RegTech applies best in situations where a firm needs to process a high volume of transactions, at lower cost, at speed, and at scale. But before a firm is ready for the benefits of RegTech, it needs a regulatory strategy. Regulatory strategies require complex decision-making and planning, especially for an innovative business model. Such complexity goes far beyond the scope of what automation can deliver today. The scenario of RegTech handling compliance end-to-end from inception to execution seems still some time away.
What Automation Can and Can’t Do
With all of the industry buzz around regtech, it’s no surprise that clients increasingly ask questions about its potential and how it can support their compliance program. Some people even ask whether RegTech can fully automate compliance workflows. It is important to put these questions about RegTech and related topics such as automation and AI in financial services into context.
First, a quick definition: RegTech is any advanced technology innovation that helps manage, monitor, and maintain compliance with financial regulations. RegTech providers offer solutions and suites of tools that support regulatory reporting, risk management, identity management, transaction monitoring, document management, statement delivery, and information security.
When Does RegTech Work Best?
InnReg’s point of view on RegTech is that it applies best in situations where a firm needs to process a high volume of transactions quickly and seamlessly without breaking the bank on costs. In Deloitte’s recent roundup of the RegTech universe, identity verification and management represent one of the largest and most mature segments of RegTech providers, second only to transaction monitoring and document management solutions.
For example, imagine a firm that has great traction in the market, and needs to onboard new users at a rate of thousands per week. Further, consider this account validation process as needing to comply with well-understood Know Your Customer and Anti-Money Laundering regulations. This scenario is well-suited for RegTech.
RegTech and Risk Management
Risk management is an interesting emerging area in RegTech as well. Solutions that focus on risk management may ultimately replace significant amounts of cumbersome human effort, while helping firms detect and mitigate risk earlier than human intelligence can.
In general, risk management RegTech solutions rely on the ability to anticipate or detect changes based on patterns. Intriguing elements of the risk management segment include:
- providers that monitor regulatory notices and changes,
- solutions that watch for emerging market risks, liquidity risks, portfolio risks, and similar internal or external threats, and
- solutions that help spot suspicious trading or fraud patterns.
The most compelling of these tools also help support scenario planning and stress testing.
The Limits of RegTech
The majority of InnReg’s clients experience challenges with regulation that currently go beyond RegTech’s capabilities of at-scale processing and pattern-based inference. It does not make sense to consider RegTech without first having a regulatory strategy. Regulatory strategies require complex decision-making and planning, especially for an innovative business model.
Strategy and Planning Still Need an Expert Touch
When a firm chooses to innovate significantly, there can be gaps between the way regulations are written and the way they need to be implemented.
- RegTech is not able to replace the complex legal review done by specialized legal counsel, or the crafting of a strategic regulatory approach.
- RegTech does not have the capacity to define compliance processes or manage approvals with government agencies such as the SEC and FINRA.
- RegTech cannot select the appropriate partners and vendors to provide the technologies that make up a compliance stack and then negotiate terms with them.
Before You Consider Technology
Compliance planning also helps identify likely sources of risk and appropriate mechanisms for identifying and responding to those risks. Again, RegTech can help and serve as a high-value asset here, but only once the overall risk profile has been defined, and after the governance and processes for acting on risks have been put in place.
Potential and Limits of AI
Even with true AI, which can learn and adapt like a human, the more strategic aspects of the compliance world still require a level of nuance and human judgment that automation cannot replace. In the short term, few RegTech solutions have evolved beyond the use of foundational technologies such as distributed ledger/blockchain and simple machine learning.
A Final Dose of RegTech Realism
In conclusion, it is important to keep these caveats in mind when reading some of the more enthusiastic industry press or attending RegTech conference sessions. RegTech can act as a very helpful enabler of critical elements of a firm’s overall compliance approach, but it is not a replacement for compliance strategy and planning.
There have certainly been fantastic leaps forward, but we are still several evolutionary steps away from supporting complex decision making. While the promise is real, the hype sometimes exaggerates it. The scenario of RegTech handling compliance end-to-end from inception to execution seems still some time away.
If you have any questions we’d welcome you to be in touch to start the conversation.