Skip to main content
Tag

machine learning (ML)

Feb 25
Love2

9 Common RegTech Questions, Answered

By Blog

As a young industry, RegTech often gives rise to a host of questions — everything from “what is it?” to “how does it work?” to “how will it affect me?” We’ve collected a handful of the more common ones and answered them below.

Have a question that’s not on our list? Drop us a line at marketing@ascentregtech.com and we will be happy to help answer it!

What does RegTech mean?

RegTech (Regulatory Technology) is the application of emerging technology to improve the way businesses manage regulatory compliance. 

RegTech companies can be established GRC (Governance, Risk, and Compliance) platforms, startup companies, and everything in between. They are united by their use of new, groundbreaking technology in the service of solving the problems of regulatory compliance.

As an industry, RegTech has emerged over the last few years to address the rising tide of regulation and its growing complexity. To learn more about the history and future of RegTech, check out our comprehensive guide, “What is RegTech?”

READ MORE: What is RegTech?

 

What are the benefits of RegTech?

For financial services, the benefits of RegTech are substantial:

  • Efficiency gains — As regulation continues to grow, it becomes nearly impossible for compliance personnel to keep up without the aid of technology. Technology, capable of processing a high volume of data at incredible speeds, can quickly parse and analyze raw legal text and extract valuable insights. 
  • Greater accuracy and comprehensiveness — Manual, siloed processes tend to create gaps in the compliance operation, leading to human error and increased exposure. Implementing the right technology (and integrating those technologies thoughtfully where necessary) shores up gaps and creates a streamlined compliance process.
  • Greater internal alignment — Technology tools enable greater transparency throughout the business, connecting once siloed people and processes. The result is better insights between business units that can be shared faster, which also leads to a stronger culture of compliance.
  • Improved risk management — Many RegTech tools help protect against various types of risk, including market abuse, cyber attacks, and fraud, by monitoring systems and alerting personnel to suspicious activity.

READ MORE: How Ascent customers reduce risk, slash costs, and save time

 

What is end-to-end compliance and how does RegTech fit in?

End-to-end (E2E) compliance is a fully traceable process that connects external regulatory events to a business’ specific obligations, then all the way through to that business’ internal controls, policies, and procedures. In an ideal world, E2E compliance leverages automation and other technologies to create a complete functional system of compliance. To achieve E2E compliance, different RegTech solutions can be used together (often referred to as a ‘compliance technology stack’) to create a seamless process that automates rote work, connects once-disjointed processes, and supports a robust compliance framework.

With a properly implemented E2E system, businesses could 1) be alerted to relevant new rules or changes to existing rules, 2) be directed to the exact parts of their internal controls or P&Ps that are impacted so team members can make the appropriate changes, 3) manage their obligations digitally including assigning work and tracking progress against deadlines, 4) easily produce records of their compliance activities, and 5) generate useful reporting dashboards. 

Again, due to the complexity and nuance of regulatory compliance, one-size-fits-all solution. Rather, compliance leaders should take a modular approach to building a technology stack that meets the firm’s unique circumstances and objectives.

What kind of tech stack should I consider for my compliance framework?

Compliance and Risk professionals are responsible for not only determining what their firms’ regulatory framework is, but also how to maintain it once it’s set. Thankfully, there are a number of solutions within the RegTech universe that support this effort and can be combined into a comprehensive, end-to-end tech stack. The key is to know which ones to bring into your tech stack in the first place, so here are a few types of solutions to consider:.

Regulatory content tools are situated at the beginning of the compliance process. They typically take the form of a content library, feed, or resource center. Content tools consolidate documents published by regulators into one platform (including the laws, enforcement actions, guidance, rule updates, and more), making research and horizon scanning more efficient. Leaders in this space include Thomson Reuters Regulatory Intelligence, LexisNexis and Reg-Room.

Regulatory knowledge automation is technology that bridges the gap between the raw data of regulatory content and actionable insight. Market leader Ascent, for example, generates the regulatory obligations that pertain to your specific firm based on key factors like what type of financial entity you are, what services/products you offer, and where you operate. Ascent then automatically updates your obligations as rules change. This targeted regulatory knowledge allows compliance personnel to know exactly what the firm must comply with at all times, without the manual effort. 

GRC (governance, risk and compliance) platforms help operationalize compliance and often house all of a firm’s regulatory information, including obligations, controls, policies and procedures. Workflow capabilities allow users to track and manage their compliance efforts. Leaders in the space include LogicGate, MetricStream, IBM OpenPages, and RSA Archer to name a few. 

Point solutions cover a wide swath of RegTechs, helping firms execute compliance in a compliant way or assess compliance with an obligation or control. These could include (but are not limited to) trade monitoring, portfolio risk, know-your-customer, anti-money laundering, operations risk management, and cybersecurity tools. Point solutions are more limited in scope than regulatory knowledge automation or GRC solutions, but when they meet the right need they can provide substantial value.

READ MORE: The first (and most difficult) step in setting a regulatory compliance framework

 

What technologies do RegTech solutions use?

RegTech providers leverage a wide variety of emerging technologies. Here are a few of the most common:

  • Machine learning (ML) is the application of algorithms that improve automatically through experience. Rather than being specifically programmed to complete a task, ML models are fed large amounts of data, which they use to learn and improve on their own. In regulatory compliance, ML models can process large amounts of regulatory data and gradually draw conclusions about that data, becoming more and more accurate over time.
  • Natural language processing (NLP) is the field of using computers to process and analyze human language. In compliance, NLP can parse the unstructured raw text of regulation and reorganize it or otherwise transform it so that people can retrieve meaningful insights. 
  • Blockchain is a digital record of transactions, most often associated with cryptocurrencies. Blockchain has many other purposes however, such as enabling the secure sharing of know-your-customer data within or between organizations for compliance purposes.
  • Robotic process automation (RPA) allows users to configure metaphorical “robots” or “digital workers” to replicate the actions of a human in a digital environment in order to complete a business process. RPA tools can automate laborious manual processes, like the production of hundreds of disclosures that asset management firms are required to generate throughout the year.

READ MORE: RegulationAI™: World-Class Technology Built for Compliance

 

What’s the difference between RegTech, FinTech, and SupTech?

RegTech leverages emerging technology to create tools focused on solving the challenges of regulatory compliance. While the majority of existing RegTech solutions are currently focused on the world of financial regulation, RegTech could also be leveraged for other regulated industries — for example, healthcare.

FinTech, short for financial technology, is the application of technology to solve problems or create new value in financial services. Examples include crowdsourcing platforms, mobile payments, cryptocurrency, robo-advisors, budgeting apps, or the use of open banking APIs. Recently, digital banks that operate purely online with no physical locations are also being referred to as FinTechs. 

SupTech, short for supervisory technology, is the application of emerging technology to improve how regulators conduct supervision. Just as RegTech leverages technology for regulated companies, SupTech leverages technology for the regulators.

READ MORE: What is SupTech and how will it change compliance?

 

Can RegTech help me with specific regulation like GDPR?

The rise of data privacy legislation like GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act) have added necessary protections for consumers but have increased financial institutions’ already significant regulatory burden in the process. Depending on what you are trying to achieve with specific regulation like GDPR, RegTech offers various solutions. 

There are many point solutions that help firms execute GDPR-compliant behavior. For example, UserCentrics helps firms obtain customer data in a transparent way. Syrenis provides one central platform to manage personal data, legal basis for obtaining that data, consent, and marketing practices. GDPR365 is a compliance assessor that offers guidance on what security weaknesses need to be fixed.

To understand what your organization’s obligations are under GDPR (or any other regulation), look to regulatory knowledge tools like Ascent. Ascent’s AI-driven technology pinpoints the GDPR obligations that your firm must comply with, then updates them automatically if the rules change.

READ MORE: How a Global Top 50 Bank Secured Its GDPR Obligations Using Ascent

 

How can I use RegTech to help my firm ease compliance burdens?

There are many use cases for RegTech, but here are some of the most common:

  • Horizon Scanning — monitoring regulatory developments including rule updates, guidance, and any other communications from regulators to better understand potential threats and opportunities.
  • Identifying Obligations and Changes — conducting regulatory analysis (also referred to as regulatory mapping) to understand which obligations or requirements your business must comply with. These obligations must then be routinely updated as rules change.
  • Compliance Management — managing your daily compliance activities and aligning them with the broader framework of regulatory strategy and process.

Finding a solution for these use cases can be challenging since the RegTech space is vast and each solution facilitates a different part of the compliance process. Breaking the RegTech landscape into these four categories makes it easier: 1) Regulatory content tools, 2) Regulatory knowledge automation, 3) GRC platforms, and 4) Point solutions.

For the examples above, the solutions for each use case vary:

  • Solution for Horizon Scanning: A regulatory content provider such as Thomson Reuters Regulatory Intelligence helps save time with horizon scanning and research.
  • Solution for Regulatory Obligations: A regulatory knowledge provider such as Ascent identifies your obligations and keeps them updated as rules change. This targeted regulatory knowledge can also be used to understand downstream impact. For example, a rule change identified by Ascent can be used to trigger alerts or workflows related to that rule in your GRC or other compliance management platform. 
  • Solution for Compliance Management: A GRC or other compliance management system such as LogicGate or IBM OpenPages allows you to house and project manage your compliance activities, including assigning tasks, tracking progress against deadlines, and managing any internal documentation such as your controls, policies and procedures. Ascent’s granular obligations can be seamlessly fed into these systems so your regulatory data and activities are monitored, tracked, and managed all in one place.

If you are looking to accomplish all of these use cases, it is likely that your compliance operation requires multiple solutions, combined to create a full-scale compliance technology stack.

What questions should I ask a RegTech vendor that leverages “AI”?


What kinds of AI technologies do you use, and why?

First, brush up on machine learning and natural language processing basics so you can follow the vendor’s response. You do not need to be an AI expert; a good vendor will be able to explain their process in a way that any business leader can understand. What’s important is that you get a clear picture of how the specific technologies and approaches used create business value for you. Is the vendor using “AI” as a flashy marketing term, or is it actually integral to the solution?

Where are you getting the data that is training your algorithms?

Good AI tools require significant amounts of quality data – as they say, ‘bad in equals bad out.’ The vendor should be able to explain how they are ingesting regulatory text (did they build an ingestion or scraping tool, or are they white-labeing another product?), from where (the best case scenario is that the vendor is pulling straight from official regulatory websites), and at what frequency (this should be reasonably frequent so you know you have the most up-to-date information at any given time). The vendor should also be able to explain the quality-assurance process that ensures all intended data points are properly captured. 

Are there humans involved in the training of your algorithms, and to what degree?

In many industries, the notion of humans-in-the-loop (meaning the technology is not 100% machine-driven; humans are still involved in some part of the process) is considered a negative sign because it means “that the tool isn’t really AI.” The compliance industry, however, is unusual in that a humans-in-the-loop process is considered a positive. Why? Because the world of regulatory compliance is so nuanced and complex, that AI solutions are far better when trained and QA-ed by human experts in regulation and law. This does not mean that all AI-driven RegTechs require humans-in-the-loop to be great tools, but the vendor should be able to explain why they do or do not involve people in the process.

Who is held liable if your solution fails?

This question is as important for you as it is for the vendor. Because this issue exists in a legal gray area, you must carefully weigh the risk of implementing any new solution (AI or not). A good AI vendor will understand why this is a concern, and should show evidence of a strong model risk management framework, rigorous internal controls, and most importantly be completely transparent about what the solution can and cannot do. If it sounds too good to be true, it probably is. 

*Ascent offers a performance guarantee for its AI solution that is backed by an insurance cover from Munich Re Group. Read the case study to learn more.

We recommend checking out these articles to continue learning about RegTech and how it can be applied throughout the compliance process:

Want to receive more articles like these? Subscribe to receive helpful content designed to help you win at compliance.

Mar 25
Love0

What makes a good RegTech partner: fit and scalability

By Blog

Finding the right RegTech partner can be difficult. So we sat down with an industry expert to get his take on how he evaluates vendors.

As an expert in regulatory change management, Vincent Schultinge has seen the evolution and impact of regulation on financial firms firsthand. So, naturally, he has also been drawn to the niche industry that emerged to try to solve these RCM challenges—RegTech. 

Now, in his current role as a senior RegTech consultant at ING, he is responsible for defining, developing and implementing RegTech innovation throughout the ING organization. During his sit-down with Ascent, Vincent shares:

  • His perspective on what makes a good RegTech partner
  • What methodology ING follows when looking to implement a RegTech partner
  • How making machine readable regulation will open doors for the future of RegTech

Editor’s note: This interview has been lightly edited for clarity.

Using RegTech Maturity as an Evaluation Benchmark

To Vincent, managing regulation is a task that’s too fluid and too risky to put into the hands of new-to-the-market solutions. Here’s how he considers the maturity of RegTech.

When assessing a RegTech provider, you want to make sure it fits your business’s demands. I have a firm belief that we should strive for market standard solutions. Therefore I look to see whether a RegTech has the potential to become a market standard for their solution or offering. Once we have measurable results from a Proof of Concept (PoC), then we can decide if a RegTech is suitable for our purpose or not.

The way we assess RegTechs differs from the way we look at other vendors. Due to constant regulatory oversight as a bank, we have less freedom to experiment. For many business cases we will look for parties that are more mature and that have, for example, delivered the equivalent product to our peers or are engaging in sandboxes with regulators.

 

Being Able to Audit RegTech’s Black Box

Vincent believes that “auditability” is a key factor that firms should also consider when determining whether or not to work with a RegTech provider.

Providers should always be able to explain and demonstrate how their machine learning works. For risk and compliance teams, auditability of machine learning is absolutely key. If you can’t audit a technology solution properly, especially a machine learning solution, it becomes Pandora’s box. Not to mention that regulators won’t accept anything less than full transparency.

 

Aligning Around a RegTech Provider

At ING, Vincent’s team relies on what they call “PACE” methodology when considering what RegTech solution to implement.

Whatever methodology you are using to implement RegTech, you have to be consistent, thorough, and constantly verify that you are doing the right thing. 

At ING, we use our in-house PACE methodology for the delivery of innovation. This applies to our delivery of RegTech as well. With PACE, we combine Design Thinking, Lean Startup and Agile Scrum into a single process. PACE consists of five stages being: discover, problem fit, solution fit, market fit and scaling. 

For us this works really well and we gained a lot of traction with this in the organization. On top of PACE methodology at the whole of ING we practice an agile way of working. This helps accelerate the way we set up PoCs as well as other partnerships. 

 

Unlocking the Value of RegTech

For RegTech to truly be effective, Vincent has learned that it’s important to first have a culture of innovation prior to implementing a solution.

It is essential that you have business owners with the right mandate and budget who are convinced by the usage of technology. Business and innovation teams have to be able to establish the demand and create strong use cases for the application of RegTech. Teams should collaborate in such a way that the business demand and the premise of the solutions are a true match. This will help with validating and demonstrating the benefit of using certain RegTech solutions along the way. Regardless of the size of the firm, you need the right innovative culture and the right appetite from business owners; otherwise, it just won’t work.

 

Using RegTech to Manage Pandemic Woes

According to Vincent, the pandemic has only amplified the need for RegTech.

Regulatory changes keep coming, especially considering that people are working remote and are having to align virtually due to the pandemic. Regulators demand that banks remain in control. So, firms need to be able to monitor upcoming changes in the regulatory landscape by scanning the regulatory horizon as well as assessing obligations and potential risks. This is where having proper tooling in place for horizon scanning and risk assessment will definitely help firms to maintain control in these difficult times.

 

Pioneering the Next Frontier of RegTech

What’s next for RegTech? Vincent believes that making regulation machine readable will open incredible opportunities for financial firms to unlock the true potential of RegTech.

In order for RegTech to play an even bigger role in the industry, we first need to look into a few things— machine readable regulations, data and format standardization, and global harmonization of regulations. If regulations, updates and guidelines become machine readable and ingestible globally, it will become easier for firms to demonstrate compliance and adhere to rules and guidelines more efficiently. It will open a whole range of possibilities for the adoption of RegTech within financial institutions.

The same applies to data and format standardization. If we can agree on common data and format standards, adherence to regulations becomes more efficient. With the financial system being a truly global system nowadays, it allows institutions to act across jurisdictions in a safer and more compliant manner. Together, with harmonizing regulations globally, this could translate into a much broader usage of RegTech within the financial system. This end goal is something that I believe will contribute to the overall safety and stability within the financial industry.

ING is a global bank that aims to empower people to stay a step ahead in life and in business. Visit ING’s website. 

For more content like this, subscribe to our email updates.

Subscribe


Dec 03
Love0
A former regulator’s take on AI, Big Tech, and RCM

A former regulator’s take on AI, Big Tech, and RCM

By Blog

Rick Bonhof. Managing Consultant, SynechronWe recently sat down with Rick Bonhof, a managing consultant who leads the Amsterdam regulatory change and compliance practice within the business consulting arm of Synechron—a leading digital transformation consulting firm that accelerates digital initiatives for banks, asset managers, and insurance companies around the world.

In his role, Bonhof oversees a team of experts who help clients build the regulatory framework that enables compliance. As an advisor for the digital-first firm, Bonhof is hyperfocused on making compliance more efficient through the use of technology, leveraging emerging tech such as machine learning and existing systems such as GRCs.

Prior to Synechron, Bonhof served as a supervision officer for Dutch regulator Autoriteit Financiële Markten (AFM) at the height of the 2008 financial crisis. After spending seven years crafting and executing supervisory strategy for AFM, he decided to redirect his work from supervising firms to actually helping them become compliant with regulation. And so, after witnessing how Synechron helped a number of financial institutions get back on track with EMIR (the EU equivalent of Dodd Frank in the US), Bonhof transitioned to the firm.

During our sit-down, Bonhof shared his blended supervisory-consultative perspective on a variety of topics—from the role of regulatory change management during the COVID-19 pandemic to how Big Tech will shape the future of financial services.

Editor’s note: This interview has been lightly edited for clarity.

Setting the Record Straight on Regulators

Touching on his experience as a former regulator, Bonhof kicked off our conversation by sharing what he wished compliance professionals knew about regulators, and what he wished he had known as a regulator. 

When I made the switch from regulator to consultant, I realized that a lot of financial firms are afraid of regulators. But the reality is that regulators are people too and most are not out to fine you. What I think compliance professionals sometimes forget is that if you’re able to explain to regulators why you made certain decisions and how you implemented certain requirements, they’ll listen to you.

“A lot of financial firms are afraid of regulators. But the reality is that regulators are people too and most are not out to fine you.”

My advice to compliance professionals is to document their interpretation of the rule and why they applied the rule in a certain way according to their interpretation, so they have all of the information they need when it comes time to talk to regulators.

On the flip side, what I wish I had known as a regulator was, no matter how simple a request for information may seem on paper, it doesn’t actually mean that there’s a clearcut way to gather requested information or to implement a new rule. Many financial institutions do not start out as multinational global-spending institutions—they grow through mergers, acquisitions, and restructuring.

So there’s a whole collection of teams that suddenly need to contribute to this “one simple request,” making it not so simple after all.

Managing Regulatory Change in the Time of COVID 

Bonhof has long emphasized the importance of having a well-documented regulatory change management (RCM) strategy, especially when it comes to major events such as financial crises, election years and of course — the COVID-19 pandemic.

When it comes to regulatory change management, my mantra has been “take control, be in control, and demonstrate control.” 

“Take control” is about understanding what your obligations are, understanding the impact of them, and then implementing and enforcing a compliant process.

“Be in control” is about understanding where your firm is in terms of compliance with the requirements, and revisiting both its requirements and compliance processes frequently. You should not only be control testing your processes to understand whether your firm is compliant with existing rules, but also monitoring whether there’s a change coming that could impact compliance with those rules. And, if there is a change on the horizon, then you need to go back to “take control” and proactively act on it.

Lastly, “demonstrate control” is about being able to take the evidence that you have and explain both internally and externally to what extent you comply with those measures.

How to Avoid Dropping the Ball on RCM

In Bonhof’s view, the biggest mistake that firms can make when implementing RCM best practices, is to treat them as a one-time solution. 

Most regulatory change management processes are driven by a regulatory change implementation date. Let’s say that a firm has to comply with X, Y, and Z by January 1, 2021. What I’ve found (and even been guilty of myself) is that many firms focus solely on making that milestone without the end result in mind. So once the firm does reach it, everyone sort of drops the ball and says, “We’re done, we made it.” But that’s the wrong approach because 2021 does not mark the end of implementing that change, it actually marks the start of it. 

What I’ve found (and even been guilty of myself) is that many firms focus solely on making [a] milestone without the end result in mind.

Firms are expected to be compliant with that new rule, and need to have a roadmap that accounts for what comes after that date. Firms often put makeshift technical solutions in place to meet the deadline, but then what happens is the technical solution silently becomes the structural solution. The result is that there’s no roadmap beyond that point to account for new data that needs to be tracked or changed, resulting in an issue of data quality and therefore explainability. 

COVID Response: Swings of the Regulatory Pendulum

To Bonhof, regulatory change management has never been more important as the pandemic response continues to fold. While he and his team have seen the easing of certain regulatory requirements, they have also seen the mounting impact of others.

On the one hand, the regulatory response to the pandemic has been to suspend certain requirements in order to alleviate the burden of regulation. However, at the same time, we’ve also seen an increase in requests for financial firms to implement certain risk measures from regulators such as the European Securities and Markets Authority

For example, we had an “intelligent lockdown” in the Netherlands that prohibited us from going to the shops or the cinema. As a result, this (like other lockdowns across the globe) had a large impact on service providers, as many businesses had outstanding loans with financial institutions and were suddenly not able to make good on those loans. This has led to a tipping of scales with regulators adding more capital reporting requirements, while continuing to suspend or delay implementation of other regulatory requirements. For example, ESMA deferred the final two phases of its bilateral margin requirements to provide additional operational capacity for counterparties to respond to the immediate impact of COVID-19. 

On the Importance of Innovation in IRM

While regulators have been more forgiving during the pandemic, they have also become increasingly more aware of all of the possible gap—bringing the topic of Integrated Risk Management (IRM) to the fore. Here’s Bonhof’s take on IRM.

Integrated Risk Management allows you to identify what risks exist within your firm, define a response to those risks, and then determine whether your firm is within that risk appetite. Ultimately, IRM combines all of those processes and rolls them up into a multi-level process chart where you can prioritize risks and pinpoint which ones are of the highest risk to your firm. 

IRM is such a hot concept right now because regulators are putting more emphasis on it.

As part of Synechron’s FinLabs RegTech accelerator suite, I’ve actually had the opportunity to work on automating parts of IRM. Knowing how effective your controls are is a key part of integrated risk management, so we built an intelligent control testing environment that maps a firm’s individual control statements into a decision tree that automatically runs against a data set to help firms quickly pinpoint whether a control is effective or not. This advancement frees up compliance teams’ valuable resources so they can focus on remediating any deficiencies.

These types of innovation are becoming more important as Integrated Risk Management continues to gain more traction. IRM is such a hot concept right now because regulators are putting more emphasis on it. For example, ESMA recently published a consultation paper that assessed the suitability of the management at financial institutions, which concluded that the highest levels of management (including at the board level) need to understand their firms’ requirements, how they are complying with them, and what the state of the firm’s risk management looks like.  

Clash of the Titans: Big Banking vs. Big Tech

As an innovator in his own right, Bonhof is naturally drawn to industry disruptors. In particular, he has been following the rise of digital banks and believes that it’s only a matter of time until Big Tech enters into the banking industry as well.

The rise in digital banks has served as a catalyst for digital transformation in the industry at large. In order to stay competitive with digital banks, traditional banks have worked to provide digital services to their customers. For customers, having a digital bank account becomes more of a commodity because it opens up a whole ecosystem of additional services around it. 

For digital banks, their competitive advantage is that they’re not burdened by a chain linked system of legacy tools or processes, so they can get it right immediately. Digital banks can be more nimble when it comes to things like digital client onboarding processes and company reporting. On the other hand, it’s difficult for digital banks to achieve the same scale as larger banks. Plus, they’re bound to face the same kind of regulatory requirements as incumbent banks and will need to comply with them, lessening some of their initial competitive edge.

When Big Tech enters the market, it will drive a significant change that some incumbent banks will likely not be able to transition through and will lose traction within the market. 

What I’m really curious about is when Big Tech will officially enter into the banking space. Today, we have Apple Pay and Google Pay, but I think that it’s just a matter of time before they’re adding banking services to their offering. At that point the market will change. Digital banks just mark the beginning of the banking industry’s digital transformation. When Big Tech enters the market, it will drive a significant change that some incumbent banks will likely not be able to transition through and will lose traction within the market. 

Financial Firms and Regulators to Step Up Their AI Game

With the high likelihood of Big Tech companies entering the market in addition to other innovations in financial services, Bonhof is encouraging the industry to direct its focus toward emerging technologies such as Artificial Intelligence (AI) now, before it’s too late.

I think regulators really need to step up their digital game. They need to understand the tech component that goes into digital banking. AFM just compiled an insightful trend report where they spoke around their fears about Big Tech entering into the financial market. Today, Big Tech is predominantly supervised by privacy watchdogs. But, if Big Tech entered the financial market tomorrow, financial market regulators would not always be allowed to share information with those supervisory agencies, so that would make supervision really difficult. 

Regulators are just now issuing responses around the use of AI, which center around the concepts of explainability and trustworthiness. Together, they are two sides of the same coin because they help explain the decisions that come out of algorithms and apply fair principles that limit their biases. However, I still think that we have a ways to go and that regulation around the use of AI will only continue to increase in the future as the digital market matures.

The Role of AI in Regulatory Compliance

According to Bonhof, the role of AI is not just limited to the mechanics of digital banking. It applies to regulatory compliance too.

We recognize that regulators are starting to provide guidelines around AI, so we are changing the way that we advise our clients about AI. AI was once the new and exciting thing to talk about. Now it’s the means to an end. We’re looking at where AI models can help firms improve explainability in their compliance processes. 

AI was once the new and exciting thing to talk about. Now it’s the means to an end.

Using robotics (or AI) helps automate certain regulatory compliance processes such as horizon scanning, and makes the outcomes of those processes more predictable and reliable. AI allows teams to focus less time doing the monotonous work of running these processes and more time on investigating outliers. Instead, the “robot” leads the processes and identifies areas where there are inconsistencies that require the review of compliance experts.

On Implementing RegTech: Final Advice

So, what’s Bonhof’s advice to firms that are looking to implement new technologies in their compliance programs? “Be really clear about what you want to achieve in your compliance program and therefore what you want the technology to achieve.”

First, you need to understand where you are and where you want to go. For instance, if your firm was just fined by a regulator, then you’ll likely need to find a solution that can help you become more compliant. On the other hand, if your organization is in a good place but needs to become more efficient, then it’s likely you’ll need a different tech stack than the firm that was recently fined. When you understand what you want to achieve by adding technology, then you can better pinpoint the right type of technology solution for your compliance program.

 

If you’d like to learn more about Synechron, visit their website. To learn more about Rick Bonhof, connect with him on LinkedIn

If you’d like to contact an Ascent team member, you can do so here. Stay tuned for our next interview from the lines of defense. All interviews will be featured in our monthly Cliff Notes newsletter, which you can subscribe to below.

Subscribe to Cliff Notes


Apr 22
Love2

Creating Regulatory Knowledge

By Blog

Every day in the world of regulatory compliance, humans create knowledge out of data. 

Risk and Compliance teams scan the regulatory horizon, gathering information relevant to their industry. Compliance analysts then assess those regulatory documents to extract the laws, rules and regulations within them, and then analyze those requirements to determine which might apply to their business. This manual process takes the raw data of regulatory rulebooks and other documents and, through hundreds of hours of hard work, turns it into knowledge.

Only then, finally armed with this knowledge, are teams able to begin the real, vital work of compliance — reconciling their obligations with their policies and procedures, creating controls, and implementing compliance throughout the business. This knowledge creation process is a necessary but tedious and burdensome part of regulatory change management.

And, in our current regulatory climate, it is increasingly impractical.

The Global Financial Crisis of 2007-2008 remade the financial services landscape and, in the process, ushered in a new era of regulatory oversight — one that moves at a superhuman pace. Rule changes have increased 500 percent in the last decade. In fact, a new regulatory update gets implemented every 7 minutes.

Historically, increasing personnel was the primary lever teams pulled in order to keep up with this breakneck regulatory pace. But the current global health crisis and its bear market budget constraints has made that option no longer feasible.

Instead, teams have to turn to the only remaining path forward: emerging technologies.

Regulatory knowledge automation is the process of using machines to complete the knowledge creation process. By leveraging next-generation technologies like machine learning and natural language processing, the knowledge creation work can be completed in mere minutes, at a fraction of the cost, and free from human-error. 

And most importantly, regulatory knowledge automation can liberate Risk and Compliance teams from the burdensome aspects of regulatory change management so that they can instead focus on the more critically human responsibilities of their roles. 

READ ARTICLE: What is RegTech and Why Does it Matter?

 

Automating Regulatory Change Management

Regulatory change management is composed of three stages, all of which can be simplified by emerging technology.

Stage 1: Monitor

In order to keep their finger on the pulse of the regulatory environment, track emerging trends, and identify new obligations and regulatory updates, Risk and Compliance teams have had to closely monitor the vast and fast-paced regulatory landscape.

Historically, this has meant that Compliance analysts had to become experts at finding any industry-related regulatory information and teasing out its applicability to their business. This process — often referred to as horizon scanning or regulatory monitoring — can be an extremely burdensome one, especially considering the high cost for a mistake. Like the proverbial needle in the haystack, any obligation missed among the thousands of lines of regulatory information could have severe consequences come audit time.

But, at root, this process is one of aggregation — something artificial intelligence has long since proved its expertise at. Regulatory intelligence tools now exist that can deliver up a comprehensive view of the regulatory landscape in an instant — taking human-error out of the equation and freeing up an analyst’s time.

Stage 2: Identify

Once the information has been aggregated in the horizon scanning stage, teams then have to sift through the vast troves of documentation to extract the laws, rules, and regulations within them — a complicated undertaking given the dense language and complex structure of these documents, and one that has to be repeated every time a new update is released.

This process had, historically, been the line in the sand for how automation could help with regulatory change management. A machine could aggregate the documents for review, but a human was always needed to extract the knowledge out of all that regulatory data. 

By leveraging natural language processing (NLP) and machine learning (ML) technologies, though, we at Ascent have been able to change this. It is now possible to fully automate the knowledge creation process of regulatory change management.

To understand how, we need to understand how the technologies involved function.

NLP is the combination of computer science and linguistics that allows computers to understand human language. In essence, NLP takes the dense texts of regulatory documents and “translates” them into machine-readable language. ML is the capability to “train” systems how to complete a task. Once NLP has translated regulatory text into something that can be read by a machine, trained ML systems can extract the rules and requirements from that dense text.

These technologies make it possible to automate the “identify” stage of regulatory change management, reducing a 100+ hour workload into mere minutes. 

They also revolutionize the third and final stage of regulatory knowledge creation: Analysis.

Stage 3: Analyze

Once the regulatory documents have been gathered and the laws, rules, and regulations extracted, teams must then analyze this inventory of obligations to determine which apply to their business.

This is one of the most complex parts of regulatory change management and — just as with the “identify” stage — it had previously been impossible to automate. But the same technology we used to revolutionize the extraction of laws, rules, and regulations from documents can be used to analyze those obligations.

Ascent’s RegulationAI™ is a true innovation in regulatory technologies. It uses neural networks — the same technology that powers image recognition software and self-driving cars — to automatically assess which rules apply to your business. RegulationAI™ has been trained not only to identify laws, rules, and regulations from within regulatory documents, but to also take those obligations, assess how they correspond to various businesses based on their business practices and regulatory burden, and then determine which obligations apply. 

RegulationAI creates knowledge out of regulatory data

RegulationAI™ is able to deliver up a complete list of obligations that are specific to your business in mere minutes, at a fraction of the cost, and free from human-error.

This liberates Compliance and Risk teams to perform other, more critical work, but — because the technology digitizes the regulatory documents in the process — it also makes it possible to improve processes that come after knowledge creation. 

With regulatory documents now in a machine-readable form, it is possible to turn those documents into searchable databases, to track changes and rule updates, and even to ingest the data from those documents into a workflow management tool or GRC so that teams can interact with them — marking them for review, sharing them with other team members, and more.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

Start unlocking the power of automation today.

Ascent’s regulatory knowledge platform offers AI-powered solutions for each stage of the regulatory knowledge creation process.

Regulatory Monitoring: Our regulatory monitoring solution allows you to view, search, and organize regulatory content from around the world, all in one place.

Dynamic Rules: With Dynamic Rules, you can examine rules relevant to you and instantly and easily identify changes.

Obligations: Our obligations management tool automatically generates your obligations for you, helping you build a sustainable, bulletproof compliance program that scales.

 

Enjoy this article? Subscribe to receive helpful content designed to help you win at compliance.

 

Modern challenges require modern tools. Interested in seeing how Ascent can help you identify your obligations and automatically keep them updated as rules change?

Contact Us


 

Apr 06
Love2

Virtual Chat | Creating Data Certainty in Uncertain Times

By Blog

How, when working with data sets that are too large to be manually checked, can we have confidence in the data we’re producing? As part of our Virtual Open House, Spencer Allee, VP Data Science, discusses “Creating Data Certainty in Uncertain Times.”

Check out the full talk above and be sure to visit our Open House page for more great conversations!

LEARN MORE: Ascent’s Open House: Socially Distant, Virtually Connected

 

Enjoy this webinar? Subscribe to receive helpful content designed to help you win at compliance.

Subscribe

[pardot-form id=”323″ title=”Cliff Notes Subscriber Form”]
Mar 31
Love2

Virtual Chat | Thinking Machines: Why Ethical AI Matters in Tumultuous Times

By Blog

To kick off our Open House, we had Ascent Founder & CEO Brian Clark discuss “Thinking Machines: Why Ethical AI Matters in Tumultuous Times.” Check out the full talk above and be sure to visit our Open House page for more great conversations!

LEARN MORE: Ascent’s Open House: Socially Distant, Virtually Connected

 

Enjoy this webinar? Subscribe to receive helpful content designed to help you win at compliance.

Subscribe


Mar 20
Love2

5 Ways To Prepare Your Business for a Bear Market

By Blog

In the midst of these unprecedented times, one thing seems certain: one of the longest bull markets on record is now over.

We are in the midst of unprecedented times, filled with uncertainty. Markets are whipsawing daily, the health of the economy — both short- and long-term — is in serious question, and it is unclear what the next week will hold, let alone the next quarter.

We at Ascent won’t attempt to answer these unanswerable questions. Instead, we want to acknowledge a reality that daily seems to be more and more certain: One of the longest bull markets on record has now come to an end. 

It will take time for governments to untangle the global uncertainties that grow more daunting by the day. In the meantime, businesses don’t have to feel paralyzed by inaction. Here are five ways to prepare for the new market environment.

READ ARTICLE: Creating Confidence in an Uncertain World

 

#1: Separate the Must-Haves from the Nice-to-Haves

The most immediate reaction to a tighter environment is to prioritize essential expenses and cut non-essential ones. This vital step sets the stage for the processes and procedures that follow.

You’ll likely be looking across your business for ways to reduce costs, but as you do so, it’s imperative you don’t undermine the fundamental and functional aspects of your business. This of course means protecting revenue-generating areas of your business, but it also means protecting the teams that protect your business.

Maintaining a stellar client-service reputation won’t matter if your business is overrun by cybercriminals — or if a lapse in compliance leads to a debilitating regulatory fine.

As you manage costs on a slimmer budget, insulate the areas of your business that make it functional so that they can help support the parts that make it successful.

#2: Focus on Efficiencies

Even after eliminating “non-essential” items, your list of expenses may still seem too long. Rather than cutting into the essentials, though, look for ways to improve efficiencies across your business.

Where is managerial oversight slowing down processes and creating unnecessary costs? How might you leverage hidden expertise within one department to help that of another? Perhaps buried in your IT department is a project-manager-certificate holder who can help organize the roll-out of your latest asset management strategy. Or maybe a junior associate has discovered how to streamline a burdensome administrative task but hasn’t had the opportunity to share it with other teams.

Now is the time to draw on the deep strengths of your teams so that they can empower your business to do more with less.

#3: Leverage Technology

Doing more with less is, as with many things, easier said than done. While it might be possible to ask some team members to wear another hat or share skills, departments likely won’t have the time and resources right now to wholly reimagine processes. 

Instead, look for ways technology can help.

Talk with teams about which parts of their jobs are heavy on mundane, manual labor and could potentially use automated support. The recent explosion in machine learning capabilities has revolutionized how automation can support different job functions.

We at Ascent are of course strong believers in automation. By automating regulatory knowledge creation, we’ve seen firsthand how technology can reduce errors, drastically improve efficiencies, and free up internal experts to focus on more critical functions. Other automation tools can be similarly transformative for different departments.

#4: Prioritize Employee Well-Being

Employees are the pillars that hold a business up, and a bear market puts significant stress on those pillars. In their professional lives, they’ll likely be asked to take on more in a bear market, even if they already have full plates. And, at the same time, they’ll be bombarded with worrisome headlines adding stress to other areas of their life too.

So the mental and physical health of employees should be a top priority. Employees with a clear mind will undoubtedly be happier, less distracted, and — as a result — more productive. 

Often, as firms look to buckle down on costs and increase efficiencies, the focus is too much on the number of hours worked and the output gained. What should also be considered is the potential expense of that work to employee well being.

Creating an environment that prioritizes employees and their health and empowers them with stimulating work will create a supportive atmosphere during a challenging time — and, ultimately, boost productivity in the process.

#5: Take advantage of the opportunity

Here’s a quote from Sun Tzu’s The Art of War that’s as cliche as it is true: “In the midst of chaos, there is also opportunity.”

Financial firms are known for reminding clients during downturns that it’s here the real money can be made — if one can bear the pain.

The same is true for businesses. Some of the most successful companies were started during a recession. By trimming excesses, improving internal procedures, empowering staff, and leveraging automation, you can position your business to take advantage of the potent opportunities emerging rather than being stuck in a paralyzed state of inaction.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

Most importantly, listen to your Risk and Compliance Teams.

Risk and Compliance professionals often serve as your crisis response team. They help companies implement new practices, create business continuity plans, and adapt to new environments. 

In the midst of a bear market, their work becomes more vital than ever. A recession or global crisis doesn’t mean that the regulatory wheels stop turning. On the contrary, regulators will still be publishing rule updates to keep up with the changing environment. And internal departments will likely be moving quickly to take advantage of opportunities in the marketplace. The last thing a business needs during uncertain times is increased risk.

As the critical functions of Compliance and Risk teams ramp up, automation can help reduce their workloads as much as possible.

At Ascent, we leverage emerging technology to automate the routine aspects of regulatory compliance to reduce risks and costs. Tools like these help reduce time-consuming tasks like regulatory monitoring and channel those efforts into more vital parts of compliance.

At a time when it’s essential to eliminate as many roadblocks as possible, our solutions can help a firm feel empowered rather than constricted by the rule of law.

Enjoy this article? Subscribe to receive helpful content designed to help you win at compliance.

Subscribe


Mar 10
Love2

Creating Confidence in an Uncertain World

By Blog

The Compliance Conundrum

We live in an uncertain world. This is something Compliance and Risk teams know all too well. 

We often hear from our customers about the anxiety and chaos that uncertainty causes in the world of regulatory compliance — uncertainty in how rules are changing, uncertainty in what rules are important and likely to be enforced, uncertainty in whether they are tracking all the right obligations, uncertainty in whether their business is properly complying with rules. 

Unfortunately, reducing that uncertainty traditionally costs a lot of money. The only lever most companies have to pull is to hire more people — compliance officers, lawyers, consultants — to keep track of obligations. These costs don’t scale well and have, at best, unclear ROI.

At Ascent, our goal is to insulate our customers from some of that uncertainty that has traditionally plagued them. To do this, we are building the largest programmatically-accessible body of regulatory knowledge in the world, and we are building the tools to scale this knowledge set as fast as regulators change their information, all while maintaining the quality and accuracy required for our customers to succeed. 

But just like our customers, we too face our own uncertainty challenge: How can we be certain, especially when working with datasets that are far too large to be checked manually, that our information is correct? 

Rather than running from this problem, though, we embrace it — and use technology to help solve it. We design our tools and strategies in a way that treats uncertainty as a reality that we can manage. Everything — from our knowledge production processes and internal and external product decisions to the technology that powers our scale and the governance around our machine learning modeling — provides levers we can pull to more effectively manage quality and scale for our customers.

READ ARTICLE: What the Tech? Machine Learning Explained

 

Knowledge Risk Framework

The first tool we use to manage quality and scale in the face of uncertainty is a simple knowledge risk framework: for any given step of our knowledge production process, what is the accuracy our customers need to be successful, and what is the most efficient way of maintaining that accuracy given our portfolio of tools? 

For example, consider the technology that powers self-driving cars. The accuracy the technology requires varies depending on the action the car is completing. If the task is parallel parking without hitting a bumper, 95% accuracy is probably sufficient. If it’s turning left into oncoming traffic, accuracy will need to be much, much closer to 100%. 

One of the key capabilities of our solution is the ability to analyze regulatory text, extract the obligations from within it, and automatically determine which of those obligations apply to our customers’ business. Making sure that this process is complete and error free is absolutely critical for our customers. Missing an obligation is like messing up that left turn — it’s not an option. 

So for this process, we do not rely purely on machine learning models, which always have some error rate. Instead, we combine machine learning with domain expert review and internal tooling, allowing us to dramatically accelerate the rate at which we conduct this decomposition while maintaining extremely high quality. Think of it as having a human driver in that self-driving car to supervise left turns.

By taking this approach we have eliminated more than 80% of the effort it takes to do this step manually, while still achieving the same or better level of quality than a fully manual process. 

In another example that’s less critical than identifying obligations, we have a step at which we classify regulatory documents into different internally-defined categories to help our customers filter. Because we have many different ways for our customers to find the right documents, the accuracy requirement for this specific step is much lower, which means we can use a machine learning model exclusively and sample a small subset of predictions periodically to estimate our accuracy statistically. 

By applying this knowledge risk framework, we know that we’re spending our resources to eliminate uncertainty where it matters the most for our customers, while scaling the value we provide much more quickly than most customers can do themselves.

Probabilistic Predictions and Measured Uncertainty

We also use math and statistics as a way of managing quality in the face of uncertainty. Our solutions are powered by machine learning models — essentially, algorithms that are trained how to complete a task using large sets of data. We give our algorithms a task — for example, determine whether this line of text within this regulatory document is an obligation or is supporting text. Our algorithms reference the vast archives of regulatory text on which we’ve trained them to predict an answer to that prompt — what’s known as a prediction. 

Using probabilistic predictions, our machine learning models can give us a measurement of how “uncertain” they are about that prediction. Think of it like a Jeopardy! contestant labeling each answer with a score of how confident she is that she’s right. If the model consistently predicts a similar answer with a very high probability, we can interpret the model as being more certain that its prediction is correct for that data point. This gives us the opportunity to break up our predictions into different measurable confidence “tranches” with different accuracies at different levels of confidence. 

For example, if we decide as a business that our risk tolerance for a particular step is very low — that it’s a “left turn into oncoming traffic” kind of step and we need 99% accuracy —  we can choose a confidence threshold above which we consistently achieve 99% accuracy. Any predictions above that threshold can be fast-tracked efficiently, whereas any predictions below that threshold can go into a queue for further human review. 

Initially, this could require a fair amount of manual labor on our part. But the power of machine learning models is that they continue to learn. So as we accumulate more human-reviewed data, our models continue to improve and the size of our “high confidence tranche” increases, driving up our overall efficiency while maintaining our quality.

Correcting for Model Drift

Another source of uncertainty is one all predictive models must inevitably contend with: model drift.

Machine learning models use historical data to make predictions on new data. Sometimes the relationship between historical and new data is relatively static — for example, making a left turn now isn’t materially different than making a left turn five years ago. Other times it can be much more dynamic — like comparing sunscreen sales in August to those in December. As our regulatory scope continues to expand, a possible drift between patterns in historical data and patterns in new data is something we have to guard against.

To do this we rely on process, technology, and some clever sampling techniques. We have built and continue to invest in a modern machine learning infrastructure that makes it easy for our data scientists to monitor model performance, retrain models with new data, compare multiple models against each other, and quickly deploy the models that perform the best. We also maintain a stream of human labeling to compare against our model labeling, even for models that are performing well. This allows us to constantly collect quality metrics, identify error modes and drift, and generate additional training data. 

We’ve designed our internal tooling to take advantage of smart sampling techniques to apply our domain-expert labeling time to the most information-rich data points, so that if we label even a fraction of a percent of a dataset we can maximize the value of that ground truth information and propagate it across the broader dataset. All of these strategies increase our confidence that the models we have deployed are the best they can be with the resources we have; in other words, we are able to maximize the leverage of our data science and domain expert labor across the uncertainty-quality tradeoff.

Managing Enterprise Risk

Finally, as a business we also think about uncertainty from the perspective of enterprise risk and the internal control frameworks we have in place to manage that risk. Even as a growing startup, we have invested time and resources into building out a robust Model Risk Management framework, established on many of the same guiding principles that financial institutions follow when using quantitative models like credit risk models. 

We have well-documented processes for reducing risk during all stages of model development:

  • When we develop models, we follow documented policies around our development standards, testing procedures, and stakeholder review.
  • We validate our models by using independent teams within the company and human review of model outputs.
  • To help govern our modeling practice and overall data generation approach, we use a model inventory, follow a detailed change management process, and have clearly identified roles and responsibilities. 

These operational investments reduce the risk that we inadvertently let entropy creep into our production system and gives us comfort that our process is working correctly.

We live in an uncertain world

For a self-driving car to be a safe option, how safe does it need to be? 90% accident free? 95%? 100%?

Logically, the answer is it needs to be safer than the safest human driver. No self-driving car will ever be 100% accident free, but neither will human drivers.

The same holds for regulatory compliance. The size of regulatory data is too large, and the world changes too quickly, to ever know with 100% certainty every detail of every word across all regulators. Even if any business could afford to pay enough humans to read through every document multiple times, they wouldn’t be able to pay to rule out human-error. 

But by acknowledging that we live in an uncertain world and by using state-of-the-art technology, smart process and frameworks, and the power of machine learning, Ascent can help financial institutions navigate the world of regulatory compliance more quickly and efficiently — and with a lot more certainty.

READ MORE: Ascent’s RegulationAI™ – Why It’s Different

 

Enjoy this article? Subscribe to receive helpful content designed to help you win at compliance.

Subscribe


Jan 20
Love1

Open Banking: What It Is, Why It Matters, and How RegTech Can Help

By Blog, Featured

If open banking lives up to its promise, it could revolutionize modern banking and simultaneously usher in waves of new regulation and compliance changes.

Digital disruption is burning through almost every sector of our modern economy, creating exciting new opportunities while also unleashing chaos on long-established ways of doing business.

Banking is one of digital disruption’s latest beneficiaries, and one specific trend has been causing a lot of buzz: open banking. It’s a topic that, if it lives up to its promise, could revolutionize modern banking and simultaneously usher in waves of new regulation.

In this brief primer we’ll break down what open banking is, why it’s making so much noise, and how technology can help solve the compliance challenges technology has created.

What is Open Banking?

Broadly, open banking is a banking practice that gives users the ability to grant third-party financial service providers access to their financial data. 

The basics of open banking have been around for a few years now — the same principles can be found in budgeting tools like Mint or YNAB. But historically, apps like these have used a process known as “screen scraping” — where users give the budgeting app their bank username and password so the app can then “scrape” their financial information from the bank’s site. What is generating all the excitement around open banking now is the possibility to extract this information by instead using an API.

APIs (or, application programming interfaces) are a way for third-party providers to plug directly into an app or web service. So rather than giving Mint your bank username and password, you would instead grant it authorization to access your bank information, which Mint would then connect to directly through the API. 

So why is an API so much more powerful than screen scraping?

Because for one, you don’t have to share your username and password with third parties, whose cybersecurity protocol might not be robust as your bank’s. Also with an API, if the username or password is changed, the connection isn’t broken. And the process is significantly more efficient for the third party, who now has direct information to the data they want, rather than having to scrape it from another source, reformat it, and then ingest it.

But open banking’s most exciting opportunities extend far beyond budgeting apps.

What open banking really allows for is a more efficient and secure way to share financial data. 

When looked at from this perspective, the possibilities start to become industry-shaking opportunities. Here are just a few examples:

  • The labor-heavy process of getting a loan, currently requiring the lendee to pass off reams of financial statements and information to a lender, who then has to ingest those materials, could become significantly easier for all parties involved. An API would allow lenders to have more efficient access to up-to-the-minute information with much less work from the lendee, and would allow lendees to only share the information relevant to the lender.
  • Aggregation tools are already making money management a much simpler, more cohesive process. Existing solutions allow investors to get a truly holistic view of their investment portfolio, even if assets are custodied at different institutions. And emerging solutions are revolutionizing how investment advisors interact with custodians, how they analyze client data, and how they present to clients.
  • The complicated payment system that exists today is also starting to be streamlined. APIs are now connecting developers with payment systems, and it could soon become possible to make payments directly out of a bank account rather than needing an acquirer to process payments via a credit card company. This would limit the number of times user data needs to be shared and reduce costs for both vendors and customers.
  • Accounting solutions for both businesses and consumers are emerging that would make the process more efficient and less costly. Businesses will be able to benefit from bookkeeping applications that can plug directly into their payments feed and consumers could see a cheaper and easier tax-preparation process.

The great promise of open banking is that it liberates your data from being held solely at one financial institution in order to make it available to companies of your choosing. Ultimately, it will take some time before the benefits of this are truly understood and realized.

Regulating the Open Banking Revolution

As these benefits start to come to light, though, they will not be without risks. For example, direct access to user data, even if theoretically more secure than current practices, is an unsettling idea. And digital disruption within any industry can be chaotic, as rules and best practices become upended, outdated, and replaced. That’s why the open banking revolution is certain to be accompanied by new regulations designed to help protect consumers. 

The European market already offers a preview of those regulations — and the challenges that come with them.

The second Payment Services Directive (PSD2) was rolled out in Europe by the Competition and Markets Authority as a way to spur more innovation and competition in the banking sector. In recognition of the opportunities presented by open banking, PSD2 required enterprise banks to make their data available in a secure, standardized form, so that third-party providers (TPPs) could plug into and leverage that data through APIs.

Banks were given until March 2019 to provide TPPs with a simulated bank environment where they could test their APIs before they became fully operational in September of that same year. And yet over 40% of the European banks missed the deadline.

This is just one example of how, even in the early days of open banking, a significant number of large banks are struggling to meet the demands of the associated regulations. As the effects of open banking are more widely felt, and as wider-reaching regulation accompanies them, the workload on banks and financial firms is sure to only increase. 

New technology, though, can help solve the same problems that new technology has created.

RegTech: Open Banking’s Best Friend

Just as advances in technology are upending the banking industry, they’re also revolutionizing the world of regulatory compliance. RegTech (Regulatory Technology) companies are leveraging machine learning, natural language processing, blockchain, AI, and more to solve the problems of regulatory compliance.

RegTech solutions will be crucial both to new open banking companies looking to quickly get off the ground and to traditional, large banks implementing new solutions to stay competitive in a changing environment. AI-powered regulatory change management solutions can help automate the burdensome tasks of regulatory research and analysis, so banks and financial firms can stay up to date on all regulatory updates — related to open banking and otherwise. And obligations management tools can automatically deliver up a complete obligations register, reducing to mere minutes a task that can take thousands of hours. 

Ultimately, the wide variety of RegTech solutions currently available will allow banks and financial firms to stay ahead of the waves of regulation by quickly and efficiently building a RegTech stack specific to their needs.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

The digital disruption revolutionizing the financial services industry isn’t going to subside anytime soon. And banks and financial services firms can leverage RegTech solutions to help make this fast-paced change work for them.

LEARN MORE: Click here to learn about Ascent Solutions

 

Ready to see a live demo? Get in touch today!


Dec 16
Love1

Forecasting RegTech: 2019 Trends and 2020 Predictions

By Blog

(7 min read)

“RegTech is no longer just for early adopters. We’re starting to see the actual, tangible benefit these technologies can provide.” -Brian Clark, CEO, Ascent

2020 is set to be a big year for the RegTech industry, and the start of an even bigger decade. We’ve seen a significant investment in the RegTech space over the last handful of years, galvanized by the technological advancements that now allow RegTech to solve real problems for Compliance and Risk teams, saving them money and time and reducing risk in the process.

Now on the doorstep of the new decade, we wanted to take a moment to look back briefly at some of the trends we saw in 2019 and peek into our crystal ball as we make a few predictions about the year ahead.

Trends We Saw in 2019

RegTech has crossed the chasm. Last year was the year that RegTech stopped being a thing that was going to happen and started being a thing that was happening. Companies moved past pilots and out of the innovation phase and began operationalizing benefits in a production environment. As Ascent Founder and CEO Brian Clark put it, “RegTech is no longer just for early adopters. We’re starting to see the actual, tangible benefit these technologies can provide.”

The wheat started separating from the chaff. As part of that evolution out of the innovation phase, RegTech ventures either found and connected up with a market demand or they didn’t. And with those that didn’t, we started to see the first handful of failures. Ultimately, this will be good for financial institutions as it will make it easier to identify which companies are truly creating value.

Regulators went on the record about RegTech. This year we also started to see regulators asking firms what they’re doing to leverage RegTech. This is obviously an exciting theme for the RegTech industry, but it’s also exciting for financial institutions. As regulators embrace technology as a viable solution, it should help give Risk and Compliance teams a path forward through the growing and increasingly dangerous regulatory maze. Speaking of . . .

Pressures to comply only increased. Unsurprisingly (and unpleasantly), we only saw more enforcement actions with higher regulatory fines, creating more pressure on Risk and Compliance teams. The FCA kicked off 2019 by levying its largest personal fine ever and ended up filing 160 enforcement actions before the year was over. Not to be outdone, the SEC published a whopping 2,754 enforcement actions this year alone, including 95 against public companies — the highest number in a decade. Just as unsurprisingly: this isn’t a trend we expect to dissipate anytime soon.

The marketplace became even more global. And, because of this, regulations and privacy legislation became more global too. This means that companies operating in international markets have yet more rules and regulations they’re required to be in compliance with. We discuss more below as, like the others above, we don’t think this one is going away any time soon.

Trends We Expect to See in 2020 in the RegTech Industry

Operationalizing will be the name of the game. Moving out of the innovation phase, it will be key for RegTech ventures to lock down operationalizing and scale so that they can answer the very important question they keep hearing from financial institutions: “Can you prove to me this thing actually works?

We’ll likely see still more investment, but done thoughtfully. In the first 3 quarters of 2019 alone,  investment in the RegTech space grew by 103%. We expect we’ll continue to see more funding, but it will be of the middle-stage, thoughtful kind. Now that the ideas are out on the table, investors will be looking to find companies that are demonstrating product fit by acquiring more customers. This will be a tell-tale sign for financial institutions, too, as they evaluate potential solutions.

Look out for a burgeoning ecosystem. As RegTech separates further from FinTech and truly becomes its own industry, we expect to see additional technologies and ventures popping up to create a supportive ecosystem. Financial institutions should keep an eye out for things like consultancies, which can help them evaluate and implement RegTech solutions, and complementary tech like open APIs, which would allow them to plug new solutions into existing systems.

READ ARTICLE: Building RegulationAI: Solving Compliance in the Age of Artificial Intelligence

 

. . . in Financial Services

Brace for the crunch. Increasing cost pressures on both the buy and sell side, shrinking margins, the rise of formidable FinTech and challenger banks — all of these factors are likely to continue, further driving the consolidation trend we’ve seen recently and helping firms realize that, for some of these obstacles, technology offers the only viable route forward.

Increased globalization means increased risk. We expect this trend from 2019 to only get more prevalent and more dangerous. Think of it as a simple risk array: Firms are operating in more marketplaces doing more things with increasingly larger penalties and they’re doing it with the same amount of staff. They can scale up personnel until payroll begins to buckle, or they can turn to technology.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

. . . from Regulators

Big topics will get a lot of attention. Privacy, cybersecurity, and cryptocurrency are all major themes we expect to see regulators continue to focus on in 2020. Additionally, other headline-makers like Brexit will likely cause a lot of activity. And the looming recession(s), if actualized, would kick off more action by central banks, more uncertainty, and a lot more work for regulatory compliance.

No appetite for keeping quiet. The above themes and others seem to be in the news on a near daily basis, giving regulators not just an incentive but a public mandate to become increasingly effective. This comes with the need to be stronger in enforcement actions, one contributor to some of those major fines we’ve seen recently.

Jurisdictional arbitrage is no more. The days when you could choose your jurisdiction according to a region’s regulatory policies are largely over. The globalization of the marketplace means that more financial institutions (including many SMEs) are operating in multiple countries, and so they’re forced to abide by all of the regulatory bodies governing those countries. Compliance and Risk teams are then given the mammoth task of somehow knowing all those rules, keeping up to date on them, and following them — which, for simplicity’s sake, often means universally abiding by the strictest. 

Expect collaboration — but not cohesion — among regulators. While we have seen regulators working together to find and implement technology solutions, don’t expect to see cohesion across their requirements. Even as the marketplace becomes increasingly global, each regulator will have to abide by its own government mandate. After all, they don’t serve the financial institutions they audit but the consumers of their respective jurisdictions. Ultimately, there’s only one way to reconcile the differences between regulatory requirements — via technology.

READ ARTICLE: The Ultimate List of Compliance Conferences and Events

 

What Ascent is Excited about in 2020

Just as 2020 is shaping up to be a big year for RegTech as an industry, it’s looking to be another banner year for Ascent. Here are just a few of the opportunities that have us excited to tackle the new year:

  • We were thrilled to be selected by the Global Financial Innovation Network (GFIN) to pursue a cross-border pilot earlier this year. We believe the opportunity to collaborate directly with regulators could create value for the entire market, helping firms to operate more efficiently and to reduce costs while consumers are better protected. We’re excited to see what the future holds for this initiative.
  • Speaking of excited, we recently raise $19.3 million in our Series B funding round. This investment will empower us to scale and further operationalize our business, and it will be nothing short of fundamental in advancing our mission to reduce the cost of compliance and protect the rule of law. We can’t wait to put the funding to work in the year ahead.

LEARN MORE: Click here to learn about Ascent Solutions