Regulatory bodies globally continue to introduce legislation requiring banks and financial institutions to reduce risk and increase transparency.
From the Capital Requirements Directives to the Directive on Payment Services (PSD) in the European Union (EU), these measures are being implemented as a means to limit systemic risk and foster sustainable growth.
While the objectives are clear and commendable, the cost of adhering to these increasingly complex frameworks is significant. As a result, it creates opportunities for new companies to emerge and potentially provide more cost effective solutions.
The burgeoning regtech sector may soon transform the discipline of corporate compliance
Driven by the rise in fintech innovation, the burgeoning regtech sector may soon transform the discipline of corporate compliance. To explore how these tools may aid compliance teams, an important first step is to understand the regulatory constraints that are driving interest in this emerging field.
“For large institutions operating across multiple jurisdictions, anti-money laundering (AML) and know your customer (KYC) obligations can quickly spiral out of control,” says Paul McCulloch, CEO of Helm Solutions, a regtech firm that has partnered with global regulators to automate cybersecurity and technology compliance. He notes that some financial institutions allocate 40 percent of their overall IT budget on compliance.
With a high demand for AML/KYC solutions, online fraud prevention tools are one of the most competitive areas for regtech. Risk-based screening is achieved using algorithms that trawl through publicly available sanction lists, as well as thousands of government, regulatory and law enforcement watchlists. These tools are then capable of categorizing individuals by risk levels, and flagging disqualified directors or "politically exposed persons" (PEPs), that may represent a possible fraud threat.
Online fraud prevention tools are one of the most competitive areas for regtech
The development of programmable stress test simulators is another promising application of regtech. In North America, the implementation of the Dodd-Frank Act in the United States requires stress test simulations to be performed on banks and large financial firms multiple times a year, by internal and external stakeholders.
Similarly, the Bank of England and the European Central Bank have also adopted mandatory stress tests resulting in additional opportunities for regtech to demonstrate added value by providing solutions that can produce simulations that are dynamic and accurate.
In Asia, the Monetary Authority of Singapore and the Association of Banks in Singapore have jointly developed a set of industry guidelines on the planning and execution of penetration testing (PT) of IT systems by financial institutions. Using these guidelines, 11 major financial institutions participated in a PT exercise and the subsequent analysis was shared with market participants to raise awareness of the common and high-risk cyber security vulnerabilities. 1
“Creating better simulations requires better data to calibrate the inputs and parameters to the simulation," says Anthony Pereira, founder and CEO of Percentile, a fintech startup that provides on-demand stress test simulations. “We're storing more and more market data from many different sources which allows us to generate complex scenarios and compute the output faster and more cost effectively than ever before."
The abundance of data being made available by regtech firms is also being leveraged by publicly traded companies. Automated shareholder disclosure systems have been designed to collate market data and present investors with real-time performance summaries. Similarly, real-time trading data is being used to produce more comprehensive risk reports, which is another area of focus for regtech firms.
Using regtech to automate these disclosures enhances transparency
“Using regtech to automate these disclosures enhances transparency and is beneficial to the market," explains Dag Lee, executive chairman of Nile, a UK-based financial services design consultancy. “These tools are providing both directors and external auditors with real-time data that can be used to improve business performance and better manage risk."
For financial service providers that have global reach, their compliance obligations need to align with requirements that vary across jurisdictions. With the introduction of certain regulations such as the Markets in Financial Instruments Directive (MiFID II) or the Packaged Retail and Insurance-based Investment Products (PRIIPs), the EU is seeking to address the lack of cross-border harmonization.
“Some of these regulations are about better monitoring and reporting, and can conceivably be addressed by employing more compliance officers," Pereira explains. “But other regulations are computationally intensive, and firms will have no option but to apply technology to meet the requirements."
With the future of corporate compliance set to be more data-intensive, startups will compete to provide services that can automate these processes and combine internal data with external information. Businesses are being called upon to streamline processes as regulatory bodies demand increasingly detailed reporting and greater levels of transparency. While these technologies are still in their infancy, firms that master them early may be the ones that establish a competitive advantage within increasingly competitive and regulated markets.
Sources
- Monetary Authority of Singapore 2014/2015 Annual Report