Regulatory technology (regtech) is often cited as the answer to the rising cost of compliance, risk and reporting duties at banks. Will it help financial institutions escape IT silos and enhance control over data? Neil Ainger, Daily News at Sibos‘ reporter, investigates.
The principle of applying technology, such as regtech, to significant business challenges is “not new”, says Paul Ellis, global head of regulatory product development at HSBC Securities Services. What is new is that regtech promises to marry the new landscape of post-financial crisis regulation to the new landscape of digital technologies.
Bob Garrison, CIO at the Depository Trust and Clearing Corporation (DTCC), agrees. “If you define regtech as technology companies that provide services to financial market participants to assist in regulatory compliance, then it is not a new concept and one that has been operating for many years. However, regtech is undergoing a revival, spurred by new regulations and increased pressure to reduce costs, requiring greater collaboration between technology vendors and financial market participants.”
Whether new or not, for Luc Meurant, head of financial crime compliance services, Swift, regtech companies have the potential to transform compliance in the same way financial technology (fintech) is transforming payments and other sectors.
Regtech is often considered a subset of fintech, particularly if the focus is on start-up companies. The UK’s Financial Conduct Authority (FCA) defines regtech as a subset of fintech that focuses on technologies that may facilitate the delivery of regulatory requirements more efficiently and effectively than existing capabilities. In a wider context, regtech also refers to utilities, such as Swift’s KYC Registry and Thomson Reuters’ Org ID know your customer (KYC) managed service.
Utilities enable banks to collectively mov e to shared services to get economies of scale on aggregated data in non-competitive areas. As consolidation increases, however, the fuel for this compliance trend will eventually die out. Using data in more creative ways via collaborating with regtech start-ups potentially offers longer-term, more comprehensive enterprise-wide benefits.
In the FCA’s definition regtech is another vertical within the wider fintech scene. Many of the same technologies that have been deployed on payment, capital market or other duties can find a different compliance end use. Data organising, tracking and delivery services can meet regulatory requirements and potentially pay for themselves by improving intraday liquidity monitoring and pricing, reducing risks and fines, improving service and data analysis capabilities.
Regtech can also be used by regulators to improve their ability to digest the greater volume of data that is fed to them due to the Basel III capital adequacy regime, more stringent anti-money laundering (AML), KYC, sanctions, tax and other such rules.
Financial institutions can use technologies such as artificial intelligence (AI), machine learning and big data analytical techniques to organise and control their regtech data in a more efficient fashion. This enables simpler compliance with financial crime controls, more efficient adherence to stringent conduct rules and Basel III reporting requirements. It also gives better data control leading to improved customer targeting, tracking and service.
The need to protect data from numerous cyber risks can also be enhanced by improving data handling – a key characteristic of regtech solutions. Cloud computing, with appropriate security and standards, can also be used as a supporting technology to improve the sharing of data across financial market infrastructures, where it is safe to do so.
Regtech start-ups are often better at data mastery than banks. Data is almost a religion for technology companies. FIs are therefore keen to collaborate with start-ups to learn how to use data better within their organisations, expose it more cheaply for regulatory reporting reasons, or to get simultaneous business benefits such as improved loan decisions, or better liquidity pricing.
Meanwhile, mastering internal or external data can also improve auditability and risk monitoring, for example on AML, across disparate financial supply chains. This may help slow fines, the risk of reputational damage and the trend of banks de-risking.
“Superior regtech can reduce costs significantly, allowing companies to free up capital to invest in more productive areas,” says Simon Eacott, head of payments innovation at NatWest. “The potential of AI in regtech to analyse both internal structured and external unstructured big data at speed, with little manual effort, is attractive. In the risk management field, regtech can help create superior data modelling that more accurately conveys a company’s risk profile.”
Jean Devambez, global head of product and solutions, asset and fund services at BNP Paribas Securities Services, says the key driver in the rise of regtech is the increasing number of regulations “generating complexity and cost”.
The fall in banks’ return on equity since the 2008 crash and contemporaneous rise in compliance costs as new, more stringent regulations were introduced, mean that FIs must cut operational costs and increase controls. It is clear to see why trying to harness the innovation of fintech start-ups for compliance is attractive.
However, Garrison urges some caution on this point. Financial services providers are increasingly looking to partner with technology vendors to aid in compliance with new regulations and to address ongoing cost pressures, he says. Collaboration between financial market participants and technology vendors, particularly in the implementation of new technologies, can create efficiencies, reduce expenses and mitigate compliance risk. “However, modernising high volume legacy systems that already facilitate compliance and operate well can be an extremely complex and expensive undertaking. Firms must therefore consider business cases whenever assessing technology changes to ensure the cost of the changes are aligned with the value which can be derived from them.
“Also, when implementing new technologies, while cost savings can be achieved by decommissioning systems, there are occasions when legacy systems have to remain in place and operate alongside new solutions, which means that the financial benefits may be reduced.”
The Boston Consulting Group report, Global Risk 2017: Staying the Course in Banking, estimates FIs spend $18-$21 billion on AML; $16-$19 billion on KYC; and $11-$15 billion on conduct surveillance. It’s a big market for vendors. Cyberdefence risks, regulatory reporting duties and financial utilities mean that the compliance processing and related regtech market is potentially worth hundreds of billions of dollars.
Ruth Wandhofer, global head of regulatory and market strategy, treasury and trade solutions at Citi, says regtech is “collaborative rather than disruptive”. In the wider fintech marketplace there are many start-ups that want to displace FIs or shave-off niche segments, but banks’ knowledge of the compliance duties they face is a necessary component within regtech, unless players want to get their own licence.
“From a bank’s point of view regtech is collaborative as we are looking for the best provider to help us with our compliance automation and data needs,” says Wandhofer. “That may mean we invest internally or take a stake in a start-up, or we may buy a start-up outright to help us or to launch a wider third-party solution. Alternatively, it may mean participating in a shared financial utility to get economies of scale savings with other banks – whatever works best.”
Pole Star is an example of a start-up and bank collaboration. It provides sanctions compliance and risk management software to banks, trading and finance companies, marine insurers and other maritime organisations. Citi supported the regtech firm after it won its regional Tech for Integrity Challenge Dublin on 18 May 2017. The London-based company won for its range of sanction screening compliance, AML and other risk management software. The mentoring, knowledge sharing and other assistance available should lead to a better solution and may feed into Citi’s trade solutions in future.
There are also standalone regtech companies. For example, Simility, a US-based start-up founded by former Google employees raised $7.2 million in late 2015 in a Series A fundraising round led by venture capitalists Accel Partners. Simility offers a fraud prevention solution that uses AI machine learning. San Francisco-based Merlon Intelligence raised $7.65 million in seed financing this year from the Data Collective venture capital fund and others. It targets AML via AI and enhanced big data analysis.
In the UK, hundreds of regtechs have been through the pioneering FCA regulatory sandbox, making the country something of a hotbed for regtech and other technology-based solutions.
Financial institutions should explore the collaboration opportunities available to them, via sandboxes or not. “We believe cooperation between regtechs and FIs is the way forward,” says BNP Paribas Securities Services’ Devambez. “The combination of regtechs’ technology expertise and banks’ business experience is a powerful proposition, which can help solve many of the industry’s challenges.”
BNP Paribas Securities Services recently took a minority stake in Fortia, a start-up which uses AI machine learning and business process monitoring to help the fund industry meet rising compliance requirements and manage mounting volumes of data. “As well as helping finance the growth of Fortia, we agreed to share our expertise and knowledge of their target market to help them develop their offering,” he says. “We’ve now gone one step further and have decided to move our trustee and depositary business onto Fortia’s platform to help our clients enhance controls and operational efficiency. Our partnership with Fortia illustrates the benefits of cooperation for banks, regtechs but also the industry as a whole.”