Skip to main content
Tag

digital disruption

Jan 28
Love1

The Rise of Data Privacy Regulation and How RegTech Can Help

By Blog, Featured

(7 min read)

If data is money, it’s often left sitting out in the open.

Ascent founder and CEO Brian Clark has a hypothetical question he often likes to ask new people when meeting them: If you were given a giant bag of money, what world problem would you solve? 

Homelessness, poverty, world hunger — there are ample crises to choose from. But what Brian’s really interested in is your answer to his second question: If that bag of money were then taken away, and you were instead given a giant bag of data, what problem do you solve now and how do you do it?

The implication, of course, is that ultimately the two bags equate to the same thing. They’re both resources. And as technology has revolutionized our ability to capture and analyze huge troughs of data, big data has in turn become an increasingly powerful resource and disrupted industry after industry.

And much of that disruption has come at a price.

Facebook, Equifax, Yahoo! — these are just a few of the massive data breaches that have happened over the last handful of years. As companies have collected more and more data, they have not always taken the proper precautions to protect that data. In the terms of our original analogy, if data is money, it’s often left sitting out in the open.

As a result, we have seen a number of large new data privacy regulations come into play recently, with many more on the horizon. Like all things related to big data, these regulations have been extremely hefty, sometimes to the point of seeming overwhelming. But we would argue that they don’t have to feel this way.

In this article, we dig deeper into the rise of data privacy regulation, examining the major new regulations that have recently come into play, the way these regulations are transforming the compliance function, and how RegTech can help transform them from overwhelming obstacles into exciting opportunities.

READ CASE STUDY: How a Global Top 50 Bank Secured Its GDPR Obligations Using Ascent

 

GDPR: The Game-Changer

The modern age of data privacy regulation was ushered in by four letters: GDPR. The first significant update to Europe’s data protection rules since the 1990s, GDPR (or, the General Data Protection Regulation) serves as both the core of Europe’s digital privacy legislation and as the benchmark the rest of the world began comparing their data privacy policies against.

First introduced in 2012 and then argued over until it was adopted in 2016, GDPR finally came into effect in May of 2018. The regulation was revolutionary for its emphasis on citizens’ rights. It was designed to give EU citizens control over their personal data, as exemplified by the eight rights for individuals within the regulation. These rights include giving EU citizens easier access to data companies hold about them, laying out fines for the failure to do so, and requiring companies to receive consent from individuals before collecting their data. 

There are many more details to the 99 articles in the regulation, but it’s these individual rights that caught a lot of public attention, both for the burden they placed on companies and the pop-up banners they created on our web browsers

GDPR came to seem so ubiquitous because its obligations applied not only to companies headquartered in the EU, but to any company gathering the personal data of an EU citizen. In the borderless age of the internet, this more or less meant any company with a website that tracked any information about its visitors

Of course, the EU wasn’t likely to chase down every mom-and-pop shop around the world that failed to comply with GDPR regulations. But the breadth and depth of the legislation acted as a standard-bearer, telling companies and countries it was time to update data privacy regulation for the twenty-first century. It would only be a matter of time until other countries followed suit.

CCPA: GDPR Hops Across the Pond

That most notably and recently happened in the US with the California Consumer Privacy Act (CCPA). The CCPA, which was just implemented at the beginning of this year, brought similar GDPR-like obligations to the US, including consumer rights related to the disclosure of personal information and requests for personal data

The CCPA affects a significant number of companies. It applies to businesses that either exceed a gross revenue of $25 million, gain 50% or more of their annual revenue by selling consumer’s personal information, or that buy, sell, receive, or share personal information of 50,000 or more consumer households.

Like GDPR, the CCPA is similarly focused on consumer rights, including a section known as data subject requests, which grants users the right to access or delete the personal information a company may have about them.

And — just as GDPR acted as the data privacy blueprint for the rest of the world — the CCPA is acting as the blueprint for the rest of the US. A number of other states are quickly catching up:

  • Washington State currently has a bill with requirements and fines drawn straight from the CCPA currently working its way through the state senate and house.
  • New York, in typical coastal one-up-manship, recently introduced an even more comprehensive bill into its state senate, which disregards the CCPA’s revenue requirement for covered entities.
  • Nevada actually implemented privacy legislation a few months before California, but its definition of “sale” resulted in a law that was narrower and more lenient on financial institutions.

The Changing Role of the Compliance Officer

The above litany of legislation, without any guiding federal framework, is a significant challenge for companies, especially those transacting business across the country. This patchwork of regulation means, for simplicity’s sake, companies often have to comply with the strictest requirements of any one regulation, even if it doesn’t necessarily apply to all the states where they are doing business. That is, of course, assuming companies and Compliance Officers can keep up-to-date on the waves of new regulation constantly being released and updated.

But in another light, these new data privacy regulations actually represent an opportunity for Compliance Officers

These regulations could help raise the visibility of the compliance role at companies, especially those that might have dismissed data privacy as not relevant to their day-to-day. That’s because compliantly following these privacy regulations is going to require companies to make real changes in their policies and procedures and in their corporate culture — all of which are crucial aspects of the compliance role. 

As companies update and overhaul internal procedures accordingly, Compliance teams will need to play an integral role in developing business processes to ensure that personal data is being managed compliantly.

But for Compliance teams to do that, they will somehow need to keep current with the massive amount of new regulations being rolled out and find a way to quickly and concisely understand how those regulations relate to their policies and procedures. Between the hefty laws already in place and the long list of those in process, this can seem like an insurmountable task.

Technology, though, provides a path forward.

READ ARTICLE: How Your Peers in Financial Services are Tackling 3 Big Compliance Issues

 

RegTech Offers the Key to Data Privacy Regulation

RegTech (Regulatory Technology) is an emerging industry of companies leveraging machine learning, natural language processing, blockchain, AI, and other technologies to solve the challenges of regulatory compliance. These technologies offer a way to leverage the big data of regulatory compliance to help solve the problems of data privacy regulation.

In a recent case study, one global Top 50 bank tried to identify its obligations under GDPR within one of its business units. The bank had a lack of clarity around which aspects of GDPR it was required to follow, and it attempted to solve this problem via a traditional solution: hiring a consulting firm.

The consulting firm, though, proved expensive and inaccurate. The firm missed a number of obligations and the bank was forced to hire a second consulting firm to correct those initial mistakes — adding duplicative costs. It was in the midst of this frustrating process — causing costly mistakes and creating continued regulatory uncertainty — that the bank decided to try a different approach.

The bank partnered with Ascent, an AI-powered compliance automation solution. At Ascent, our proprietary RegulationAI™ technology generates the obligations that apply to our customers, helping banks and other financial firms reduce risk and gain confidence in their compliance programs.

RegulationAI™ was able to generate a complete obligations register in mere minutes and at a 99% cost savings. This technology — a true innovation in RegTech — leverages machine learning and natural language processing to ingest hundreds of regulations and then rapidly determine which obligations apply to your business — with zero manual effort from you.

Rather than the time-consuming, expensive, and inaccurate results it had received before, the bank now had all its obligations in an easy-to-read digital format, produced with significantly lower risk of human error.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

Secure Your Obligations with Ascent.

The complexity of data privacy regulation is likely only going to increase in the future. But you don’t have to drown in regulation. Ascent can help you leverage technology to make this fast-paced world of digital disruption work for you.

LEARN MORE: Click here to learn about Ascent Solutions

 

Want to receive more articles like these? Subscribe to our monthly Cliff Notes newsletter.

Subscribe


Jan 20
Love1

Open Banking: What It Is, Why It Matters, and How RegTech Can Help

By Blog, Featured

If open banking lives up to its promise, it could revolutionize modern banking and simultaneously usher in waves of new regulation and compliance changes.

Digital disruption is burning through almost every sector of our modern economy, creating exciting new opportunities while also unleashing chaos on long-established ways of doing business.

Banking is one of digital disruption’s latest beneficiaries, and one specific trend has been causing a lot of buzz: open banking. It’s a topic that, if it lives up to its promise, could revolutionize modern banking and simultaneously usher in waves of new regulation.

In this brief primer we’ll break down what open banking is, why it’s making so much noise, and how technology can help solve the compliance challenges technology has created.

What is Open Banking?

Broadly, open banking is a banking practice that gives users the ability to grant third-party financial service providers access to their financial data. 

The basics of open banking have been around for a few years now — the same principles can be found in budgeting tools like Mint or YNAB. But historically, apps like these have used a process known as “screen scraping” — where users give the budgeting app their bank username and password so the app can then “scrape” their financial information from the bank’s site. What is generating all the excitement around open banking now is the possibility to extract this information by instead using an API.

APIs (or, application programming interfaces) are a way for third-party providers to plug directly into an app or web service. So rather than giving Mint your bank username and password, you would instead grant it authorization to access your bank information, which Mint would then connect to directly through the API. 

So why is an API so much more powerful than screen scraping?

Because for one, you don’t have to share your username and password with third parties, whose cybersecurity protocol might not be robust as your bank’s. Also with an API, if the username or password is changed, the connection isn’t broken. And the process is significantly more efficient for the third party, who now has direct information to the data they want, rather than having to scrape it from another source, reformat it, and then ingest it.

But open banking’s most exciting opportunities extend far beyond budgeting apps.

What open banking really allows for is a more efficient and secure way to share financial data. 

When looked at from this perspective, the possibilities start to become industry-shaking opportunities. Here are just a few examples:

  • The labor-heavy process of getting a loan, currently requiring the lendee to pass off reams of financial statements and information to a lender, who then has to ingest those materials, could become significantly easier for all parties involved. An API would allow lenders to have more efficient access to up-to-the-minute information with much less work from the lendee, and would allow lendees to only share the information relevant to the lender.
  • Aggregation tools are already making money management a much simpler, more cohesive process. Existing solutions allow investors to get a truly holistic view of their investment portfolio, even if assets are custodied at different institutions. And emerging solutions are revolutionizing how investment advisors interact with custodians, how they analyze client data, and how they present to clients.
  • The complicated payment system that exists today is also starting to be streamlined. APIs are now connecting developers with payment systems, and it could soon become possible to make payments directly out of a bank account rather than needing an acquirer to process payments via a credit card company. This would limit the number of times user data needs to be shared and reduce costs for both vendors and customers.
  • Accounting solutions for both businesses and consumers are emerging that would make the process more efficient and less costly. Businesses will be able to benefit from bookkeeping applications that can plug directly into their payments feed and consumers could see a cheaper and easier tax-preparation process.

The great promise of open banking is that it liberates your data from being held solely at one financial institution in order to make it available to companies of your choosing. Ultimately, it will take some time before the benefits of this are truly understood and realized.

Regulating the Open Banking Revolution

As these benefits start to come to light, though, they will not be without risks. For example, direct access to user data, even if theoretically more secure than current practices, is an unsettling idea. And digital disruption within any industry can be chaotic, as rules and best practices become upended, outdated, and replaced. That’s why the open banking revolution is certain to be accompanied by new regulations designed to help protect consumers. 

The European market already offers a preview of those regulations — and the challenges that come with them.

The second Payment Services Directive (PSD2) was rolled out in Europe by the Competition and Markets Authority as a way to spur more innovation and competition in the banking sector. In recognition of the opportunities presented by open banking, PSD2 required enterprise banks to make their data available in a secure, standardized form, so that third-party providers (TPPs) could plug into and leverage that data through APIs.

Banks were given until March 2019 to provide TPPs with a simulated bank environment where they could test their APIs before they became fully operational in September of that same year. And yet over 40% of the European banks missed the deadline.

This is just one example of how, even in the early days of open banking, a significant number of large banks are struggling to meet the demands of the associated regulations. As the effects of open banking are more widely felt, and as wider-reaching regulation accompanies them, the workload on banks and financial firms is sure to only increase. 

New technology, though, can help solve the same problems that new technology has created.

RegTech: Open Banking’s Best Friend

Just as advances in technology are upending the banking industry, they’re also revolutionizing the world of regulatory compliance. RegTech (Regulatory Technology) companies are leveraging machine learning, natural language processing, blockchain, AI, and more to solve the problems of regulatory compliance.

RegTech solutions will be crucial both to new open banking companies looking to quickly get off the ground and to traditional, large banks implementing new solutions to stay competitive in a changing environment. AI-powered regulatory change management solutions can help automate the burdensome tasks of regulatory research and analysis, so banks and financial firms can stay up to date on all regulatory updates — related to open banking and otherwise. And obligations management tools can automatically deliver up a complete obligations register, reducing to mere minutes a task that can take thousands of hours. 

Ultimately, the wide variety of RegTech solutions currently available will allow banks and financial firms to stay ahead of the waves of regulation by quickly and efficiently building a RegTech stack specific to their needs.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

The digital disruption revolutionizing the financial services industry isn’t going to subside anytime soon. And banks and financial services firms can leverage RegTech solutions to help make this fast-paced change work for them.

LEARN MORE: Click here to learn about Ascent Solutions

 

Ready to see a live demo? Get in touch today!


Dec 16
Love1

Forecasting RegTech: 2019 Trends and 2020 Predictions

By Blog

(7 min read)

“RegTech is no longer just for early adopters. We’re starting to see the actual, tangible benefit these technologies can provide.” -Brian Clark, CEO, Ascent

2020 is set to be a big year for the RegTech industry, and the start of an even bigger decade. We’ve seen a significant investment in the RegTech space over the last handful of years, galvanized by the technological advancements that now allow RegTech to solve real problems for Compliance and Risk teams, saving them money and time and reducing risk in the process.

Now on the doorstep of the new decade, we wanted to take a moment to look back briefly at some of the trends we saw in 2019 and peek into our crystal ball as we make a few predictions about the year ahead.

Trends We Saw in 2019

RegTech has crossed the chasm. Last year was the year that RegTech stopped being a thing that was going to happen and started being a thing that was happening. Companies moved past pilots and out of the innovation phase and began operationalizing benefits in a production environment. As Ascent Founder and CEO Brian Clark put it, “RegTech is no longer just for early adopters. We’re starting to see the actual, tangible benefit these technologies can provide.”

The wheat started separating from the chaff. As part of that evolution out of the innovation phase, RegTech ventures either found and connected up with a market demand or they didn’t. And with those that didn’t, we started to see the first handful of failures. Ultimately, this will be good for financial institutions as it will make it easier to identify which companies are truly creating value.

Regulators went on the record about RegTech. This year we also started to see regulators asking firms what they’re doing to leverage RegTech. This is obviously an exciting theme for the RegTech industry, but it’s also exciting for financial institutions. As regulators embrace technology as a viable solution, it should help give Risk and Compliance teams a path forward through the growing and increasingly dangerous regulatory maze. Speaking of . . .

Pressures to comply only increased. Unsurprisingly (and unpleasantly), we only saw more enforcement actions with higher regulatory fines, creating more pressure on Risk and Compliance teams. The FCA kicked off 2019 by levying its largest personal fine ever and ended up filing 160 enforcement actions before the year was over. Not to be outdone, the SEC published a whopping 2,754 enforcement actions this year alone, including 95 against public companies — the highest number in a decade. Just as unsurprisingly: this isn’t a trend we expect to dissipate anytime soon.

The marketplace became even more global. And, because of this, regulations and privacy legislation became more global too. This means that companies operating in international markets have yet more rules and regulations they’re required to be in compliance with. We discuss more below as, like the others above, we don’t think this one is going away any time soon.

Trends We Expect to See in 2020 in the RegTech Industry

Operationalizing will be the name of the game. Moving out of the innovation phase, it will be key for RegTech ventures to lock down operationalizing and scale so that they can answer the very important question they keep hearing from financial institutions: “Can you prove to me this thing actually works?

We’ll likely see still more investment, but done thoughtfully. In the first 3 quarters of 2019 alone,  investment in the RegTech space grew by 103%. We expect we’ll continue to see more funding, but it will be of the middle-stage, thoughtful kind. Now that the ideas are out on the table, investors will be looking to find companies that are demonstrating product fit by acquiring more customers. This will be a tell-tale sign for financial institutions, too, as they evaluate potential solutions.

Look out for a burgeoning ecosystem. As RegTech separates further from FinTech and truly becomes its own industry, we expect to see additional technologies and ventures popping up to create a supportive ecosystem. Financial institutions should keep an eye out for things like consultancies, which can help them evaluate and implement RegTech solutions, and complementary tech like open APIs, which would allow them to plug new solutions into existing systems.

READ ARTICLE: Building RegulationAI: Solving Compliance in the Age of Artificial Intelligence

 

. . . in Financial Services

Brace for the crunch. Increasing cost pressures on both the buy and sell side, shrinking margins, the rise of formidable FinTech and challenger banks — all of these factors are likely to continue, further driving the consolidation trend we’ve seen recently and helping firms realize that, for some of these obstacles, technology offers the only viable route forward.

Increased globalization means increased risk. We expect this trend from 2019 to only get more prevalent and more dangerous. Think of it as a simple risk array: Firms are operating in more marketplaces doing more things with increasingly larger penalties and they’re doing it with the same amount of staff. They can scale up personnel until payroll begins to buckle, or they can turn to technology.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

. . . from Regulators

Big topics will get a lot of attention. Privacy, cybersecurity, and cryptocurrency are all major themes we expect to see regulators continue to focus on in 2020. Additionally, other headline-makers like Brexit will likely cause a lot of activity. And the looming recession(s), if actualized, would kick off more action by central banks, more uncertainty, and a lot more work for regulatory compliance.

No appetite for keeping quiet. The above themes and others seem to be in the news on a near daily basis, giving regulators not just an incentive but a public mandate to become increasingly effective. This comes with the need to be stronger in enforcement actions, one contributor to some of those major fines we’ve seen recently.

Jurisdictional arbitrage is no more. The days when you could choose your jurisdiction according to a region’s regulatory policies are largely over. The globalization of the marketplace means that more financial institutions (including many SMEs) are operating in multiple countries, and so they’re forced to abide by all of the regulatory bodies governing those countries. Compliance and Risk teams are then given the mammoth task of somehow knowing all those rules, keeping up to date on them, and following them — which, for simplicity’s sake, often means universally abiding by the strictest. 

Expect collaboration — but not cohesion — among regulators. While we have seen regulators working together to find and implement technology solutions, don’t expect to see cohesion across their requirements. Even as the marketplace becomes increasingly global, each regulator will have to abide by its own government mandate. After all, they don’t serve the financial institutions they audit but the consumers of their respective jurisdictions. Ultimately, there’s only one way to reconcile the differences between regulatory requirements — via technology.

READ ARTICLE: The Ultimate List of Compliance Conferences and Events

 

What Ascent is Excited about in 2020

Just as 2020 is shaping up to be a big year for RegTech as an industry, it’s looking to be another banner year for Ascent. Here are just a few of the opportunities that have us excited to tackle the new year:

  • We were thrilled to be selected by the Global Financial Innovation Network (GFIN) to pursue a cross-border pilot earlier this year. We believe the opportunity to collaborate directly with regulators could create value for the entire market, helping firms to operate more efficiently and to reduce costs while consumers are better protected. We’re excited to see what the future holds for this initiative.
  • Speaking of excited, we recently raise $19.3 million in our Series B funding round. This investment will empower us to scale and further operationalize our business, and it will be nothing short of fundamental in advancing our mission to reduce the cost of compliance and protect the rule of law. We can’t wait to put the funding to work in the year ahead.

LEARN MORE: Click here to learn about Ascent Solutions

Dec 11
Love1

“But Does RegTech Actually Work?” 3 Ways Financial Firms and RegTechs Can Bridge the Trust Gap

By Blog

(5 min read)

With the right vetting process, it is absolutely possible for you to have confidence in the technological tools you choose to adopt

You’ve just been shown a RegTech demo and the technology is something right out of your dreams. It can save you thousands of man hours, significant amounts of money, and reduce your regulatory risk in the process. There’s no doubt it sounds amazing, you think. But can it actually do all of the things promised?

This is not an uncommon question, representative of the trust gap that currently exists between RegTech companies and the financial institutions they serve. This trust gap is certainly understandable RegTech offers new technology and skepticism is natural whenever that’s the case

Even more importantly, with something as complex and vital as regulatory compliance, financial firms need to be skeptical as they evaluate possible solutions. Consequences for any technological shortcomings can be catastrophic. Why would Compliance and Risk teams take a gamble on something that seems too good to be true?

Because, for one, the opportunities new RegTech ventures present are real and powerful. And for two, because the alternative not adopting technological solutions is far worse. 

If the trends of the last decade continue, the regulatory “tax” firms are forced to pay is only going to increase, and the fines for non-compliance will only grow too. That means firms will have to hire more people to take on more work that could have more costly mistakes. Financial institutions will be forced to adopt new technologies as they offer the only viable path forward. 

But Compliance and Risk teams don’t need to feel stuck between a rock and a hard place. 

With the right vetting process, it is absolutely possible for you to have confidence in the technological tools you choose and to be excited about adopting them. Here are a few strategies we suggest.

1) Educate Stakeholders about the Technology

New technology can often seem like a black box. If you don’t know what’s happening inside that box, it can be difficult to trust that it’s doing what it’s supposed to. But by learning more about how that technology works you can begin to understand it, better evaluate it, and (if it’s the right fit) begin to trust it.

RegTech companies can and should help with this education. At Ascent, for example, our technology helps customers automate regulatory compliance. We do this through our proprietary RegulationAI™ — a “digital brain” that processes and analyzes regulatory text in order to deliver to our customers the regulatory obligations and rule changes that are most relevant to them.  

To help this digital brain not seem like a black box, we educate our customers on how it works. It’s powered by two primary forms of technology: natural language processing (NLP), which helps computers understand human language, and machine learning (ML), which is all about creating models that are designed to learn on their own. 

Once our customers understand how these systems operate together — how, specifically, we use NLP to rapidly analyze millions of lines of regulatory text, which we then feed into our ML models to teach them how to “read” the regulations — they understand how RegulationAI™ is able to deliver up a dynamic obligations register specific to them.

Instead of seeing our technology as a black box, financial institutions can evaluate whether it’s right for them, and our customers can have confidence when using it.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

2) Pilot a Solution First

A pilot can be a great way to let you dip a toe into new technological waters before taking the deep dive. For day-to-day users, a pilot lets them understand from a hands-on level how the solution will fold into their processes. And for decision-makers it lets them see real results before making a full commitment. 

To run a low-stress, high-outcome pilot, we suggest the following three strategies:

  • Clearly defining the goals of the pilot, so you can accurately determine whether they are met or not;
  • Making sure both decision-makers and day-to-day users are on the same page about how the pilot will work and what to expect from it;
  • Obtaining useful feedback in a systematic way both throughout the pilot and once it’s been completed.

At Ascent, we offer our customers the opportunity to test drive our solutions with a low-cost, low-risk pilot. Our Customer Success team is fully engaged throughout, making onboarding as simple as possible for your team while still ensuring you gain a clear understanding of all the ways Ascent can help you achieve your goals.  

3) Collaborate with Other Parties

Here at Ascent, we are big believers in collaboration. We think that a developing space like RegTech will only be empowered by interaction and collaboration between all the parties involved. And we believe collaboration can be key in helping financial institutions gain confidence in different RegTech solutions.

Here are a few ways collaboration can help build trust:

  • Financial institutions can reach out to other institutions that are already using new RegTech solutions to help understand how the technology has been beneficial and learn about any potential pain points.
  • Financial institutions can work with consultancies to help evaluate new solutions and implement them efficiently and effectively.
  • RegTech companies can work with financial institutions to make sure their solutions truly meet the needs of those institutions and to provide educational materials to help institutions develop confidence in new technologies.

In fact, regulators themselves are getting in on collaboration too, as evidenced by groups like the Global Financial Innovation Network (GFIN), an international collection of 35 organizations which serves as a network for regulators to knowledge-share and collaborate on bringing RegTech innovations to bear.

As always, whenever regulators themselves adopt a practice, it’s a good sign that the rest of the market will likely follow suit soon.

READ ARTICLE: Ascent Selected by GFIN for Regulatory Cross-Border Pilot

 

Bridge the Gap with Ascent

At Ascent, our AI-powered solutions help you manage regulatory change with confidence, so you can focus on the high-value activities that matter most, without the constant worry of accidentally missing an important update or keeping records that stand up to regulatory scrutiny.

You don’t have to drown in regulation, and you don’t have to cling to a life raft you don’t have faith in. Find the solution that’s right for you.

LEARN MORE: Click here to learn about Ascent Solutions

 

Modern challenges require modern tools. Interested in seeing how Ascent can help you automate horizon scanning, change management, and obligations management? 

Contact Us


Mar 11
Love1

Digital Disruption: Two Big Shocks to the Industry and What They Mean for Compliance

By Blog

Managing regulatory risk may be business as usual, but the stakes continue to rise.

Few things ramp up pressure on compliance officers more than industry “shocks” — high-volume, high-impact dislocations in the marketplace that render existing regulation inadequate (at best) and cause both regulators and businesses to scramble to put new controls in place.

In this article, we discuss two emerging shocks to the financial industry and how they impact compliance.

Shock #1: The Tech-Fueled Great Acceleration

Technology is at the root of virtually every recent shock to the financial industry affecting compliance.

For awhile, incumbents saw tech as a band-aid for legacy problems and inefficiencies. Now, however, technology is viewed as the necessary bedrock of the industry.

This mindset drives the financial industry toward a Great Acceleration: faster, more efficient interactions with clients and counterparties, faster flow of capital between institutions and across borders, and faster execution of trades and strategies.

Regulators and Firms Struggle to Keep Pace

For compliance departments, the Great Acceleration poses a huge risk.

The fact that regulators (and even many market participants) are still coming to grips with new technologies and products – e.g., AI, blockchain, cryptocurrencies, data privacy, and cybersecurity – will not slow the pace of innovation.

Existing regulations will increasingly fail to respond to market conditions, making compliance difficult by virtue of a frequent disconnect between market rules and practices.

What’s more, as markets continue to innovate much faster than regulators can respond, new regulations will grow obsolete faster and faster.

One area in which the Great Acceleration has caused particular pain for compliance officers is the realm of “know your customer” (KYC) and other anti-money laundering (AML) compliance obligations. Investigative and reporting obligations have turned compliance departments into what amount to private law enforcement operations.

Already, firms face substantial fines for working in embargoed or sanctioned jurisdictions. As the volume and speed of trades and capital flows increase, these compliance and investigative obligations will continue to trend toward greater complexity and risk.

RegTech Boosts Compliance Speed and Efficiency

RegTech solutions can help relieve the shock of the Great Acceleration by doing in minutes what would take humans hundreds of hours.

For example, AI-driven technology can help regulators understand their impact across regions more quickly, making rule-making potentially more efficient and effective.

Similarly, RegTech has a massive role to play in helping financial firms pick through  increasingly detailed and onerous regulations that often (albeit unintentionally) suppress value-creation to a far greater extent than they deter wrongdoing.

Emerging solutions will help firms automate KYC data collection, monitor capital flows and trading patterns, and report suspicious behavior to regulators and prosecutors.

Shock #2: The Shift to an All-Digital Environment

Another significant shock we’re experiencing in the financial world involves the tidal-wave shift in consumer demand toward a “digitally native” investing and financial management experience.

The FinTech boom has begun to transform entire business models by catering to that demand. Businesses have a choice to either stagnate or adapt to meet the needs and changing expectations of new customers.

No Market Niche Left Untouched

It’s difficult to overstate the breadth of change the demand for a fully-digital experience will continue to bring to the marketplace.

As it has in so many other industries affected by the digital revolution, the shift to an entirely digital mode of accessing and consuming financial products and services will require firms to innovate and re-create physical goods and services in the digital realm.

The shift has already spurred entirely new business sectors in banking (e.g., challenger “virtual” banks), money (crytpo, obviously), and payments (which grew so large, so fast, it already feels like a mature business model by today’s standards).

With the exception of the early “e-banks,” none of these businesses existed at the turn of the century, and many weren’t even around at the beginning of the 2010s.

RegTech Leverages AI to Reshape Compliance Roles

For every market sector and asset class affected, the rate and pace of regulatory changes and downstream compliance efforts will also increase, putting pressure on compliance departments to keep up.

That won’t be easy.

Firms will face difficulty following, tracking, and complying with all the new rules and regulations that emerge. The sort of over-regulation typical of an industry in transition seems inevitable, as does the risk of harsh penalties for non-compliance.

The only way to stay ahead of the frequency and growing complexity of regulatory change, and to protect firms from feeling the wrath of regulators, will be to shift much of the work traditionally done by humans onto machines.

The function of human compliance staff must change from rote collection and manual sifting of data to higher-level review and analysis of machine-generated reports.

AI and natural language processing will take over the heavy lifting of analyzing regulatory text, freeing up compliance officers to concentrate their efforts on relationship-building and overseeing the safety of the firm from the perspective of strategic decision-making.