies, lawyers, academics and regulators to foster the collaborative approach so vital to developing globally effective solutions. More recently, the Hong Kong Monetary Authority held a RegTech Forum on preventing money laundering and terrorism financing in November 2019 to encourage banks to adopt new technology for tackling financial crime as well as to promote the dialogue between the industry and the regulator for maximising the innovation potential . RegTech indeed presents an exciting opportunity to make regulatory compliance more targeted, efficient and cost-effective; as a result, it might also make the world a better place by using its enhanced capabilities to expose misconduct which currently goes undetected. To a great extent, success depends on how good the industry and the rule-setters are at talking to each other.