Over the past few years, increased regulatory scrutiny, enforcement, and governance requirements within the European Union have prompted companies to dig deep and hike their compliance budgets.
While previously these increased costs have been associated with increased headcount, IT consultancy Accenture’s 2018 “Compliance Risk Study” found that this is no longer the case globally: Compliance technology transformation is the top spending priority for respondents, both over the next 12 months (57 percent) and within the next three years (51 percent) as compliance functions move toward deploying technology rather than adding more people to fulfil their mandate.
Given how new and cutting-edge FinTech and RegTech technologies can help companies digest larger volumes of data and help report information more quickly so that they can react to risks sooner, it is not surprising that there is a growing interest within compliance functions to adopt such technologies—especially because there is an expectation from regulators to do so.
The United Kingdom has been leading the charge. The Financial Conduct Authority (FCA), the country’s main financial services regulator, set up the world’s first regulatory sandbox in 2015, and it went live the following year.
The sandbox is open to technology businesses, as well as authorised and unauthorised financial services firms. It aims to provide participating firms with the ability to conduct small-scale testing on products and services in a controlled environment, while gaining a greater understanding from the regulator as to whether these new products are likely to comply with local laws and regulations (with no threat of enforcement action if they do not).
The FCA’s sandbox has recently had its fourth intake—or “cohort”—since its launch. Eighteen firms were tested in the first cohort, including major banks Lloyds and HSBC. A further 24 firms are being tested under the second cohort, and 18 under the third, including a RegTech proposition by Barclays Bank that tracks updates to regulations within the FCA Handbook and aligns their implementation to Barclays’ internal policies. Some 29 firms will be tested under the fourth cohort, and a fifth cohort will open later this year.
The FCA is keen to roll out the initiative globally. On 7 August it announced the creation of the Global Financial Innovation Network (GFIN) alongside 11 other financial regulators, including the Australian Securities & Investments Commission (ASIC) and Hong Kong Monetary Authority (HKMA), which is intended to be a “global sandbox.”
While experts point out that few “heavy hitters” are involved, and that regulators from key EU countries and the United States, for example, are notable for their absence, the move signifies a wider intent by regulators to work “hand in hand” with tech developers to understand how their products work before they are rolled out.
“The U.K. used its position as a lead financial centre to embrace quickly the advantages that these technologies had to offer, and this momentum is set to continue after Brexit. The EU has tried to follow suit with a pan-European approach but this has proved too difficult to coordinate.”
Suchitra Nair, Director (EMEA), Deloitte’s Centre for Regulatory Strategy
Many of the products being tested by the FCA have a strong compliance component. One involves a fully automated governance solution that enables financial organisations to monitor and understand how spreadsheets are used for regulated activities. The software monitors and enforces compliance rules, identifies structural file errors, and quantifies enterprise risks. Analytics captured by the software can also be used to identify and expedite the automation of operational tasks. Another product currently being tested revolves around a security system that detects advanced hacks and breaches in banks powered by deep learning and computational linguistics.
Jon Segal, partner and head of technology at City law firm Fox Williams, says that investment in RegTech and FinTech solutions has increased during the first half of 2018 in the United Kingdom and EMEA and that “this is due in no small part to regulatory and compliance concerns.” Technologies that exploit artificial Intelligence, machine learning, natural language processing, and pattern recognition to help automate workflow, risk reporting, and risk monitoring are proving more popular with compliance and other assurance functions, say experts. The key market is financial services, but other industry sectors are also adopting such technologies
“One of the biggest growth areas has been regulatory reporting,” says David Gardner, partner at U.K. law firm TLT. “RegTech can search multiple data sources and compile reports that are comprehensive, coherent, and standardised, saving time and effort and making them easier for the regulator to analyse. RegTech can be used to verify identities according to regulatory requirements and flagging checks for review by exception only. Moving forward, we expect to see a lot more innovation in identify verification and know your customer (KYC) checks.”
Chris Beer, EMEA head of regulation at technology company Excelian, Luxoft Financial Services, says that open banking frameworks and next-generation business models such as Banking as a Service (BaaS) are now emerging as growth areas. “As they mature, investment in FinTech and digital banking offerings will only accelerate,” he says.
Gary Richardson, managing director for emerging technologies at IT consultancy 6point6, says that the growth in adoption of these new technologies is due to two key factors:
- Regulators are making a greater push for companies to have more automated processes and better risk reporting frameworks; and
- Compliance and other assurance functions have been among the most under-resourced departments in terms of IT investment for too long.
“Companies tend to make the biggest IT investments in the customer-facing areas where they make their money. As a result, compliance, HR, and audit, for example, have lost out for years, and many of their core processes are still done manually or on basic software packages like spreadsheets. Regulators are increasingly frowning on this and their increased scrutiny is boosting overdue IT investment in many organisations.”
Experts generally believe that the United Kingdom is at the forefront of FinTech and RegTech development. Suchitra Nair, director (EMEA) at Deloitte’s Centre for Regulatory Strategy, says the United Kingdom has been able “to steal a march” over the United States and the European Union due to the FCA’s early push to see how emerging technologies could improve risk governance and customer experience.
“The U.K. used its position as a lead financial centre to embrace quickly the advantages that these technologies had to offer, and this momentum is set to continue after Brexit,” says Nair. “The EU has tried to follow suit with a pan-European approach but this has proved too difficult to coordinate,” she adds.
“The market is now at a stage where it is easier for FinTechs to scale quickly and build platforms that remain compliant with regulation,” says Beer. “The main concern is whether Brexit will help or hinder the ability of U.K. regulators to continue their progressive approach to FinTech adoption. This, of course, depends on the type of deal the U.K. negotiates for the financial sector with the EU.”
Special report: A practical guide to compliance technology
- Currently reading
U.K. regulator setting global example in facilitating technology growth