Skip to main content

Ascent Solutions

9 Common RegTech Questions, Answered

By Blog

As a young industry, RegTech often gives rise to a host of questions — everything from “what is it?” to “how does it work?” to “how will it affect me?” We’ve collected a handful of the more common ones and answered them below.

Have a question that’s not on our list? Drop us a line at and we will be happy to help answer it!

What does RegTech mean?

RegTech (Regulatory Technology) is the application of emerging technology to improve the way businesses manage regulatory compliance. 

RegTech companies can be established GRC (Governance, Risk, and Compliance) platforms, startup companies, and everything in between. They are united by their use of new, groundbreaking technology in the service of solving the problems of regulatory compliance.

As an industry, RegTech has emerged over the last few years to address the rising tide of regulation and its growing complexity. To learn more about the history and future of RegTech, check out our comprehensive guide, “What is RegTech?”

READ MORE: What is RegTech?


What are the benefits of RegTech?

For financial services, the benefits of RegTech are substantial:

  • Efficiency gains — As regulation continues to grow, it becomes nearly impossible for compliance personnel to keep up without the aid of technology. Technology, capable of processing a high volume of data at incredible speeds, can quickly parse and analyze raw legal text and extract valuable insights. 
  • Greater accuracy and comprehensiveness — Manual, siloed processes tend to create gaps in the compliance operation, leading to human error and increased exposure. Implementing the right technology (and integrating those technologies thoughtfully where necessary) shores up gaps and creates a streamlined compliance process.
  • Greater internal alignment — Technology tools enable greater transparency throughout the business, connecting once siloed people and processes. The result is better insights between business units that can be shared faster, which also leads to a stronger culture of compliance.
  • Improved risk management — Many RegTech tools help protect against various types of risk, including market abuse, cyber attacks, and fraud, by monitoring systems and alerting personnel to suspicious activity.

READ MORE: How Ascent customers reduce risk, slash costs, and save time


What is end-to-end compliance and how does RegTech fit in?

End-to-end (E2E) compliance is a fully traceable process that connects external regulatory events to a business’ specific obligations, then all the way through to that business’ internal controls, policies, and procedures. In an ideal world, E2E compliance leverages automation and other technologies to create a complete functional system of compliance. To achieve E2E compliance, different RegTech solutions can be used together (often referred to as a ‘compliance technology stack’) to create a seamless process that automates rote work, connects once-disjointed processes, and supports a robust compliance framework.

With a properly implemented E2E system, businesses could 1) be alerted to relevant new rules or changes to existing rules, 2) be directed to the exact parts of their internal controls or P&Ps that are impacted so team members can make the appropriate changes, 3) manage their obligations digitally including assigning work and tracking progress against deadlines, 4) easily produce records of their compliance activities, and 5) generate useful reporting dashboards. 

Again, due to the complexity and nuance of regulatory compliance, one-size-fits-all solution. Rather, compliance leaders should take a modular approach to building a technology stack that meets the firm’s unique circumstances and objectives.

What kind of tech stack should I consider for my compliance framework?

Compliance and Risk professionals are responsible for not only determining what their firms’ regulatory framework is, but also how to maintain it once it’s set. Thankfully, there are a number of solutions within the RegTech universe that support this effort and can be combined into a comprehensive, end-to-end tech stack. The key is to know which ones to bring into your tech stack in the first place, so here are a few types of solutions to consider:.

Regulatory content tools are situated at the beginning of the compliance process. They typically take the form of a content library, feed, or resource center. Content tools consolidate documents published by regulators into one platform (including the laws, enforcement actions, guidance, rule updates, and more), making research and horizon scanning more efficient. Leaders in this space include Thomson Reuters Regulatory Intelligence, LexisNexis and Reg-Room.

Regulatory knowledge automation is technology that bridges the gap between the raw data of regulatory content and actionable insight. Market leader Ascent, for example, generates the regulatory obligations that pertain to your specific firm based on key factors like what type of financial entity you are, what services/products you offer, and where you operate. Ascent then automatically updates your obligations as rules change. This targeted regulatory knowledge allows compliance personnel to know exactly what the firm must comply with at all times, without the manual effort. 

GRC (governance, risk and compliance) platforms help operationalize compliance and often house all of a firm’s regulatory information, including obligations, controls, policies and procedures. Workflow capabilities allow users to track and manage their compliance efforts. Leaders in the space include LogicGate, MetricStream, IBM OpenPages, and RSA Archer to name a few. 

Point solutions cover a wide swath of RegTechs, helping firms execute compliance in a compliant way or assess compliance with an obligation or control. These could include (but are not limited to) trade monitoring, portfolio risk, know-your-customer, anti-money laundering, operations risk management, and cybersecurity tools. Point solutions are more limited in scope than regulatory knowledge automation or GRC solutions, but when they meet the right need they can provide substantial value.

READ MORE: The first (and most difficult) step in setting a regulatory compliance framework


What technologies do RegTech solutions use?

RegTech providers leverage a wide variety of emerging technologies. Here are a few of the most common:

  • Machine learning (ML) is the application of algorithms that improve automatically through experience. Rather than being specifically programmed to complete a task, ML models are fed large amounts of data, which they use to learn and improve on their own. In regulatory compliance, ML models can process large amounts of regulatory data and gradually draw conclusions about that data, becoming more and more accurate over time.
  • Natural language processing (NLP) is the field of using computers to process and analyze human language. In compliance, NLP can parse the unstructured raw text of regulation and reorganize it or otherwise transform it so that people can retrieve meaningful insights. 
  • Blockchain is a digital record of transactions, most often associated with cryptocurrencies. Blockchain has many other purposes however, such as enabling the secure sharing of know-your-customer data within or between organizations for compliance purposes.
  • Robotic process automation (RPA) allows users to configure metaphorical “robots” or “digital workers” to replicate the actions of a human in a digital environment in order to complete a business process. RPA tools can automate laborious manual processes, like the production of hundreds of disclosures that asset management firms are required to generate throughout the year.

READ MORE: RegulationAI™: World-Class Technology Built for Compliance


What’s the difference between RegTech, FinTech, and SupTech?

RegTech leverages emerging technology to create tools focused on solving the challenges of regulatory compliance. While the majority of existing RegTech solutions are currently focused on the world of financial regulation, RegTech could also be leveraged for other regulated industries — for example, healthcare.

FinTech, short for financial technology, is the application of technology to solve problems or create new value in financial services. Examples include crowdsourcing platforms, mobile payments, cryptocurrency, robo-advisors, budgeting apps, or the use of open banking APIs. Recently, digital banks that operate purely online with no physical locations are also being referred to as FinTechs. 

SupTech, short for supervisory technology, is the application of emerging technology to improve how regulators conduct supervision. Just as RegTech leverages technology for regulated companies, SupTech leverages technology for the regulators.

READ MORE: What is SupTech and how will it change compliance?


Can RegTech help me with specific regulation like GDPR?

The rise of data privacy legislation like GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act) have added necessary protections for consumers but have increased financial institutions’ already significant regulatory burden in the process. Depending on what you are trying to achieve with specific regulation like GDPR, RegTech offers various solutions. 

There are many point solutions that help firms execute GDPR-compliant behavior. For example, UserCentrics helps firms obtain customer data in a transparent way. Syrenis provides one central platform to manage personal data, legal basis for obtaining that data, consent, and marketing practices. GDPR365 is a compliance assessor that offers guidance on what security weaknesses need to be fixed.

To understand what your organization’s obligations are under GDPR (or any other regulation), look to regulatory knowledge tools like Ascent. Ascent’s AI-driven technology pinpoints the GDPR obligations that your firm must comply with, then updates them automatically if the rules change.

READ MORE: How a Global Top 50 Bank Secured Its GDPR Obligations Using Ascent


How can I use RegTech to help my firm ease compliance burdens?

There are many use cases for RegTech, but here are some of the most common:

  • Horizon Scanning — monitoring regulatory developments including rule updates, guidance, and any other communications from regulators to better understand potential threats and opportunities.
  • Identifying Obligations and Changes — conducting regulatory analysis (also referred to as regulatory mapping) to understand which obligations or requirements your business must comply with. These obligations must then be routinely updated as rules change.
  • Compliance Management — managing your daily compliance activities and aligning them with the broader framework of regulatory strategy and process.

Finding a solution for these use cases can be challenging since the RegTech space is vast and each solution facilitates a different part of the compliance process. Breaking the RegTech landscape into these four categories makes it easier: 1) Regulatory content tools, 2) Regulatory knowledge automation, 3) GRC platforms, and 4) Point solutions.

For the examples above, the solutions for each use case vary:

  • Solution for Horizon Scanning: A regulatory content provider such as Thomson Reuters Regulatory Intelligence helps save time with horizon scanning and research.
  • Solution for Regulatory Obligations: A regulatory knowledge provider such as Ascent identifies your obligations and keeps them updated as rules change. This targeted regulatory knowledge can also be used to understand downstream impact. For example, a rule change identified by Ascent can be used to trigger alerts or workflows related to that rule in your GRC or other compliance management platform. 
  • Solution for Compliance Management: A GRC or other compliance management system such as LogicGate or IBM OpenPages allows you to house and project manage your compliance activities, including assigning tasks, tracking progress against deadlines, and managing any internal documentation such as your controls, policies and procedures. Ascent’s granular obligations can be seamlessly fed into these systems so your regulatory data and activities are monitored, tracked, and managed all in one place.

If you are looking to accomplish all of these use cases, it is likely that your compliance operation requires multiple solutions, combined to create a full-scale compliance technology stack.

What questions should I ask a RegTech vendor that leverages “AI”?

What kinds of AI technologies do you use, and why?

First, brush up on machine learning and natural language processing basics so you can follow the vendor’s response. You do not need to be an AI expert; a good vendor will be able to explain their process in a way that any business leader can understand. What’s important is that you get a clear picture of how the specific technologies and approaches used create business value for you. Is the vendor using “AI” as a flashy marketing term, or is it actually integral to the solution?

Where are you getting the data that is training your algorithms?

Good AI tools require significant amounts of quality data – as they say, ‘bad in equals bad out.’ The vendor should be able to explain how they are ingesting regulatory text (did they build an ingestion or scraping tool, or are they white-labeing another product?), from where (the best case scenario is that the vendor is pulling straight from official regulatory websites), and at what frequency (this should be reasonably frequent so you know you have the most up-to-date information at any given time). The vendor should also be able to explain the quality-assurance process that ensures all intended data points are properly captured. 

Are there humans involved in the training of your algorithms, and to what degree?

In many industries, the notion of humans-in-the-loop (meaning the technology is not 100% machine-driven; humans are still involved in some part of the process) is considered a negative sign because it means “that the tool isn’t really AI.” The compliance industry, however, is unusual in that a humans-in-the-loop process is considered a positive. Why? Because the world of regulatory compliance is so nuanced and complex, that AI solutions are far better when trained and QA-ed by human experts in regulation and law. This does not mean that all AI-driven RegTechs require humans-in-the-loop to be great tools, but the vendor should be able to explain why they do or do not involve people in the process.

Who is held liable if your solution fails?

This question is as important for you as it is for the vendor. Because this issue exists in a legal gray area, you must carefully weigh the risk of implementing any new solution (AI or not). A good AI vendor will understand why this is a concern, and should show evidence of a strong model risk management framework, rigorous internal controls, and most importantly be completely transparent about what the solution can and cannot do. If it sounds too good to be true, it probably is. 

*Ascent offers a performance guarantee for its AI solution that is backed by an insurance cover from Munich Re Group. Read the case study to learn more.

We recommend checking out these articles to continue learning about RegTech and how it can be applied throughout the compliance process:

Want to receive more articles like these? Subscribe to receive helpful content designed to help you win at compliance.

Compliance Mapping to a Risk Taxonomy in Ascent

By Solution Highlight

Regulatory compliance mapping is essential for financial firms to manage risks effectively. As regulations keep changing, firms need to stay abreast of updates and ensure that they remain compliant. Traditional methods of compliance can be time-consuming, expensive, and complex. However, with Ascent’s technology, organizations can easily identify their regulatory obligations and assign them to risk themes. This makes it simple for businesses to organize and access relevant information. In this blog post, we explore how Ascent’s AI and automation solution simplifies compliance mapping for organizations, enabling them to streamline their compliance efforts while reducing costs

But first, what is a risk taxonomy?

A risk taxonomy is a standard and comprehensive set of risk categories used within an organization to help define the types of risk that should be considered and measured.

Whether your firm uses its own set of classifications or ones set by the industry such as the ISO 3100, Ascent has the flexibility you need to classify and map your applicable regulatory obligations in the language that makes the most sense for your firm.

READ MORE: Regulatory mapping—are you doing it effectively?

As a starting point, Ascent provides a standard set of classifications or
themes, such as Credit Reporting, Investment, Know Your Customer, and Truth in Lending, to name only a few.

Ascent risk taxonomy

Ascent also enables customers to implement their firm’s unique taxonomy with a custom theme feature. 

custom risk taxonomy

No matter which type you choose, the themes that you set up in Ascent are more than just a glorified search feature or a way to organize regulatory content. They are a powerful way to understand what you need to do to stay in compliance, in a structured manner that allows you to make progress against your compliance goals. 

The power to understand exactly what you need to do.

Unlike tools that function primarily as searchable databases of regulatory documents, Ascent is an intelligent compliance platform that automatically surfaces the exact parts of the regulatory texts that apply to your business. Once your unique obligations have been identified, Ascent provides the depth and lineage you need to trace every obligation back to the rule it came from.

READ MORE: Traceability of obligations in Ascent


The ability to map to your controls, policies, and procedures.

The beauty of Ascent’s granularity is that it is made truly actionable through its custom and standard themes. After Ascent identifies your obligations, you can tag them using your chosen themes. The obligation pictured below, for example, fits into the scope of “Anti-Money Laundering.” However, it may also apply to other areas of a firm’s risk profile, and so it might require additional tagging to ensure that it sits properly within the firm’s taxonomy.

compliance mapping

Ultimately, risk themes in Ascent enable firms to:

  • Organize all applicable regulatory obligations into topics and map them to internal risk taxonomies
  • More easily perform impact assessments and map obligations to controls, policies and procedures. 
  • Easily divert obligations to the responsible people by themes in the organization

The flexibility to organize your world.

With Ascent, accuracy and actionability is possible. Learn how you can accurately identify your regulatory obligations and map them to your organization’s unique risk taxonomy for more streamlined compliance. 

Interested in learning more? Contact us to request a demo or talk to our Sales team.

Rate your compliance-readiness in just 5 minutes

Rate your compliance-readiness in just 5 minutes


What are ‘granular’ regulatory obligations and how do they reduce your risk?

By Blog

The challenge of knowing your obligations

What are regulatory requirements?

Regulatory requirements (also referred to as regulatory obligations or mandates) are an affirmative duty on an organization to complete, or refrain from, a set of actions in order to remain compliant with the law. Compliance personnel will typically analyze legal text to determine the regulatory requirements their organization must adhere to.

Accurately and efficiently determining your firm’s obligations is incredibly difficult, especially in the last decade as regulation has exploded in volume and complexity. 

This complexity is exacerbated by the fact that workers spend hours combing through mostly irrelevant information; based on Ascent’s internal analysis of regulatory text, only about 35 percent of any given regulation consists of actual obligations. The bulk of regulation – the remaining 65 percent – is made up of non-obligations such as definitions and clarifications. 

This challenging environment often has Risk and Compliance teams throwing up their hands in frustration; how do they get to the right obligations that matter to their firm, especially as rules continue to change? Is it even possible to do so without simply throwing more money and people at the problem? 

Recent advances in machine learning and other emergent technologies offer a path forward, but it is important to understand what makes some technologies more effective than others at pinpointing obligations from oceans of text.

Granularity: a crucial new concept in regulatory technology

In attempting to solve that problem, businesses need precision. Tools that offer a large breadth of regulatory information may provide value in terms of regulatory research and monitoring, but they do not solve the problem of helping firms target their exact obligations. This underscores the importance of granularity — in other words, precision.

Ascent generates the granular obligations that are relevant to your specific organization i.e. the individual requirements imposed on your firm, down to the line level of regulation. Granular obligations are independent of citation; as an example, a single rule may contain 1 or 100 obligations, or a sub-rule may contain 1 or 50 obligations. The takeaway is that obligations generated in Ascent are never an entire rule or large block of text that must be further analyzed by the user. 

INFOGRAPHIC: Regulatory Knowledge Automation, Explained

Instead they are broken down into specific obligations that are easy to understand and map to your internal compliance taxonomy (i.e. the real-life business topics and risk areas that your team organizes around, such as AML, consumer credit, cybersecurity, etc.).

This allows compliance workers to spend significantly less time and resources manually reading regulation and tracking changes, while also guaranteeing a high degree of accuracy. 

Granular obligations in Ascent provide a single source of regulatory truth, enabling businesses to standardize their data and keep it current with changing regulations. 

Granular obligations help you avoid fines and reduce risk

Effective compliance starts with having the right obligations in hand, then keeping them up to date. By providing granular obligations that are targeted to your business, Ascent ensures that you have the dynamic regulatory knowledge you need to effectively implement compliance throughout your organization, mitigate risk, and avoid fines and penalties. Learn more.

Ascent and IBM Integrate AI RegTech Solutions to Help Financial Institutions Streamline their Compliance Operations

By Blog

“The potential of this technology for the Bank and the financial services industry more broadly is exciting. By digitising parts of the regulatory change process, and the automation of continuously refreshing data we can improve the application of regulation, efficiency for our business as well as provide greater transparency with regulators. It’s been rewarding to collaborate with our RegTech and technology partners on a project that will have such a large, positive impact for our industry.” —Jasper Poos, Head of Governance and Assurance, Commonwealth Bank of Australia


Chicago and Armonk, NY: July 15, 2020 Ascent, a provider of AI-based solutions that automate regulatory compliance processes, and IBM today announced a partnership to integrate their respective RegTech solutions in an effort to help banks and other financial institutions better manage their growing and ever-changing regulatory requirements.

Specifically, IBM is integrating Ascent’s regulatory knowledge platform with its IBM OpenPages with Watson solution. Clients will be able to feed their regulatory obligations and rule changes  – which are automatically generated and updated by Ascent – into IBM OpenPages with Watson in order to better manage downstream compliance activities.

The integrated solution is designed to help regulated businesses keep better pace with today’s rapidly changing regulatory environment and help lower risk for potential fines and other supervisory actions. In addition, customers can benefit from the combined dynamic workflow capabilities and near real-time market intelligence by reducing the manual effort and time spent in transferring regulatory information between teams and disparate systems. 

The IBM and Ascent partnership was the direct result of Ascent’s successful proof of concept engagement with the Commonwealth Bank of Australia (CBA), earlier this year, wherein IBM was also a key technology partner. The companies combined the Ascent platform with OpenPages with Watson which leveraged natural language processing and AI algorithms to identify and analyze more than 1.5 million paragraphs of regulatory text from the country’s Markets in Financial Instruments Directive II. The solution allowed CBA to quickly identify terms in the regulation that they needed to review and act upon – a process that would have taken days of manual scanning.

“The potential of this technology for the Bank and the financial services industry more broadly is exciting,” said Jasper Poos, Head of Governance and Assurance at Commonwealth Bank of Australia. “By digitising parts of the regulatory change process, and the automation of continuously refreshing data we can improve the application of regulation, efficiency for our business as well as provide greater transparency with regulators. It’s been rewarding to collaborate with our RegTech and technology partners on a project that will have such a large, positive impact for our industry.” 

“AI for business is only as good as the ecosystem around it. And our collaboration with Ascent on the CBA solution is a great example of bringing innovative technologies together with purpose to help solve a growing challenge,” said David Marmer, Vice President, Offering Management, IBM RegTech. “Regulation can be complex, time consuming and costly. But with the application of AI and dynamically updated rules changes, companies are positioned to begin to operate and advance within those parameters quickly and easily.”

“We are pleased to launch this joint initiative with one of the world’s leading technology companies,” said Brian Clark, Ascent Founder & CEO. “Ascent is designed to work with OpenPages and other enterprise systems in a powerful and complementary way. Ascent’s ability to map obligations and regulatory changes targeted to the customer is a powerful workflow trigger for GRCs. We are excited about the implications it will have for our clients in financial services and look forward to helping them dramatically reduce regulatory risks and costs going forward.”

Ascent has been rapidly gaining momentum since its founding in 2015. Since its inception, Ascent has grown 100% YOY, secured $26.7M in funding, and expanded to 50 full-time employees. 


About Ascent

Ascent was founded in 2015 to help financial services firms automate the most tedious and error-prone aspects of compliance. With customers from Tier 1 and Tier 2 banks and other financial firms around the world, Ascent provides Knowledge-as-a-Service (KaaS) as a groundbreaking new way to navigate the increasingly complex world of regulations quickly, efficiently, and most important of all, reliably. Learn more at  

About IBM OpenPages with Watson

For more information about the latest release of IBM OpenPages with Watson, version 8.2, check out the IBM webinar on June 23.

View this announcement on the IBM News Room.

Media Contact:

Patrick Phalon
MacMillan Communications
(917) 689-3438

Michael Zimmerman
IBM Media Relations

Preparing for FINRA’s Unique Challenges with Ascent

By Blog

A recent article in the New York Law Journal delineated the distinct challenges lawyers face when confronted with FINRA Enforcement proceedings. While on the surface, FINRA enforcement actions may seem familiar, there are elements of the process that are unique to the regulator and its proceedings — and that therefore bring unique challenges.

FINRA Challenges

“FINRA Enforcement proceedings are designed to quickly punish or remove those who violate FINRA’s rules or the rules and regulations governing the securities industry. As such, they lack many of the procedural protections applicable in civil or criminal litigation and the rules themselves, particularly FINRA Rule 2010, make it easier for Enforcement to obtain an adverse finding. However, that makes the role of an informed advocate more, not less, important. Counsel should be prepared.”

Counsel should be prepared indeed, because the threat is very real. In the last two years alone, FINRA has doled out $100 million in fines. This is in line with a broader trend in the world of regulatory compliance, which has seen more frequent and more severe enforcement actions issued over the last decade.

Advocates, though, might struggle to feel prepared in an environment that’s as complex and fast moving as financial regulation. For law firms attempting to advise a litany of clients on their regulatory requirements or for a General Counsel trying to build and scale an effective compliance program, it can seem impossible to keep up with this frenzied regulatory pace.

Ascent for Legal Advisors Managing FINRA

Ascent helps financial firms identify their obligations, track regulatory updates, and reconcile changes. Our AI-powered platform automates the most tedious and error-prone aspects of regulatory change management and regulatory mapping, significantly reducing a company’s cost to comply and — by taking human error out of the equation — the risk of non-compliance.

Ascent empowers law firms to continually know all of the regulatory obligations for each client in their book in a few minutes time. Similarly, Ascent helps General Counsels gain a comprehensive view of their regulatory landscape, potentially at significant cost reduction (learn how Ascent helped a Global Top 50 Bank achieve 99% cost-savings in their GDPR compliance efforts).

Informed advocates play an essential role in helping businesses navigate complex enforcement proceedings like FINRA’s, and, even more importantly, in avoiding non-compliance and enforcement actions in the first place. Ascent helps provide them with the information their roles require at a scale, efficiency, and level of accuracy not previously possible.

READ MORE: How a Global Top 50 Bank Secured Its GDPR Obligations Using Ascent


Enjoy this article? Subscribe to receive helpful content designed to help you win at compliance.


How Ascent Helps Financial Firms Slash Compliance Costs

By Blog

Ascent helps financial services firms follow the laws, rules, and regulations more easily, both reducing overall compliance costs and helping you avoid monetary, reputational, and punitive penalties.

Lower compliance costs, fewer fines

The leaps and bounds that AI technologies have made in recent years make it possible to automate compliance processes such as regulatory mapping and regulatory change management — which have historically been highly manual, time-intensive, and prone to human error.

A pioneer in regulatory knowledge automation, Ascent rapidly and accurately identifies every obligation that applies to your specific firm. Then, as regulators publish new rule amendments or additions, your obligations are automatically updated to reflect these changes.

Ascent’s technology helps firms save money on compliance in two key ways:

— Reduces the cost to comply. By automatically generating a firm’s regulatory obligations and keeping them updated, Ascent helps in-house Compliance teams and regulatory advisors save significant time and resources. As importantly, Ascent empowers existing staff to take on more value-add activities such as proactively preparing for regulatory change and developing regulatory strategy, thereby strengthening the business overall and shifting compliance from a cost-center to a competitive advantage.

— Prevents compliance failures and associated fines and penalties. In a world where a new regulatory update is issued every seven minutes, financial institutions can no longer afford to miss a rule change. By automatically delivering the obligations and rule changes that apply specifically to a business, Ascent helps shore up the compliance program, minimize risk, and avoid fines.

A Global Top 50 Bank achieved 99% cost savings with Ascent.  Read their Story.


Contact us to request a demo or learn more about Ascent.

RegulationAI™: World-Class Technology Built for Compliance

By Blog

When it comes to automating any aspect of compliance, how the technology itself is built has serious implications for your business. Here we explain the building blocks of Ascent’s RegulationAI™, what makes it unique in the industry, and how our approach ensures that you truly have what you need to eliminate regulatory gaps, avoid fines and ultimately be more competitive.

Not all automation is created equal

Ascent invented a new kind of technology called Regulatory Knowledge Automation in order to tackle one of the most intractable challenges in compliance: mining mountains of regulatory information to get to the insights that matter — in other words, the actual actions our customers need to take (or refrain from taking) in order to stay compliant with the law.

How the technology works is just as crucial as the output of that technology. As all those who work in compliance know, it is not only the destination that matters, but how you got there. 

Thanks to rapid advances in technology in recent years, compliance personnel now have a range of digital tools to help streamline this process. However, not all tools are created equal – especially when it is your firm’s reputation and financial wellbeing on the line. Other solutions may be partially automated, but depending on how they are built may actually create more work for the end user and increased risk for the business.

So while automation can seem helpful on the surface, it is crucial to understand the basis for the algorithms and the differences between solutions so you can make the right choice for your business. 

Ascent’s RegulationAI™ breaks down regulatory text line-by-line in order to pinpoint the obligations relevant to you. Conversely, other solutions rely on algorithms that act much like a search engine. Their software skims through regulatory documents in search of key phrases or specified search terms that might be related to a company’s business requirements. The result is guesswork, but scaled up – thousands of potential obligations that may or may not be relevant to you, which your team must still manually review. Manual reconciliation is required with every change in regulation, adding liability instead of reducing it.

When it comes to using automation to analyze regulatory text — a job that once could only be done by humans — how the technology works is just as crucial as the output of that technology. As all those who work in compliance know, it is not only the destination that matters, but how you got there. 

Granularity: a crucial new concept in regulatory technology

Click here to read more about how Ascent delivers granular obligations.

The magic is in our method

To understand why Ascent’s RegulationAI™ outperforms other solutions, it is important to first understand how it works. 

Ascent’s team of engineers, data scientists, and compliance officers have spent years building, training, and optimizing the algorithms that power our platform, which are built using machine learning and natural language processing technologies. Only about 35 percent of any body of regulatory text contains an actual obligation (the rest consists of definitions, clarifications, and other ancillary information) and an even smaller percentage of those obligations apply to any particular business. Our algorithms are trained to spot the difference, and immediately get to work parsing out the text into obligations and non-obligations. 

The output of this process is then verified by our in-house compliance experts as part of our humans-in-the-loop process. Their insights then get fed back into the system, making the algorithms that much smarter and more accurate as time goes on.

The output of this process is then verified by our in-house compliance experts as part of our humans-in-the-loop process. Their insights then get fed back into the system, making the algorithms that much smarter and more accurate as time goes on.

Targeting obligations to you

Once the regulatory text has been decomposed and quality-assured, our RegulationAI™ has nearly everything it needs to do its magic. The last step is input from you, our customer. 

In order for our RegulationAI™ to deliver the obligations that apply specifically to you, it needs to know some key information about your business; for example, what types of products or services you offer and in which regions you operate. This step takes the form of an online questionnaire. Once this questionnaire is complete, our RegulationAI™ rapidly maps regulation to your business profile, providing you with a clean, complete, and streamlined register of obligations in minutes. 

The true value of granular obligations

Because of how our RegulationAI™ breaks down regulatory text, we are able to offer obligations at a granular level. This means that every obligation delivered to you is the individual requirement imposed on your business, not an entire rule or large block of regulatory text that you must further analyze. Furthermore, every obligation automatically updates as rules change and is linked to the specific rule it came from, so you have full traceability into how your obligations were derived.

How Ascent’s RegulationAI™ works is the key difference that sets our technology apart. It is the reason we can provide obligations that are precise, down to the line level of regulation. It is the reason we can map obligations to your specific business with unmatched accuracy. It is the reason why we can analyze the regulatory landscape and identify the rule changes that are relevant to you, and then connect them to your existing obligations so you are never dealing with outdated information.

Do great business while minimizing risk

With the power of RegulationAI™ at its core, Ascent provides regulatory knowledge that is tailored to your company so you can effectively reduce risk and avoid regulatory infractions that could set your business back. Unlike legacy technology implementations or traditional service engagements that might take many months and thousands of dollars, Ascent has $0 implementation fees and can be set up in days. 

Great technology enables and enhances your team. With Ascent, you can shift your focus to developing a proactive, scaleable compliance strategy that makes your business more competitive  — without the constant worry of accidentally missing an important update or keeping records that will stand up to regulator scrutiny. 

Enjoy this article? Subscribe to receive fresh ideas on how to leverage automation for stronger, more efficient, and more cost-effective compliance. 


The Not So Hidden Costs of Compliance

By Blog

The average financial firm has six lines of business to monitor, with each having their own set of goals, restrictions, and regulatory requirements.

To keep up with the rising tide of regulation, firms often have little choice but to throw more people, time, and resources at the problem, which can add up quickly. In this article, we highlight the growing costs of compliance – and non-compliance – for financial firms.

What Financial Firms Spend on Maintaining Compliance

How can one calculate the cost of compliance? One option, perhaps the most straightforward, is to look at the grand sum total for key markets in the industry. The Asian-Pacific, European, Middle Eastern and African, Latin American, and North America markets spend about $181 billion per year on maintaining financial crime compliance. That number is impressively large —even incomprehensible – but it hides the burden placed on each individual firm.

50 percent of respondents to a Risk Management Association survey said they spend 6-10 percent of their revenue on compliance costs. Large firms report that the average cost of maintaining compliance runs approximately $10,000 per employee. Global banks and large brokers that have upwards of 20,000+ employees could end up spending a staggering $200 million+ in compliance every year. While smaller firms like RIAs and broker-dealers may spend less overall, the burden of regulation can still act like a regressive tax that disproportionately eats a larger portion of their bottom line.

Though startling, even these numbers show only a static snapshot. They fail to capture the acceleration of regulatory change and the level of regulatory complexity, which have both exploded over the last decade. Regulatory change has increased 500 percent since the 2008 global financial crisis and, unsurprisingly, has heightened regulatory costs in the process. Compared to pre-crisis levels, retail and corporate banks have seen operating costs spent on compliance shoot up 60 percent.

Cost of Regulatory Compliance

Regulatory change has reached such a superhuman pace that many firms simply cannot keep up. Instead of making informed decisions based on a deep understanding of their specific compliance requirements, Risk and Compliance teams are too often forced to make a best guess based on a fragmented and incomplete view of their regulatory environment. However unintentional,  this often leads to compliance failures and increased costs of non-compliance.

What Financial Firms Pay for Non-Compliance

The cost of non-compliance is most notoriously understood via the jaw-dropping fines issued by regulatory agencies every year. U.S. banks alone have been fined a staggering grand sum of $243 billion since 2008. s. 

The pace of these fines shows no signs of slowing down. 

In 2019, the Securities and Exchange Commission (SEC) alone issued 862 enforcement actions, ordering those in violation to pay more than $4.3 billion combined.

But fines actually represent the smallest cost of non-compliance for firms. Over a 12-month period, the average fine for an enforcement action is $2 million, compared to the average cost of business disruption due to an enforcement action at $5 million, the average revenue lost at $4 million, and the cost of lost productivity at $3.7 million.

In total, firms spend almost $15 million on the consequences of non-compliance. That’s 2.71 times higher than what firms typically pay to stay in compliance by building strong compliance programs. 

This difference, while dramatic, should not be surprising. After all, the system is designed to incentivize firms to comply or risk being heavily penalized. Therein lies the compliance conundrum: in an environment where the pace and complexity of regulation is increasing to a point where people cannot possibly keep up, how can firms expect to avoid the expensive consequences of non-compliance? 

‘Expense’ does not only refer to monetary loss. The true cost of non-compliance is the reputational damage that it can cause both for your organization and your compliance personnel alike. 

A study from ECGI showed that stock price reactions of negative press were 9x larger than the penalties themselves. 

According to a Deloitte survey, 87 percent of executives rate reputational risk as more important than other strategic risks. These executives say that the areas of their business that were impacted the most after a negative reputational event were revenue (41 percent), loss of brand value (41 percent), and regulatory investigations (37 percent). In line with these concerns, a study from ECGI showed that stock price reactions of negative press were 9x larger than the penalties themselves. 

Legislation in recent years such as the Yates Memo in the U.S., the Senior Managers Certification Regime (SMCR) in the U.K., and the Banking Executive Accountability Regime (BEAR) in Australia have made it clear that senior executives can be held personally liable if their firm is found to be non-compliant.

READ ARTICLE: The Evolution of Personal Liability


Preparing for the Next Normal

As financial firms prepare for whatever the future might hold, many will be looking to trim costs wherever they can. Yet in one department — Risk and Compliance — costs are clearly continuing to rise. As Boards continue to scrutinize compliance even further, businesses should consider the right balance of people, process and technology that will allow them to make the most of their resources. 

READ ARTICLE: How Ascent Helps Financial Firms Slash Compliance Costs