The financial crisis saw a heavy investment in compliance as regulators on both sides of the Atlantic hit banks and other firms in the sector with massive fines for years of bending the rules and breaking the law. Now the financial services industry is looking to cut back on those costs, and increased technology spend appears to be the answer.

European and U.S. banks have paid more than U.S.$150bn in litigation and conduct charges since 2011, according to estimates by banking giant Citigroup. It reckons that the biggest banks, including JPMorgan and HSBC, have doubled the number of people they employ to handle compliance and regulation, and that the increased investment costs the industry U.S.$270bn a year and accounts for 10 percent of operating costs.

Little wonder, perhaps, that banks and other financial services firms are looking to scale back. Many of the jobs created by banks in recent years for compiling and checking data on customers and transactions have already been moved offshore to lower-cost countries, like India and South Africa. In the next wave of automation they will simply disappear, say some. This January, Richard Lumb, CEO of financial services at consultancy Accenture, told journalists at the World Economic Forum in Davos, Switzerland, that it had saved a banking client U.S.$100m by automating jobs in its compliance division. Such boasts have got other banks listening, and interest in regulatory technology, or “regtech,” is growing.

Deutsche Bank’s innovation group is also looking at ways of using artificial intelligence (AI) to improve compliance, cut costs, and enhance customer experience. In March, it opened a lab in New York to test artificial intelligence, cloud, and cyber-security technologies, among others. In terms of compliance, one of the first areas where the bank is aiming to use the technology is to check through volumes of voice and video recordings to make sure that the bank’s employees are complying with the rules when interacting with clients.

The technology—which the bank has declined to name—can automatically search for key terms that auditors routinely monitor, as well as spot potential “red flags” that would suggest corrupt or improper behaviour.

Deutsche Bank is also evaluating how AI can help identify new potential customers with algorithms that analyse public information about people and companies, as the amount of publicly available data is so huge that no human can come to grips with it, while AI can.

Many major banks are experimenting with AI and machine-learning technologies, so called because they are able to learn without being explicitly programmed and can change the way they behave and become more responsive when exposed to new data. In March, the Bank of England announced that it was testing an AI system with Canadian start-up MindBridge AI to allow it to spot abnormalities in financial transactions and “explore the benefit of machine learning technology for analysing the quality of regulatory data input.”

HSBC said this year that it is using Google Cloud machine learning capabilities to improve its anti-money laundering systems and controls by running data analytics to help identify patterns and detect improper activity. A large proportion of regtech solutions are usually cloud-based, which significantly cuts the costs and reduces the implementation time and also makes the technology more amenable.

“The benefits of these types of interactions is that each series of questions and answers can be tracked, providing a clear audit trail and proof of compliance, but also a consistent and accurate service at any time.”

Neil Furnivall, Associate Director, Grant Thornton

Last year, Credit Suisse teamed up with the AI firm Palantir to improve its trader surveillance to monitor the behaviour of all its employees in the hopes of catching rule breakers before they break the law. It will do so by identifying individual trader activities that stand out from how they would normally act—and from how their colleagues would. In 2015, JPMorgan launched a program that uses algorithms to identify bad eggs in its trading department. The system monitors, among other issues, whether traders attend compliance training or break any other trading rules.

Using technology to assist compliance has been part of a growing trend for some years and is no doubt set to gather momentum. A report released at the end of 2015 by management consultants McKinsey, called The future of bank risk management, predicted that automated compliance will become one of the key issues affecting the sector over the coming decade.

The report says that as the rules become ever more complex and the consequences of non-compliance ever more severe, banks will likely have no choice but to eliminate human intervention as much as possible in dealing with customers and to hardwire the right behaviours into their products, services, and processes. Where these interventions cannot be automated, robust surveillance and monitoring will be increasingly critical. This is the only way to ensure a very low error rate within the first line of defence and to allow proper oversight by the second line, says McKinsey.

Experts believe that investment—and reliance—on AI and machine learning technologies to aid compliance are only going to increase. Daniel Horton, technical manager at Parker Software, says that “by nature, AI modelling—and to some extent, machine learning—is ideal for tasks that need to be handled accurately and logically, such as reporting and document archiving. The strict regulatory fashion of the finance industry makes it an ideal sector to invest in AI, because the technology can automate tasks that are based on specific systems, set rules, and procedures.”

It may not necessarily follow, however, that compliance professionals have to make way for technology. “There are clear advantages to handing over the reins of regulatory compliance to a computer designed to review and complete administrative tasks,” says Horton. “However, while the technology is still in a state of learning, it will not have the upper hand over human employees for another few decades.”

Neil Furnivall, associate director at Grant Thornton in the United Kingdom, believes that the great appeal of AI and machine-learning technologies is that they offer opportunities for improved compliance, starting even at a fairly simple level. “We are seeing a rise in the general use of voice interaction, and it is becoming increasingly common to talk to virtual assistants. For example, Siri, Alexa, Cortana, and Google Assistant are becoming normal interactions with AI in our everyday lives. The benefits of these types of interactions is that each series of questions and answers can be tracked, providing a clear audit trail and proof of compliance, but also a consistent and accurate service at any time.”

The rise of “regtech”

Any product or service that can promise to cut costs, improve compliance, and help zero in on new customers while making a profit is obviously going to make a strong impression in a sector where money is core to its operations. Consequently, the interest in regulatory technology, or “regtech”, is gaining traction.
According to research published this year by IT Consultancy Infosys, called Amplifying Human Potential: Towards Purposeful Artificial Intelligence and which assessed the impact of AI and current levels of AI maturity in enterprises, adoption is rising smartly, creating the expectation that worldwide by 2020, companies will see AI contributing a 39 percent average increase in revenue and a 37 percent average cut in operating costs. 56 percent of financial services respondents said they were using AI in the past one to three years.
The study found that financial organisations invested much more in AI than other businesses (US$14.6m versus an average US$6.7m for all respondents), although—somewhat contrarily—financial services ranked third from the bottom in terms of AI maturity.
Some banks have identified specific advantages that investments in regtech may afford in the future. In a report called Digital disruption—revisited sent to clients in January, Citi said there was a “huge cost take-out opportunity for financial institutions” from regtech. One of the proposals it put forward was for banks to actually pool resources on some common areas of compliance, such as basic anti-money-laundering rules. “Over the longer term, a nationwide [know your customer] utility could be beneficial to the whole of society, and many regulators and governments are working towards this ideal,” it said.
—Neil Hodge

At a more complex level, “the general rise in data as an asset is opening up new opportunities in compliance,” adds Furnivall. “The increase in data scientists and chief data officers employed in an organisation is a clear indication of this trend. The creation of innovation and data labs within large financial organisations to provide a focus for these data ideas is also increasing and the analysis of this data is providing insight on where organisations are currently inefficient or ineffective and ways to make this better,” he says.

Adam Jones, head of innovation at financial services consultancy Altus Consulting, says that for machine learning, the most important broad capability is the consumption of big data and pattern recognition—particularly in the fight against fraud. By plugging in to vast data sets and allowing computers to learn about patterns and outcomes, says Jones, firms are realising there can be massive improvements in how effective and widespread their fraud prevention and identity management schemes can be.

Jones say that there are some key areas where AI can help financial services firms improve their compliance and cut costs, while also improving customer service. One such area is identity verification, which is traditionally a very paper-based and clunky process. Onfido is a U.K.-based technology firm that improves background checking by using AI to carry out facial recognition on photos and passports/identity documents, and data integration with a range of systems to carry out background and criminal record checks.

Another firm, IdentityMind, which works on risk management and fraud prevention, uses its software platform to categorise all customers and remove the trustworthy ones from the mix, leaving only those worthy of further investigation for possible frauds.

But where there are opportunities, there are also downsides. While AI and machine learning (ML) technology will certainly shape the future, it will take time to get financial regulators comfortable with such regtech solutions, says Dr. Philip Trillmich, a partner at global law firm White & Case. “If AI/ML technology leads to regtech solutions with the ability to decide themselves which data to gather and analyse, the risk of breaching data protection laws is likely to increase and will have to be addressed,” he says.

Mohit Joshi, president and head of banking, financial services & insurance at IT consultancy Infosys, agrees that “adoption is being held back by some reluctance to share customers’ personal data and the cost of technology.”

Data protection and privacy may be thorny issues for AI developers, but regulators are keen to embrace the advantages of the technology. As early as November 2015 the U.K.’s Financial Conduct Authority sent out a “call for input” to financial services firms so that it could see what regtech solutions were being used to fulfil regulatory requirements and which solutions could be adopted more widely by firms. It has since collaborated with the regtech sector to give a better steer as to what the software firms should be focussing on—and what firms need—and has set up its “Project Innovate” initiative to promote developments in consumer-facing technologies.

However, privacy issues are just one hurdle: Trillmich adds that there are other potential problems that make further AI investments risky. “While AI/ML is an excellent technology for automating complex decision-making tasks, errors in the automated decision-making process can be replicated very quickly at large scales and may be difficult to detect and to correct. Users and providers of AI/ML-based regtech solutions should therefore remain involved in the tasks completed by the solution at least to an extent that they can conduct regular checks and exercise additional human-led judgment. They should not cede too much control to AI/ML-based regtech technology too soon.”

As a result, experts believe that AI and machine-learning technologies are a tool to aid compliance—not a replacement for it. “As they consider automation, bank compliance departments have to consider how they balance technology systems with personal accountability,” says Karen Chu, managing director at consulting group Synechron Business Consulting.

“As with any technology, banks cannot be wholly reliant on a system for compliance. AI needs to be considered in combination with proper governance and controls regarding who has access to the system, how the AI learns, and how to check its outcomes,” she adds.