Feb 25

9 Common RegTech Questions, Answered

By Ascent Team Blog

As a young industry, RegTech often gives rise to a host of questions — everything from “what is it?” to “how does it work?” to “how will it affect me?” We’ve collected a handful of the more common ones and answered them below.

Have a question that’s not on our list? Drop us a line at marketing@ascentregtech.com and we will be happy to help answer it!

What does RegTech mean?

RegTech (Regulatory Technology) is the application of emerging technology to improve the way businesses manage regulatory compliance.

RegTech companies can be established GRC (Governance, Risk, and Compliance) platforms, startup companies, and everything in between. They are united by their use of new, groundbreaking technology in the service of solving the problems of regulatory compliance.

As an industry, RegTech has emerged over the last few years to address the rising tide of regulation and its growing complexity. To learn more about the history and future of RegTech, check out our comprehensive guide, “What is RegTech?”

READ MORE: What is RegTech?

What are the benefits of RegTech?

For financial services, the benefits of RegTech are substantial:

Efficiency gains — As regulation continues to grow, it becomes nearly impossible for compliance personnel to keep up without the aid of technology. Technology, capable of processing a high volume of data at incredible speeds, can quickly parse and analyze raw legal text and extract valuable insights.
Greater accuracy and comprehensiveness — Manual, siloed processes tend to create gaps in the compliance operation, leading to human error and increased exposure. Implementing the right technology (and integrating those technologies thoughtfully where necessary) shores up gaps and creates a streamlined compliance process.
Greater internal alignment — Technology tools enable greater transparency throughout the business, connecting once siloed people and processes. The result is better insights between business units that can be shared faster, which also leads to a stronger culture of compliance.
Improved risk management — Many RegTech tools help protect against various types of risk, including market abuse, cyber attacks, and fraud, by monitoring systems and alerting personnel to suspicious activity.

What is end-to-end compliance and how does RegTech fit in?

End-to-end (E2E) compliance is a fully traceable process that connects external regulatory events to a business’ specific obligations, then all the way through to that business’ internal controls, policies, and procedures. In an ideal world, E2E compliance leverages automation and other technologies to create a complete functional system of compliance. To achieve E2E compliance, different RegTech solutions can be used together (often referred to as a ‘compliance technology stack’) to create a seamless process that automates rote work, connects once-disjointed processes, and supports a robust compliance framework.

With a properly implemented E2E system, businesses could 1) be alerted to relevant new rules or changes to existing rules, 2) be directed to the exact parts of their internal controls or P&Ps that are impacted so team members can make the appropriate changes, 3) manage their obligations digitally including assigning work and tracking progress against deadlines, 4) easily produce records of their compliance activities, and 5) generate useful reporting dashboards.

Again, due to the complexity and nuance of regulatory compliance, one-size-fits-all solution. Rather, compliance leaders should take a modular approach to building a technology stack that meets the firm’s unique circumstances and objectives.

What kind of tech stack should I consider for my compliance framework?

Compliance and Risk professionals are responsible for not only determining what their firms’ regulatory framework is, but also how to maintain it once it’s set. Thankfully, there are a number of solutions within the RegTech universe that support this effort and can be combined into a comprehensive, end-to-end tech stack. The key is to know which ones to bring into your tech stack in the first place, so here are a few types of solutions to consider:.

Regulatory content tools are situated at the beginning of the compliance process. They typically take the form of a content library, feed, or resource center. Content tools consolidate documents published by regulators into one platform (including the laws, enforcement actions, guidance, rule updates, and more), making research and horizon scanning more efficient. Leaders in this space include Thomson Reuters Regulatory Intelligence, LexisNexis and Reg-Room.

Regulatory knowledge automation is technology that bridges the gap between the raw data of regulatory content and actionable insight. Market leader Ascent, for example, generates the regulatory obligations that pertain to your specific firm based on key factors like what type of financial entity you are, what services/products you offer, and where you operate. Ascent then automatically updates your obligations as rules change. This targeted regulatory knowledge allows compliance personnel to know exactly what the firm must comply with at all times, without the manual effort.

GRC (governance, risk and compliance) platforms help operationalize compliance and often house all of a firm’s regulatory information, including obligations, controls, policies and procedures. Workflow capabilities allow users to track and manage their compliance efforts. Leaders in the space include LogicGate, MetricStream, IBM OpenPages, and RSA Archer to name a few.

Point solutions cover a wide swath of RegTechs, helping firms execute compliance in a compliant way or assess compliance with an obligation or control. These could include (but are not limited to) trade monitoring, portfolio risk, know-your-customer, anti-money laundering, operations risk management, and cybersecurity tools. Point solutions are more limited in scope than regulatory knowledge automation or GRC solutions, but when they meet the right need they can provide substantial value.

What technologies do RegTech solutions use?

RegTech providers leverage a wide variety of emerging technologies. Here are a few of the most common:

Machine learning (ML) is the application of algorithms that improve automatically through experience. Rather than being specifically programmed to complete a task, ML models are fed large amounts of data, which they use to learn and improve on their own. In regulatory compliance, ML models can process large amounts of regulatory data and gradually draw conclusions about that data, becoming more and more accurate over time.
Natural language processing (NLP) is the field of using computers to process and analyze human language. In compliance, NLP can parse the unstructured raw text of regulation and reorganize it or otherwise transform it so that people can retrieve meaningful insights.
Blockchain is a digital record of transactions, most often associated with cryptocurrencies. Blockchain has many other purposes however, such as enabling the secure sharing of know-your-customer data within or between organizations for compliance purposes.
Robotic process automation (RPA) allows users to configure metaphorical “robots” or “digital workers” to replicate the actions of a human in a digital environment in order to complete a business process. RPA tools can automate laborious manual processes, like the production of hundreds of disclosures that asset management firms are required to generate throughout the year.

What’s the difference between RegTech, FinTech, and SupTech?

RegTech leverages emerging technology to create tools focused on solving the challenges of regulatory compliance. While the majority of existing RegTech solutions are currently focused on the world of financial regulation, RegTech could also be leveraged for other regulated industries — for example, healthcare.

FinTech, short for financial technology, is the application of technology to solve problems or create new value in financial services. Examples include crowdsourcing platforms, mobile payments, cryptocurrency, robo-advisors, budgeting apps, or the use of open banking APIs. Recently, digital banks that operate purely online with no physical locations are also being referred to as FinTechs.

SupTech, short for supervisory technology, is the application of emerging technology to improve how regulators conduct supervision. Just as RegTech leverages technology for regulated companies, SupTech leverages technology for the regulators.

Can RegTech help me with specific regulation like GDPR?

The rise of data privacy legislation like GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act) have added necessary protections for consumers but have increased financial institutions’ already significant regulatory burden in the process. Depending on what you are trying to achieve with specific regulation like GDPR, RegTech offers various solutions.

There are many point solutions that help firms execute GDPR-compliant behavior. For example, UserCentrics helps firms obtain customer data in a transparent way. Syrenis provides one central platform to manage personal data, legal basis for obtaining that data, consent, and marketing practices. GDPR365 is a compliance assessor that offers guidance on what security weaknesses need to be fixed.

To understand what your organization’s obligations are under GDPR (or any other regulation), look to regulatory knowledge tools like Ascent. Ascent’s AI-driven technology pinpoints the GDPR obligations that your firm must comply with, then updates them automatically if the rules change.

How can I use RegTech to help my firm ease compliance burdens?

There are many use cases for RegTech, but here are some of the most common:

Horizon Scanning — monitoring regulatory developments including rule updates, guidance, and any other communications from regulators to better understand potential threats and opportunities.
Identifying Obligations and Changes — conducting regulatory analysis (also referred to as regulatory mapping) to understand which obligations or requirements your business must comply with. These obligations must then be routinely updated as rules change.
Compliance Management — managing your daily compliance activities and aligning them with the broader framework of regulatory strategy and process.

Finding a solution for these use cases can be challenging since the RegTech space is vast and each solution facilitates a different part of the compliance process. Breaking the RegTech landscape into these four categories makes it easier: 1) Regulatory content tools, 2) Regulatory knowledge automation, 3) GRC platforms, and 4) Point solutions.

For the examples above, the solutions for each use case vary:

Solution for Horizon Scanning: A regulatory content provider such as Thomson Reuters Regulatory Intelligence helps save time with horizon scanning and research.
Solution for Regulatory Obligations: A regulatory knowledge provider such as Ascent identifies your obligations and keeps them updated as rules change. This targeted regulatory knowledge can also be used to understand downstream impact. For example, a rule change identified by Ascent can be used to trigger alerts or workflows related to that rule in your GRC or other compliance management platform.
Solution for Compliance Management: A GRC or other compliance management system such as LogicGate or IBM OpenPages allows you to house and project manage your compliance activities, including assigning tasks, tracking progress against deadlines, and managing any internal documentation such as your controls, policies and procedures. Ascent’s granular obligations can be seamlessly fed into these systems so your regulatory data and activities are monitored, tracked, and managed all in one place.

If you are looking to accomplish all of these use cases, it is likely that your compliance operation requires multiple solutions, combined to create a full-scale compliance technology stack.

What questions should I ask a RegTech vendor that leverages “AI”?

What kinds of AI technologies do you use, and why?

First, brush up on machine learning and natural language processing basics so you can follow the vendor’s response. You do not need to be an AI expert; a good vendor will be able to explain their process in a way that any business leader can understand. What’s important is that you get a clear picture of how the specific technologies and approaches used create business value for you. Is the vendor using “AI” as a flashy marketing term, or is it actually integral to the solution?

Where are you getting the data that is training your algorithms?

Good AI tools require significant amounts of quality data – as they say, ‘bad in equals bad out.’ The vendor should be able to explain how they are ingesting regulatory text (did they build an ingestion or scraping tool, or are they white-labeing another product?), from where (the best case scenario is that the vendor is pulling straight from official regulatory websites), and at what frequency (this should be reasonably frequent so you know you have the most up-to-date information at any given time). The vendor should also be able to explain the quality-assurance process that ensures all intended data points are properly captured.

Are there humans involved in the training of your algorithms, and to what degree?

In many industries, the notion of humans-in-the-loop (meaning the technology is not 100% machine-driven; humans are still involved in some part of the process) is considered a negative sign because it means “that the tool isn’t really AI.” The compliance industry, however, is unusual in that a humans-in-the-loop process is considered a positive. Why? Because the world of regulatory compliance is so nuanced and complex, that AI solutions are far better when trained and QA-ed by human experts in regulation and law. This does not mean that all AI-driven RegTechs require humans-in-the-loop to be great tools, but the vendor should be able to explain why they do or do not involve people in the process.

Who is held liable if your solution fails?

This question is as important for you as it is for the vendor. Because this issue exists in a legal gray area, you must carefully weigh the risk of implementing any new solution (AI or not). A good AI vendor will understand why this is a concern, and should show evidence of a strong model risk management framework, rigorous internal controls, and most importantly be completely transparent about what the solution can and cannot do. If it sounds too good to be true, it probably is.

*Ascent offers a performance guarantee for its AI solution that is backed by an insurance cover from Munich Re Group. Read the case study to learn more.

—

We recommend checking out these articles to continue learning about RegTech and how it can be applied throughout the compliance process:

Want to receive more articles like these? Subscribe to receive helpful content designed to help you win at compliance.

Dec 03

Love0

A former regulator’s take on AI, Big Tech, and RCM

By Ascent Team Blog

Rick Bonhof. Managing Consultant, Synechron We recently sat down with Rick Bonhof, a managing consultant who leads the Amsterdam regulatory change and compliance practice within the business consulting arm of Synechron—a leading digital transformation consulting firm that accelerates digital initiatives for banks, asset managers, and insurance companies around the world.

In his role, Bonhof oversees a team of experts who help clients build the regulatory framework that enables compliance. As an advisor for the digital-first firm, Bonhof is hyperfocused on making compliance more efficient through the use of technology, leveraging emerging tech such as machine learning and existing systems such as GRCs.

Prior to Synechron, Bonhof served as a supervision officer for Dutch regulator Autoriteit Financiële Markten (AFM) at the height of the 2008 financial crisis. After spending seven years crafting and executing supervisory strategy for AFM, he decided to redirect his work from supervising firms to actually helping them become compliant with regulation. And so, after witnessing how Synechron helped a number of financial institutions get back on track with EMIR (the EU equivalent of Dodd Frank in the US), Bonhof transitioned to the firm.

During our sit-down, Bonhof shared his blended supervisory-consultative perspective on a variety of topics—from the role of regulatory change management during the COVID-19 pandemic to how Big Tech will shape the future of financial services.

Editor’s note: This interview has been lightly edited for clarity.

—

Setting the Record Straight on Regulators

Touching on his experience as a former regulator, Bonhof kicked off our conversation by sharing what he wished compliance professionals knew about regulators, and what he wished he had known as a regulator.

When I made the switch from regulator to consultant, I realized that a lot of financial firms are afraid of regulators. But the reality is that regulators are people too and most are not out to fine you. What I think compliance professionals sometimes forget is that if you’re able to explain to regulators why you made certain decisions and how you implemented certain requirements, they’ll listen to you.

“A lot of financial firms are afraid of regulators. But the reality is that regulators are people too and most are not out to fine you.”

My advice to compliance professionals is to document their interpretation of the rule and why they applied the rule in a certain way according to their interpretation, so they have all of the information they need when it comes time to talk to regulators.

On the flip side, what I wish I had known as a regulator was, no matter how simple a request for information may seem on paper, it doesn’t actually mean that there’s a clearcut way to gather requested information or to implement a new rule. Many financial institutions do not start out as multinational global-spending institutions—they grow through mergers, acquisitions, and restructuring.

So there’s a whole collection of teams that suddenly need to contribute to this “one simple request,” making it not so simple after all.

Managing Regulatory Change in the Time of COVID

Bonhof has long emphasized the importance of having a well-documented regulatory change management (RCM) strategy, especially when it comes to major events such as financial crises, election years and of course — the COVID-19 pandemic.

When it comes to regulatory change management, my mantra has been “take control, be in control, and demonstrate control.”

“Take control” is about understanding what your obligations are, understanding the impact of them, and then implementing and enforcing a compliant process.

“Be in control” is about understanding where your firm is in terms of compliance with the requirements, and revisiting both its requirements and compliance processes frequently. You should not only be control testing your processes to understand whether your firm is compliant with existing rules, but also monitoring whether there’s a change coming that could impact compliance with those rules. And, if there is a change on the horizon, then you need to go back to “take control” and proactively act on it.

Lastly, “demonstrate control” is about being able to take the evidence that you have and explain both internally and externally to what extent you comply with those measures.

How to Avoid Dropping the Ball on RCM

In Bonhof’s view, the biggest mistake that firms can make when implementing RCM best practices, is to treat them as a one-time solution.

Most regulatory change management processes are driven by a regulatory change implementation date. Let’s say that a firm has to comply with X, Y, and Z by January 1, 2021. What I’ve found (and even been guilty of myself) is that many firms focus solely on making that milestone without the end result in mind. So once the firm does reach it, everyone sort of drops the ball and says, “We’re done, we made it.” But that’s the wrong approach because 2021 does not mark the end of implementing that change, it actually marks the start of it.

What I’ve found (and even been guilty of myself) is that many firms focus solely on making [a] milestone without the end result in mind.

Firms are expected to be compliant with that new rule, and need to have a roadmap that accounts for what comes after that date. Firms often put makeshift technical solutions in place to meet the deadline, but then what happens is the technical solution silently becomes the structural solution. The result is that there’s no roadmap beyond that point to account for new data that needs to be tracked or changed, resulting in an issue of data quality and therefore explainability.

COVID Response: Swings of the Regulatory Pendulum

To Bonhof, regulatory change management has never been more important as the pandemic response continues to fold. While he and his team have seen the easing of certain regulatory requirements, they have also seen the mounting impact of others.

On the one hand, the regulatory response to the pandemic has been to suspend certain requirements in order to alleviate the burden of regulation. However, at the same time, we’ve also seen an increase in requests for financial firms to implement certain risk measures from regulators such as the European Securities and Markets Authority.

For example, we had an “intelligent lockdown” in the Netherlands that prohibited us from going to the shops or the cinema. As a result, this (like other lockdowns across the globe) had a large impact on service providers, as many businesses had outstanding loans with financial institutions and were suddenly not able to make good on those loans. This has led to a tipping of scales with regulators adding more capital reporting requirements, while continuing to suspend or delay implementation of other regulatory requirements. For example, ESMA deferred the final two phases of its bilateral margin requirements to provide additional operational capacity for counterparties to respond to the immediate impact of COVID-19.

On the Importance of Innovation in IRM

While regulators have been more forgiving during the pandemic, they have also become increasingly more aware of all of the possible gap—bringing the topic of Integrated Risk Management (IRM) to the fore. Here’s Bonhof’s take on IRM.

Integrated Risk Management allows you to identify what risks exist within your firm, define a response to those risks, and then determine whether your firm is within that risk appetite. Ultimately, IRM combines all of those processes and rolls them up into a multi-level process chart where you can prioritize risks and pinpoint which ones are of the highest risk to your firm.

IRM is such a hot concept right now because regulators are putting more emphasis on it.

As part of Synechron’s FinLabs RegTech accelerator suite, I’ve actually had the opportunity to work on automating parts of IRM. Knowing how effective your controls are is a key part of integrated risk management, so we built an intelligent control testing environment that maps a firm’s individual control statements into a decision tree that automatically runs against a data set to help firms quickly pinpoint whether a control is effective or not. This advancement frees up compliance teams’ valuable resources so they can focus on remediating any deficiencies.

These types of innovation are becoming more important as Integrated Risk Management continues to gain more traction. IRM is such a hot concept right now because regulators are putting more emphasis on it. For example, ESMA recently published a consultation paper that assessed the suitability of the management at financial institutions, which concluded that the highest levels of management (including at the board level) need to understand their firms’ requirements, how they are complying with them, and what the state of the firm’s risk management looks like.

Clash of the Titans: Big Banking vs. Big Tech

As an innovator in his own right, Bonhof is naturally drawn to industry disruptors. In particular, he has been following the rise of digital banks and believes that it’s only a matter of time until Big Tech enters into the banking industry as well.

The rise in digital banks has served as a catalyst for digital transformation in the industry at large. In order to stay competitive with digital banks, traditional banks have worked to provide digital services to their customers. For customers, having a digital bank account becomes more of a commodity because it opens up a whole ecosystem of additional services around it.

For digital banks, their competitive advantage is that they’re not burdened by a chain linked system of legacy tools or processes, so they can get it right immediately. Digital banks can be more nimble when it comes to things like digital client onboarding processes and company reporting. On the other hand, it’s difficult for digital banks to achieve the same scale as larger banks. Plus, they’re bound to face the same kind of regulatory requirements as incumbent banks and will need to comply with them, lessening some of their initial competitive edge.

When Big Tech enters the market, it will drive a significant change that some incumbent banks will likely not be able to transition through and will lose traction within the market.

What I’m really curious about is when Big Tech will officially enter into the banking space. Today, we have Apple Pay and Google Pay, but I think that it’s just a matter of time before they’re adding banking services to their offering. At that point the market will change. Digital banks just mark the beginning of the banking industry’s digital transformation. When Big Tech enters the market, it will drive a significant change that some incumbent banks will likely not be able to transition through and will lose traction within the market.

Financial Firms and Regulators to Step Up Their AI Game

With the high likelihood of Big Tech companies entering the market in addition to other innovations in financial services, Bonhof is encouraging the industry to direct its focus toward emerging technologies such as Artificial Intelligence (AI) now, before it’s too late.

I think regulators really need to step up their digital game. They need to understand the tech component that goes into digital banking. AFM just compiled an insightful trend report where they spoke around their fears about Big Tech entering into the financial market. Today, Big Tech is predominantly supervised by privacy watchdogs. But, if Big Tech entered the financial market tomorrow, financial market regulators would not always be allowed to share information with those supervisory agencies, so that would make supervision really difficult.

Regulators are just now issuing responses around the use of AI, which center around the concepts of explainability and trustworthiness. Together, they are two sides of the same coin because they help explain the decisions that come out of algorithms and apply fair principles that limit their biases. However, I still think that we have a ways to go and that regulation around the use of AI will only continue to increase in the future as the digital market matures.

The Role of AI in Regulatory Compliance

According to Bonhof, the role of AI is not just limited to the mechanics of digital banking. It applies to regulatory compliance too.

We recognize that regulators are starting to provide guidelines around AI, so we are changing the way that we advise our clients about AI. AI was once the new and exciting thing to talk about. Now it’s the means to an end. We’re looking at where AI models can help firms improve explainability in their compliance processes.

AI was once the new and exciting thing to talk about. Now it’s the means to an end.

Using robotics (or AI) helps automate certain regulatory compliance processes such as horizon scanning, and makes the outcomes of those processes more predictable and reliable. AI allows teams to focus less time doing the monotonous work of running these processes and more time on investigating outliers. Instead, the “robot” leads the processes and identifies areas where there are inconsistencies that require the review of compliance experts.

On Implementing RegTech: Final Advice

So, what’s Bonhof’s advice to firms that are looking to implement new technologies in their compliance programs? “Be really clear about what you want to achieve in your compliance program and therefore what you want the technology to achieve.”

First, you need to understand where you are and where you want to go. For instance, if your firm was just fined by a regulator, then you’ll likely need to find a solution that can help you become more compliant. On the other hand, if your organization is in a good place but needs to become more efficient, then it’s likely you’ll need a different tech stack than the firm that was recently fined. When you understand what you want to achieve by adding technology, then you can better pinpoint the right type of technology solution for your compliance program.

If you’d like to learn more about Synechron, visit their website. To learn more about Rick Bonhof, connect with him on LinkedIn.

If you’d like to contact an Ascent team member, you can do so here. Stay tuned for our next interview from the lines of defense. All interviews will be featured in our monthly Cliff Notes newsletter, which you can subscribe to below.

Subscribe to Cliff Notes

Jul 01

Love1

RegulationAI™: World-Class Technology Built for Compliance

By Ascent Team Blog

When it comes to automating any aspect of compliance, how the technology itself is built has serious implications for your business. Here we explain the building blocks of Ascent’s RegulationAI™, what makes it unique in the industry, and how our approach ensures that you truly have what you need to eliminate regulatory gaps, avoid fines and ultimately be more competitive.

Not all automation is created equal

Ascent invented a new kind of technology called Regulatory Knowledge Automation in order to tackle one of the most intractable challenges in compliance: mining mountains of regulatory information to get to the insights that matter — in other words, the actual actions our customers need to take (or refrain from taking) in order to stay compliant with the law.

How the technology works is just as crucial as the output of that technology. As all those who work in compliance know, it is not only the destination that matters, but how you got there.

Thanks to rapid advances in technology in recent years, compliance personnel now have a range of digital tools to help streamline this process. However, not all tools are created equal – especially when it is your firm’s reputation and financial wellbeing on the line. Other solutions may be partially automated, but depending on how they are built may actually create more work for the end user and increased risk for the business.

So while automation can seem helpful on the surface, it is crucial to understand the basis for the algorithms and the differences between solutions so you can make the right choice for your business.

Ascent’s RegulationAI™ breaks down regulatory text line-by-line in order to pinpoint the obligations relevant to you. Conversely, other solutions rely on algorithms that act much like a search engine. Their software skims through regulatory documents in search of key phrases or specified search terms that might be related to a company’s business requirements. The result is guesswork, but scaled up – thousands of potential obligations that may or may not be relevant to you, which your team must still manually review. Manual reconciliation is required with every change in regulation, adding liability instead of reducing it.

When it comes to using automation to analyze regulatory text — a job that once could only be done by humans — how the technology works is just as crucial as the output of that technology. As all those who work in compliance know, it is not only the destination that matters, but how you got there.

Granularity: a crucial new concept in regulatory technology

Click here to read more about how Ascent delivers granular obligations.

The magic is in our method

To understand why Ascent’s RegulationAI™ outperforms other solutions, it is important to first understand how it works.

Ascent’s team of engineers, data scientists, and compliance officers have spent years building, training, and optimizing the algorithms that power our platform, which are built using machine learning and natural language processing technologies. Only about 35 percent of any body of regulatory text contains an actual obligation (the rest consists of definitions, clarifications, and other ancillary information) and an even smaller percentage of those obligations apply to any particular business. Our algorithms are trained to spot the difference, and immediately get to work parsing out the text into obligations and non-obligations.

The output of this process is then verified by our in-house compliance experts as part of our humans-in-the-loop process. Their insights then get fed back into the system, making the algorithms that much smarter and more accurate as time goes on.

The output of this process is then verified by our in-house compliance experts as part of our humans-in-the-loop process. Their insights then get fed back into the system, making the algorithms that much smarter and more accurate as time goes on.

Targeting obligations to you

Once the regulatory text has been decomposed and quality-assured, our RegulationAI™ has nearly everything it needs to do its magic. The last step is input from you, our customer.

In order for our RegulationAI™ to deliver the obligations that apply specifically to you, it needs to know some key information about your business; for example, what types of products or services you offer and in which regions you operate. This step takes the form of an online questionnaire. Once this questionnaire is complete, our RegulationAI™ rapidly maps regulation to your business profile, providing you with a clean, complete, and streamlined register of obligations in minutes.

The true value of granular obligations

Because of how our RegulationAI™ breaks down regulatory text, we are able to offer obligations at a granular level. This means that every obligation delivered to you is the individual requirement imposed on your business, not an entire rule or large block of regulatory text that you must further analyze. Furthermore, every obligation automatically updates as rules change and is linked to the specific rule it came from, so you have full traceability into how your obligations were derived.

How Ascent’s RegulationAI™ works is the key difference that sets our technology apart. It is the reason we can provide obligations that are precise, down to the line level of regulation. It is the reason we can map obligations to your specific business with unmatched accuracy. It is the reason why we can analyze the regulatory landscape and identify the rule changes that are relevant to you, and then connect them to your existing obligations so you are never dealing with outdated information.

Do great business while minimizing risk

With the power of RegulationAI™ at its core, Ascent provides regulatory knowledge that is tailored to your company so you can effectively reduce risk and avoid regulatory infractions that could set your business back. Unlike legacy technology implementations or traditional service engagements that might take many months and thousands of dollars, Ascent has $0 implementation fees and can be set up in days.

Great technology enables and enhances your team. With Ascent, you can shift your focus to developing a proactive, scaleable compliance strategy that makes your business more competitive — without the constant worry of accidentally missing an important update or keeping records that will stand up to regulator scrutiny.

Enjoy this article? Subscribe to receive fresh ideas on how to leverage automation for stronger, more efficient, and more cost-effective compliance.

Apr 22

Love2

Creating Regulatory Knowledge

By Ascent Team Blog

Every day in the world of regulatory compliance, humans create knowledge out of data.

Risk and Compliance teams scan the regulatory horizon, gathering information relevant to their industry. Compliance analysts then assess those regulatory documents to extract the laws, rules and regulations within them, and then analyze those requirements to determine which might apply to their business. This manual process takes the raw data of regulatory rulebooks and other documents and, through hundreds of hours of hard work, turns it into knowledge.

Only then, finally armed with this knowledge, are teams able to begin the real, vital work of compliance — reconciling their obligations with their policies and procedures, creating controls, and implementing compliance throughout the business. This knowledge creation process is a necessary but tedious and burdensome part of regulatory change management.

And, in our current regulatory climate, it is increasingly impractical.

The Global Financial Crisis of 2007-2008 remade the financial services landscape and, in the process, ushered in a new era of regulatory oversight — one that moves at a superhuman pace. Rule changes have increased 500 percent in the last decade. In fact, a new regulatory update gets implemented every 7 minutes.

Historically, increasing personnel was the primary lever teams pulled in order to keep up with this breakneck regulatory pace. But the current global health crisis and its bear market budget constraints has made that option no longer feasible.

Instead, teams have to turn to the only remaining path forward: emerging technologies.

Regulatory knowledge automation is the process of using machines to complete the knowledge creation process. By leveraging next-generation technologies like machine learning and natural language processing, the knowledge creation work can be completed in mere minutes, at a fraction of the cost, and free from human-error.

And most importantly, regulatory knowledge automation can liberate Risk and Compliance teams from the burdensome aspects of regulatory change management so that they can instead focus on the more critically human responsibilities of their roles.

READ ARTICLE: What is RegTech and Why Does it Matter?

Automating Regulatory Change Management

Regulatory change management is composed of three stages, all of which can be simplified by emerging technology.

Stage 1: Monitor

In order to keep their finger on the pulse of the regulatory environment, track emerging trends, and identify new obligations and regulatory updates, Risk and Compliance teams have had to closely monitor the vast and fast-paced regulatory landscape.

Historically, this has meant that Compliance analysts had to become experts at finding any industry-related regulatory information and teasing out its applicability to their business. This process — often referred to as horizon scanning or regulatory monitoring — can be an extremely burdensome one, especially considering the high cost for a mistake. Like the proverbial needle in the haystack, any obligation missed among the thousands of lines of regulatory information could have severe consequences come audit time.

But, at root, this process is one of aggregation — something artificial intelligence has long since proved its expertise at. Regulatory intelligence tools now exist that can deliver up a comprehensive view of the regulatory landscape in an instant — taking human-error out of the equation and freeing up an analyst’s time.

Stage 2: Identify

Once the information has been aggregated in the horizon scanning stage, teams then have to sift through the vast troves of documentation to extract the laws, rules, and regulations within them — a complicated undertaking given the dense language and complex structure of these documents, and one that has to be repeated every time a new update is released.

This process had, historically, been the line in the sand for how automation could help with regulatory change management. A machine could aggregate the documents for review, but a human was always needed to extract the knowledge out of all that regulatory data.

By leveraging natural language processing (NLP) and machine learning (ML) technologies, though, we at Ascent have been able to change this. It is now possible to fully automate the knowledge creation process of regulatory change management.

To understand how, we need to understand how the technologies involved function.

NLP is the combination of computer science and linguistics that allows computers to understand human language. In essence, NLP takes the dense texts of regulatory documents and “translates” them into machine-readable language. ML is the capability to “train” systems how to complete a task. Once NLP has translated regulatory text into something that can be read by a machine, trained ML systems can extract the rules and requirements from that dense text.

These technologies make it possible to automate the “identify” stage of regulatory change management, reducing a 100+ hour workload into mere minutes.

They also revolutionize the third and final stage of regulatory knowledge creation: Analysis.

Stage 3: Analyze

Once the regulatory documents have been gathered and the laws, rules, and regulations extracted, teams must then analyze this inventory of obligations to determine which apply to their business.

This is one of the most complex parts of regulatory change management and — just as with the “identify” stage — it had previously been impossible to automate. But the same technology we used to revolutionize the extraction of laws, rules, and regulations from documents can be used to analyze those obligations.

Ascent’s RegulationAI™ is a true innovation in regulatory technologies. It uses neural networks — the same technology that powers image recognition software and self-driving cars — to automatically assess which rules apply to your business. RegulationAI™ has been trained not only to identify laws, rules, and regulations from within regulatory documents, but to also take those obligations, assess how they correspond to various businesses based on their business practices and regulatory burden, and then determine which obligations apply.

RegulationAI creates knowledge out of regulatory data

RegulationAI™ is able to deliver up a complete list of obligations that are specific to your business in mere minutes, at a fraction of the cost, and free from human-error.

This liberates Compliance and Risk teams to perform other, more critical work, but — because the technology digitizes the regulatory documents in the process — it also makes it possible to improve processes that come after knowledge creation.

With regulatory documents now in a machine-readable form, it is possible to turn those documents into searchable databases, to track changes and rule updates, and even to ingest the data from those documents into a workflow management tool or GRC so that teams can interact with them — marking them for review, sharing them with other team members, and more.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

Start unlocking the power of automation today.

Ascent’s regulatory knowledge platform offers AI-powered solutions for each stage of the regulatory knowledge creation process.

Regulatory Monitoring: Our regulatory monitoring solution allows you to view, search, and organize regulatory content from around the world, all in one place.

Dynamic Rules: With Dynamic Rules, you can examine rules relevant to you and instantly and easily identify changes.

Obligations: Our obligations management tool automatically generates your obligations for you, helping you build a sustainable, bulletproof compliance program that scales.

Enjoy this article? Subscribe to receive helpful content designed to help you win at compliance.

Modern challenges require modern tools. Interested in seeing how Ascent can help you identify your obligations and automatically keep them updated as rules change?

Contact Us

Mar 10

Love2

Creating Confidence in an Uncertain World

By Spencer Allee Blog

The Compliance Conundrum

We live in an uncertain world. This is something Compliance and Risk teams know all too well.

We often hear from our customers about the anxiety and chaos that uncertainty causes in the world of regulatory compliance — uncertainty in how rules are changing, uncertainty in what rules are important and likely to be enforced, uncertainty in whether they are tracking all the right obligations, uncertainty in whether their business is properly complying with rules.

Unfortunately, reducing that uncertainty traditionally costs a lot of money. The only lever most companies have to pull is to hire more people — compliance officers, lawyers, consultants — to keep track of obligations. These costs don’t scale well and have, at best, unclear ROI.

At Ascent, our goal is to insulate our customers from some of that uncertainty that has traditionally plagued them. To do this, we are building the largest programmatically-accessible body of regulatory knowledge in the world, and we are building the tools to scale this knowledge set as fast as regulators change their information, all while maintaining the quality and accuracy required for our customers to succeed.

But just like our customers, we too face our own uncertainty challenge: How can we be certain, especially when working with datasets that are far too large to be checked manually, that our information is correct?

Rather than running from this problem, though, we embrace it — and use technology to help solve it. We design our tools and strategies in a way that treats uncertainty as a reality that we can manage. Everything — from our knowledge production processes and internal and external product decisions to the technology that powers our scale and the governance around our machine learning modeling — provides levers we can pull to more effectively manage quality and scale for our customers.

READ ARTICLE: What the Tech? Machine Learning Explained

Knowledge Risk Framework

The first tool we use to manage quality and scale in the face of uncertainty is a simple knowledge risk framework: for any given step of our knowledge production process, what is the accuracy our customers need to be successful, and what is the most efficient way of maintaining that accuracy given our portfolio of tools?

For example, consider the technology that powers self-driving cars. The accuracy the technology requires varies depending on the action the car is completing. If the task is parallel parking without hitting a bumper, 95% accuracy is probably sufficient. If it’s turning left into oncoming traffic, accuracy will need to be much, much closer to 100%.

One of the key capabilities of our solution is the ability to analyze regulatory text, extract the obligations from within it, and automatically determine which of those obligations apply to our customers’ business. Making sure that this process is complete and error free is absolutely critical for our customers. Missing an obligation is like messing up that left turn — it’s not an option.

So for this process, we do not rely purely on machine learning models, which always have some error rate. Instead, we combine machine learning with domain expert review and internal tooling, allowing us to dramatically accelerate the rate at which we conduct this decomposition while maintaining extremely high quality. Think of it as having a human driver in that self-driving car to supervise left turns.

By taking this approach we have eliminated more than 80% of the effort it takes to do this step manually, while still achieving the same or better level of quality than a fully manual process.

In another example that’s less critical than identifying obligations, we have a step at which we classify regulatory documents into different internally-defined categories to help our customers filter. Because we have many different ways for our customers to find the right documents, the accuracy requirement for this specific step is much lower, which means we can use a machine learning model exclusively and sample a small subset of predictions periodically to estimate our accuracy statistically.

By applying this knowledge risk framework, we know that we’re spending our resources to eliminate uncertainty where it matters the most for our customers, while scaling the value we provide much more quickly than most customers can do themselves.

Probabilistic Predictions and Measured Uncertainty

We also use math and statistics as a way of managing quality in the face of uncertainty. Our solutions are powered by machine learning models — essentially, algorithms that are trained how to complete a task using large sets of data. We give our algorithms a task — for example, determine whether this line of text within this regulatory document is an obligation or is supporting text. Our algorithms reference the vast archives of regulatory text on which we’ve trained them to predict an answer to that prompt — what’s known as a prediction.

Using probabilistic predictions, our machine learning models can give us a measurement of how “uncertain” they are about that prediction. Think of it like a Jeopardy! contestant labeling each answer with a score of how confident she is that she’s right. If the model consistently predicts a similar answer with a very high probability, we can interpret the model as being more certain that its prediction is correct for that data point. This gives us the opportunity to break up our predictions into different measurable confidence “tranches” with different accuracies at different levels of confidence.

For example, if we decide as a business that our risk tolerance for a particular step is very low — that it’s a “left turn into oncoming traffic” kind of step and we need 99% accuracy — we can choose a confidence threshold above which we consistently achieve 99% accuracy. Any predictions above that threshold can be fast-tracked efficiently, whereas any predictions below that threshold can go into a queue for further human review.

Initially, this could require a fair amount of manual labor on our part. But the power of machine learning models is that they continue to learn. So as we accumulate more human-reviewed data, our models continue to improve and the size of our “high confidence tranche” increases, driving up our overall efficiency while maintaining our quality.

Correcting for Model Drift

Another source of uncertainty is one all predictive models must inevitably contend with: model drift.

Machine learning models use historical data to make predictions on new data. Sometimes the relationship between historical and new data is relatively static — for example, making a left turn now isn’t materially different than making a left turn five years ago. Other times it can be much more dynamic — like comparing sunscreen sales in August to those in December. As our regulatory scope continues to expand, a possible drift between patterns in historical data and patterns in new data is something we have to guard against.

To do this we rely on process, technology, and some clever sampling techniques. We have built and continue to invest in a modern machine learning infrastructure that makes it easy for our data scientists to monitor model performance, retrain models with new data, compare multiple models against each other, and quickly deploy the models that perform the best. We also maintain a stream of human labeling to compare against our model labeling, even for models that are performing well. This allows us to constantly collect quality metrics, identify error modes and drift, and generate additional training data.

We’ve designed our internal tooling to take advantage of smart sampling techniques to apply our domain-expert labeling time to the most information-rich data points, so that if we label even a fraction of a percent of a dataset we can maximize the value of that ground truth information and propagate it across the broader dataset. All of these strategies increase our confidence that the models we have deployed are the best they can be with the resources we have; in other words, we are able to maximize the leverage of our data science and domain expert labor across the uncertainty-quality tradeoff.

Managing Enterprise Risk

Finally, as a business we also think about uncertainty from the perspective of enterprise risk and the internal control frameworks we have in place to manage that risk. Even as a growing startup, we have invested time and resources into building out a robust Model Risk Management framework, established on many of the same guiding principles that financial institutions follow when using quantitative models like credit risk models.

We have well-documented processes for reducing risk during all stages of model development:

When we develop models, we follow documented policies around our development standards, testing procedures, and stakeholder review.
We validate our models by using independent teams within the company and human review of model outputs.
To help govern our modeling practice and overall data generation approach, we use a model inventory, follow a detailed change management process, and have clearly identified roles and responsibilities.

These operational investments reduce the risk that we inadvertently let entropy creep into our production system and gives us comfort that our process is working correctly.

We live in an uncertain world

For a self-driving car to be a safe option, how safe does it need to be? 90% accident free? 95%? 100%?

Logically, the answer is it needs to be safer than the safest human driver. No self-driving car will ever be 100% accident free, but neither will human drivers.

The same holds for regulatory compliance. The size of regulatory data is too large, and the world changes too quickly, to ever know with 100% certainty every detail of every word across all regulators. Even if any business could afford to pay enough humans to read through every document multiple times, they wouldn’t be able to pay to rule out human-error.

But by acknowledging that we live in an uncertain world and by using state-of-the-art technology, smart process and frameworks, and the power of machine learning, Ascent can help financial institutions navigate the world of regulatory compliance more quickly and efficiently — and with a lot more certainty.

Enjoy this article? Subscribe to receive helpful content designed to help you win at compliance.

Jan 20

Love1

Open Banking: What It Is, Why It Matters, and How RegTech Can Help

By Ascent Team Blog, Featured

If open banking lives up to its promise, it could revolutionize modern banking and simultaneously usher in waves of new regulation and compliance changes.

Digital disruption is burning through almost every sector of our modern economy, creating exciting new opportunities while also unleashing chaos on long-established ways of doing business.

Banking is one of digital disruption’s latest beneficiaries, and one specific trend has been causing a lot of buzz: open banking. It’s a topic that, if it lives up to its promise, could revolutionize modern banking and simultaneously usher in waves of new regulation.

In this brief primer we’ll break down what open banking is, why it’s making so much noise, and how technology can help solve the compliance challenges technology has created.

What is Open Banking?

Broadly, open banking is a banking practice that gives users the ability to grant third-party financial service providers access to their financial data.

The basics of open banking have been around for a few years now — the same principles can be found in budgeting tools like Mint or YNAB. But historically, apps like these have used a process known as “screen scraping” — where users give the budgeting app their bank username and password so the app can then “scrape” their financial information from the bank’s site. What is generating all the excitement around open banking now is the possibility to extract this information by instead using an API.

APIs (or, application programming interfaces) are a way for third-party providers to plug directly into an app or web service. So rather than giving Mint your bank username and password, you would instead grant it authorization to access your bank information, which Mint would then connect to directly through the API.

So why is an API so much more powerful than screen scraping?

Because for one, you don’t have to share your username and password with third parties, whose cybersecurity protocol might not be robust as your bank’s. Also with an API, if the username or password is changed, the connection isn’t broken. And the process is significantly more efficient for the third party, who now has direct information to the data they want, rather than having to scrape it from another source, reformat it, and then ingest it.

But open banking’s most exciting opportunities extend far beyond budgeting apps.

What open banking really allows for is a more efficient and secure way to share financial data.

When looked at from this perspective, the possibilities start to become industry-shaking opportunities. Here are just a few examples:

The labor-heavy process of getting a loan, currently requiring the lendee to pass off reams of financial statements and information to a lender, who then has to ingest those materials, could become significantly easier for all parties involved. An API would allow lenders to have more efficient access to up-to-the-minute information with much less work from the lendee, and would allow lendees to only share the information relevant to the lender.
Aggregation tools are already making money management a much simpler, more cohesive process. Existing solutions allow investors to get a truly holistic view of their investment portfolio, even if assets are custodied at different institutions. And emerging solutions are revolutionizing how investment advisors interact with custodians, how they analyze client data, and how they present to clients.
The complicated payment system that exists today is also starting to be streamlined. APIs are now connecting developers with payment systems, and it could soon become possible to make payments directly out of a bank account rather than needing an acquirer to process payments via a credit card company. This would limit the number of times user data needs to be shared and reduce costs for both vendors and customers.
Accounting solutions for both businesses and consumers are emerging that would make the process more efficient and less costly. Businesses will be able to benefit from bookkeeping applications that can plug directly into their payments feed and consumers could see a cheaper and easier tax-preparation process.

The great promise of open banking is that it liberates your data from being held solely at one financial institution in order to make it available to companies of your choosing. Ultimately, it will take some time before the benefits of this are truly understood and realized.

Regulating the Open Banking Revolution

As these benefits start to come to light, though, they will not be without risks. For example, direct access to user data, even if theoretically more secure than current practices, is an unsettling idea. And digital disruption within any industry can be chaotic, as rules and best practices become upended, outdated, and replaced. That’s why the open banking revolution is certain to be accompanied by new regulations designed to help protect consumers.

The European market already offers a preview of those regulations — and the challenges that come with them.

The second Payment Services Directive (PSD2) was rolled out in Europe by the Competition and Markets Authority as a way to spur more innovation and competition in the banking sector. In recognition of the opportunities presented by open banking, PSD2 required enterprise banks to make their data available in a secure, standardized form, so that third-party providers (TPPs) could plug into and leverage that data through APIs.

Banks were given until March 2019 to provide TPPs with a simulated bank environment where they could test their APIs before they became fully operational in September of that same year. And yet over 40% of the European banks missed the deadline.

This is just one example of how, even in the early days of open banking, a significant number of large banks are struggling to meet the demands of the associated regulations. As the effects of open banking are more widely felt, and as wider-reaching regulation accompanies them, the workload on banks and financial firms is sure to only increase.

New technology, though, can help solve the same problems that new technology has created.

RegTech: Open Banking’s Best Friend

Just as advances in technology are upending the banking industry, they’re also revolutionizing the world of regulatory compliance. RegTech (Regulatory Technology) companies are leveraging machine learning, natural language processing, blockchain, AI, and more to solve the problems of regulatory compliance.

RegTech solutions will be crucial both to new open banking companies looking to quickly get off the ground and to traditional, large banks implementing new solutions to stay competitive in a changing environment. AI-powered regulatory change management solutions can help automate the burdensome tasks of regulatory research and analysis, so banks and financial firms can stay up to date on all regulatory updates — related to open banking and otherwise. And obligations management tools can automatically deliver up a complete obligations register, reducing to mere minutes a task that can take thousands of hours.

Ultimately, the wide variety of RegTech solutions currently available will allow banks and financial firms to stay ahead of the waves of regulation by quickly and efficiently building a RegTech stack specific to their needs.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

The digital disruption revolutionizing the financial services industry isn’t going to subside anytime soon. And banks and financial services firms can leverage RegTech solutions to help make this fast-paced change work for them.

LEARN MORE: Click here to learn about Ascent Solutions

Ready to see a live demo? Get in touch today!

Dec 16

Love1

Forecasting RegTech: 2019 Trends and 2020 Predictions

By Ascent Team Blog

(7 min read)

“RegTech is no longer just for early adopters. We’re starting to see the actual, tangible benefit these technologies can provide.” -Brian Clark, CEO, Ascent

2020 is set to be a big year for the RegTech industry, and the start of an even bigger decade. We’ve seen a significant investment in the RegTech space over the last handful of years, galvanized by the technological advancements that now allow RegTech to solve real problems for Compliance and Risk teams, saving them money and time and reducing risk in the process.

Now on the doorstep of the new decade, we wanted to take a moment to look back briefly at some of the trends we saw in 2019 and peek into our crystal ball as we make a few predictions about the year ahead.

Trends We Saw in 2019

RegTech has crossed the chasm. Last year was the year that RegTech stopped being a thing that was going to happen and started being a thing that was happening. Companies moved past pilots and out of the innovation phase and began operationalizing benefits in a production environment. As Ascent Founder and CEO Brian Clark put it, “RegTech is no longer just for early adopters. We’re starting to see the actual, tangible benefit these technologies can provide.”

The wheat started separating from the chaff. As part of that evolution out of the innovation phase, RegTech ventures either found and connected up with a market demand — or they didn’t. And with those that didn’t, we started to see the first handful of failures. Ultimately, this will be good for financial institutions as it will make it easier to identify which companies are truly creating value.

Regulators went on the record about RegTech. This year we also started to see regulators asking firms what they’re doing to leverage RegTech. This is obviously an exciting theme for the RegTech industry, but it’s also exciting for financial institutions. As regulators embrace technology as a viable solution, it should help give Risk and Compliance teams a path forward through the growing and increasingly dangerous regulatory maze. Speaking of . . .

Pressures to comply only increased. Unsurprisingly (and unpleasantly), we only saw more enforcement actions with higher regulatory fines, creating more pressure on Risk and Compliance teams. The FCA kicked off 2019 by levying its largest personal fine ever and ended up filing 160 enforcement actions before the year was over. Not to be outdone, the SEC published a whopping 2,754 enforcement actions this year alone, including 95 against public companies — the highest number in a decade. Just as unsurprisingly: this isn’t a trend we expect to dissipate anytime soon.

The marketplace became even more global. And, because of this, regulations and privacy legislation became more global too. This means that companies operating in international markets have yet more rules and regulations they’re required to be in compliance with. We discuss more below as, like the others above, we don’t think this one is going away any time soon.

Trends We Expect to See in 2020 in the RegTech Industry

Operationalizing will be the name of the game. Moving out of the innovation phase, it will be key for RegTech ventures to lock down operationalizing and scale so that they can answer the very important question they keep hearing from financial institutions: “Can you prove to me this thing actually works?”

We’ll likely see still more investment, but done thoughtfully. In the first 3 quarters of 2019 alone, investment in the RegTech space grew by 103%. We expect we’ll continue to see more funding, but it will be of the middle-stage, thoughtful kind. Now that the ideas are out on the table, investors will be looking to find companies that are demonstrating product fit by acquiring more customers. This will be a tell-tale sign for financial institutions, too, as they evaluate potential solutions.

Look out for a burgeoning ecosystem. As RegTech separates further from FinTech and truly becomes its own industry, we expect to see additional technologies and ventures popping up to create a supportive ecosystem. Financial institutions should keep an eye out for things like consultancies, which can help them evaluate and implement RegTech solutions, and complementary tech like open APIs, which would allow them to plug new solutions into existing systems.

READ ARTICLE: Building RegulationAI: Solving Compliance in the Age of Artificial Intelligence

. . . in Financial Services

Brace for the crunch. Increasing cost pressures on both the buy and sell side, shrinking margins, the rise of formidable FinTech and challenger banks — all of these factors are likely to continue, further driving the consolidation trend we’ve seen recently and helping firms realize that, for some of these obstacles, technology offers the only viable route forward.

Increased globalization means increased risk. We expect this trend from 2019 to only get more prevalent and more dangerous. Think of it as a simple risk array: Firms are operating in more marketplaces doing more things with increasingly larger penalties — and they’re doing it with the same amount of staff. They can scale up personnel until payroll begins to buckle, or they can turn to technology.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

. . . from Regulators

Big topics will get a lot of attention. Privacy, cybersecurity, and cryptocurrency are all major themes we expect to see regulators continue to focus on in 2020. Additionally, other headline-makers like Brexit will likely cause a lot of activity. And the looming recession(s), if actualized, would kick off more action by central banks, more uncertainty, and a lot more work for regulatory compliance.

No appetite for keeping quiet. The above themes and others seem to be in the news on a near daily basis, giving regulators not just an incentive but a public mandate to become increasingly effective. This comes with the need to be stronger in enforcement actions, one contributor to some of those major fines we’ve seen recently.

Jurisdictional arbitrage is no more. The days when you could choose your jurisdiction according to a region’s regulatory policies are largely over. The globalization of the marketplace means that more financial institutions (including many SMEs) are operating in multiple countries, and so they’re forced to abide by all of the regulatory bodies governing those countries. Compliance and Risk teams are then given the mammoth task of somehow knowing all those rules, keeping up to date on them, and following them — which, for simplicity’s sake, often means universally abiding by the strictest.

Expect collaboration — but not cohesion — among regulators. While we have seen regulators working together to find and implement technology solutions, don’t expect to see cohesion across their requirements. Even as the marketplace becomes increasingly global, each regulator will have to abide by its own government mandate. After all, they don’t serve the financial institutions they audit but the consumers of their respective jurisdictions. Ultimately, there’s only one way to reconcile the differences between regulatory requirements — via technology.

READ ARTICLE: The Ultimate List of Compliance Conferences and Events

What Ascent is Excited about in 2020

Just as 2020 is shaping up to be a big year for RegTech as an industry, it’s looking to be another banner year for Ascent. Here are just a few of the opportunities that have us excited to tackle the new year:

We were thrilled to be selected by the Global Financial Innovation Network (GFIN) to pursue a cross-border pilot earlier this year. We believe the opportunity to collaborate directly with regulators could create value for the entire market, helping firms to operate more efficiently and to reduce costs while consumers are better protected. We’re excited to see what the future holds for this initiative.
Speaking of excited, we recently raise $19.3 million in our Series B funding round. This investment will empower us to scale and further operationalize our business, and it will be nothing short of fundamental in advancing our mission to reduce the cost of compliance and protect the rule of law. We can’t wait to put the funding to work in the year ahead.

LEARN MORE: Click here to learn about Ascent Solutions

Dec 11

Love1

“But Does RegTech Actually Work?” 3 Ways Financial Firms and RegTechs Can Bridge the Trust Gap

By Ascent Team Blog

(5 min read)

With the right vetting process, it is absolutely possible for you to have confidence in the technological tools you choose to adopt

You’ve just been shown a RegTech demo and the technology is something right out of your dreams. It can save you thousands of man hours, significant amounts of money, and reduce your regulatory risk in the process. There’s no doubt it sounds amazing, you think. But can it actually do all of the things promised?

This is not an uncommon question, representative of the trust gap that currently exists between RegTech companies and the financial institutions they serve. This trust gap is certainly understandable — RegTech offers new technology and skepticism is natural whenever that’s the case.

Even more importantly, with something as complex and vital as regulatory compliance, financial firms need to be skeptical as they evaluate possible solutions. Consequences for any technological shortcomings can be catastrophic. Why would Compliance and Risk teams take a gamble on something that seems too good to be true?

Because, for one, the opportunities new RegTech ventures present are real and powerful. And for two, because the alternative — not adopting technological solutions — is far worse.

If the trends of the last decade continue, the regulatory “tax” firms are forced to pay is only going to increase, and the fines for non-compliance will only grow too. That means firms will have to hire more people to take on more work that could have more costly mistakes. Financial institutions will be forced to adopt new technologies as they offer the only viable path forward.

But Compliance and Risk teams don’t need to feel stuck between a rock and a hard place.

With the right vetting process, it is absolutely possible for you to have confidence in the technological tools you choose and to be excited about adopting them. Here are a few strategies we suggest.

1) Educate Stakeholders about the Technology

New technology can often seem like a black box. If you don’t know what’s happening inside that box, it can be difficult to trust that it’s doing what it’s supposed to. But by learning more about how that technology works you can begin to understand it, better evaluate it, and (if it’s the right fit) begin to trust it.

RegTech companies can and should help with this education. At Ascent, for example, our technology helps customers automate regulatory compliance. We do this through our proprietary RegulationAI™ — a “digital brain” that processes and analyzes regulatory text in order to deliver to our customers the regulatory obligations and rule changes that are most relevant to them.

To help this digital brain not seem like a black box, we educate our customers on how it works. It’s powered by two primary forms of technology: natural language processing (NLP), which helps computers understand human language, and machine learning (ML), which is all about creating models that are designed to learn on their own.

Once our customers understand how these systems operate together — how, specifically, we use NLP to rapidly analyze millions of lines of regulatory text, which we then feed into our ML models to teach them how to “read” the regulations — they understand how RegulationAI™ is able to deliver up a dynamic obligations register specific to them.

Instead of seeing our technology as a black box, financial institutions can evaluate whether it’s right for them, and our customers can have confidence when using it.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

2) Pilot a Solution First

A pilot can be a great way to let you dip a toe into new technological waters before taking the deep dive. For day-to-day users, a pilot lets them understand from a hands-on level how the solution will fold into their processes. And for decision-makers it lets them see real results before making a full commitment.

To run a low-stress, high-outcome pilot, we suggest the following three strategies:

Clearly defining the goals of the pilot, so you can accurately determine whether they are met or not;
Making sure both decision-makers and day-to-day users are on the same page about how the pilot will work and what to expect from it;
Obtaining useful feedback in a systematic way — both throughout the pilot and once it’s been completed.

At Ascent, we offer our customers the opportunity to test drive our solutions with a low-cost, low-risk pilot. Our Customer Success team is fully engaged throughout, making onboarding as simple as possible for your team while still ensuring you gain a clear understanding of all the ways Ascent can help you achieve your goals.

3) Collaborate with Other Parties

Here at Ascent, we are big believers in collaboration. We think that a developing space like RegTech will only be empowered by interaction and collaboration between all the parties involved. And we believe collaboration can be key in helping financial institutions gain confidence in different RegTech solutions.

Here are a few ways collaboration can help build trust:

Financial institutions can reach out to other institutions that are already using new RegTech solutions to help understand how the technology has been beneficial and learn about any potential pain points.
Financial institutions can work with consultancies to help evaluate new solutions and implement them efficiently and effectively.
RegTech companies can work with financial institutions to make sure their solutions truly meet the needs of those institutions and to provide educational materials to help institutions develop confidence in new technologies.

In fact, regulators themselves are getting in on collaboration too, as evidenced by groups like the Global Financial Innovation Network (GFIN), an international collection of 35 organizations which serves as a network for regulators to knowledge-share and collaborate on bringing RegTech innovations to bear.

As always, whenever regulators themselves adopt a practice, it’s a good sign that the rest of the market will likely follow suit soon.

READ ARTICLE: Ascent Selected by GFIN for Regulatory Cross-Border Pilot

Bridge the Gap with Ascent

At Ascent, our AI-powered solutions help you manage regulatory change with confidence, so you can focus on the high-value activities that matter most, without the constant worry of accidentally missing an important update or keeping records that stand up to regulatory scrutiny.

You don’t have to drown in regulation, and you don’t have to cling to a life raft you don’t have faith in. Find the solution that’s right for you.

LEARN MORE: Click here to learn about Ascent Solutions

Modern challenges require modern tools. Interested in seeing how Ascent can help you automate horizon scanning, change management, and obligations management?

Contact Us

Jul 01

Love2

Better by Design (Thinking): How We Combine Sprints with Customer-Obsession to Drive Product

By Ascent Team Blog, Culture, Tech

At Ascent, we strive to approach each and every challenge with this mindset that promotes first of all empathy, then understanding, then innovation, and finally a “best-fit” solution.

By Subha Sriram, VP Product

A design thinking mindset is perhaps one of the most important assets for a company as it searches for innovative solutions to problems both anticipated and unexpected. At Ascent, we strive to approach each and every challenge with this mindset that promotes first of all empathy, then understanding, then innovation, and finally a “best-fit” solution.

What is Design Thinking?

Design thinking synthesizes analytical, divergent, and convergent thinking in the various stages of its workflow to finally arrive at the optimal solution.

The term “design thinking” can be traced back to 1987; however, the concept of design thinking has been around for much longer than that. The design thinking model stands as a counterpoint to the more traditional method of problem solving.

What are the differences between these two schools of thought?

The “traditional” approach starts out with a clearly delineated problem. Then, a consensus solution to that problem is proposed. The bulk of the problem solving in such a methodology involves moving through a linear series of steps until the consensus solution is finally achieved, or revised according to its utility.

Design thinking, on the other hand, turns such a process on its head. Problem-solvers strive to examine a number of divergent solutions at the outset of the process, and then test such solutions to determine their “fit.” Design thinking synthesizes analytical, divergent, and convergent thinking in the various stages of its workflow to finally arrive at the optimal solution.

Customer-Obsession Creates Better Outcomes

Active listening makes it that much easier for our customers to buy into our solution. They become stakeholders from day one, which is a win for everyone involved.

Customer-obsession is one of our core values. Being a customer-centric company means that our approach to problem-solving reflects our keen interest in empathizing with our customers, understanding the root cause of their frustrations and pain points, and designing systems and services that specifically meet their unique needs.

The design thinking methodology provides the freedom we need to actively listen to our customers from the very start of the problem-solving process. It’s easy to sit behind a desk and say: “This is what you need.” But when designers go beyond just serving briefs and make it a point to hear out the customer with an open mind, then the end solution is almost inevitably superior to what may have been our original conception.

As an added benefit, our active listening makes it that much easier for our customers to buy into our solution. They become stakeholders from day one, which is a win for everyone involved.

How We Implement Design Thinking

Of course, as with any high-level concept, design thinking needs a framework of practical application to be useful in the real world. What we do at Ascent is utilize design sprints to help us meet customer needs – and design thinking is an integral part of such sprints.

Our design sprints are adapted from the popular Google Design Sprint methodology. Our process involves 5 key steps:

Conducting empathy interviews. We make it a point to be transparent and open with our interview subjects. We don’t always know the best-fit solution for their problems, which is why we probe, and dig, and explore their perspective. It’s vital that in this initial stage, we don’t try to interject our own values or perspectives into the conversation. This is all about them being heard; our role is to listen, clarify, and confirm.
Selecting a target focus. Once we’ve consolidated and analyzed all the data from our interviews, we determine what our design focal point should be. We come up with some preliminary sketches to serve as a rough outline of our objectives and potential solutions.
Prioritizing sketches. Next, we prioritize the sketches according to several criteria, such as how well the proposed solution would meet our objectives, its practicality, its functionality, and so on.
Prototyping the experience. We then begin work on a prototype, or multiple prototypes, and look to stitch together the whole experience. We want to present the end-to-end experience that we hope our customers will enjoy upon the project’s completion.
Conducting usability sessions. Finally, we once more enlist the participation of our customers and stakeholders via usability sessions. We gather feedback from our customers, and begin iterations of the base design.

By implementing design thinking in such a way, we’ve been able to streamline our entire design process, involve our customers from start to finish, and provide the best possible solutions, instead of simply the most convenient.

Design Thinking in Action

Design is ultimately an expression of how humans can efficiently and effectively perform the job at hand. It’s not just a means to an end – it is an integral part of the final product.

Here’s an example of the value of design thinking in action here at Ascent:

We had been receiving feedback from our customers that they wanted an easy, intuitive way to navigate a specific feature. Because this aspect of our platform was not intuitive, customers were not finding the information they were looking for quickly enough, which actually led to them questioning the credibility of the product. Yikes! This is a classic example of the importance of empathy: while this issue may not have seemed so important from our end (because we know first-hand from building the product that the data is right), the customers didn’t have that level of transparency or product knowledge and therefore could only assume that an inability to find the information in the way they were accustomed to meant that was a problem with the information itself.

We took measures to more fully understand the scope and nature of this problem. We initiated a two-and-a-half-week design sprint, and adhered to our 5-step design thinking process. We conducted interviews with a variety of customers and internal stakeholders. We took the resultant information, sketched, prioritized, and prototyped, and finally began usability testing.

In the end, the results were overwhelmingly positive. Our customers were thrilled that we had not only listened to their concerns, but had taken proactive measures to overcome the challenges that they were facing. Even though this design sprint resulted in a fundamental paradigm shift in the way we processed rule updates, in the end our customers and stakeholders were completely satisfied, and we learned a lot from the whole experience.

Great Design is More than a Means to an End

At Ascent, design thinking is an integral part of what we do, and its principles of empathy, listening, and humanity are a reflection of who we are as a team.

Design is ultimately an expression of how humans can efficiently and effectively perform the job at hand. It’s not just a means to an end – it is an integral part of the final product.

Interested in joining us? Check out our open roles below.

May 21

Love1

What The Tech? Natural Language Processing Demystified

By Ascent Team Blog

Thanks to NLP, computers are helping us solve the biggest challenges in regulatory compliance through their ability to scan, group, structure, and analyze massive amounts of data quickly and efficiently.

When you were very young, your first words may have been “mama” or “dada.” In school, you grew your vocabulary and learned how words relate to each other (what to say). Then you learned grammar (how to say things). Eventually you developed a mastery over the nuances of language that enable you to understand and communicate complex ideas.

For many reasons, we want computers to understand natural human language.

Natural language processing (NLP), then, is the discipline of computer science that deals with teaching computers to understand natural human language — to grasp its peculiarities, interpret what we mean when we’re being vague, understand a range of human voices, and to recognize, group, and structure words and phrases by using context clues, like humans would.

When you ask Alexa in the morning whether it’s going to rain, “her” ability to comprehend and respond is a product of NLP.

When Google autofills your search query (sometimes with hilarious results), that’s a product of NLP.

Ever send a voice text message in the car? That’s NLP too.

Not surprisingly, the use of creative language to describe unexpected relationships, such as metaphors, is tough to parse. Sarcasm and irony are things most teenagers around the world have mastered, but not computers. Humor remains difficult to understand and interpret, especially across cultures, but the work continues, and progress is being made.

Computers are learning to understand abstract relationships and interpret evolving language. Gmail can predict with impressive intuitiveness what the end of your sentence will be as you’re typing it. Programs can detect the sentiment of Yelp reviews. New mobile apps can transcribe speech to text (and distinguish between different voices). At this moment, data scientists somewhere are probably trying to code an explanation for why love is like a red, red rose, and someone is no doubt teaching a computer program how to tell a joke.

However, the true value of using computers for language-related needs lies in their ability to process much more data much faster than a human ever could.

Thanks to NLP, computers are helping us solve the biggest challenges in regulatory compliance through their ability to scan, group, structure, and analyze massive amounts of data quickly and efficiently.

Let’s say we wanted to read and review regulation related to benchmarking in a specific region over the last 25 years. Even the most diligent and ambitious law intern may find her eyes glazed over by the hundredth page. Thing is, this job doesn’t need a human brain to read all those published regulations, looking for the word “education” and the name of a country.

Instead, a computer program can be tasked with finding the instances that contain a specific set of terms in relationship to each other, and noting those for further analysis. That’s where the human can take over and do what he or she does best — the critical thinking needed to reach a conclusion about the data.

When it comes to regulatory compliance, the pace, scale, and complexity of change is daunting.

Global financial regulation is a global, interconnected beast, and those in the field who are tasked with roping and taming this bucking bronco are not infrequently dragged through the dirt by their chaps. Just reading and studying regulatory text may take an entire team or an army of lawyers, and many times the one question leadership wants answered is simply, “Tell me what we need to comply with, and when.”

That’s why we use technologies like NLP to rapidly analyze millions of lines of text so that people don’t have to.

Combined with other AI technologies like machine learning, NLP helps us understand each customer’s specific business requirements and then map the proper regulatory obligations to that customer. Armed with this technology, risk and compliance officers know their exact regulatory obligations and which rule changes apply to their business, without the hours of researching online, reading, and analyzing.

Enjoy this article? Subscribe to receive fresh thoughts on RegTech and other helpful insights for compliance professionals.

Ascent helps financial services firms identify their regulatory obligations and keep them updated as rules change. Our targeted regulatory intelligence helps you avoid fines and reduce risk, while lowering your overall cost to comply. Learn more.

natural language processing (NLP)

What are the benefits of RegTech?

What is end-to-end compliance and how does RegTech fit in?

What kind of tech stack should I consider for my compliance framework?

What technologies do RegTech solutions use?

What’s the difference between RegTech, FinTech, and SupTech?

Can RegTech help me with specific regulation like GDPR?

How can I use RegTech to help my firm ease compliance burdens?

What questions should I ask a RegTech vendor that leverages “AI”?

What kinds of AI technologies do you use, and why?

Where are you getting the data that is training your algorithms?

Are there humans involved in the training of your algorithms, and to what degree?

Who is held liable if your solution fails?

—

—

Setting the Record Straight on Regulators

Managing Regulatory Change in the Time of COVID

How to Avoid Dropping the Ball on RCM

COVID Response: Swings of the Regulatory Pendulum

On the Importance of Innovation in IRM

Clash of the Titans: Big Banking vs. Big Tech

Financial Firms and Regulators to Step Up Their AI Game

The Role of AI in Regulatory Compliance

On Implementing RegTech: Final Advice

Subscribe to Cliff Notes

hbspt.forms.create({ portalId: "4962349", formId: "acb41e22-8a4d-4ceb-9d5b-a6aaa3918020" });

Not all automation is created equal

Granularity: a crucial new concept in regulatory technology

The magic is in our method

Targeting obligations to you

The true value of granular obligations

Do great business while minimizing risk

Automating Regulatory Change Management

Stage 1: Monitor

Stage 2: Identify

Stage 3: Analyze

Start unlocking the power of automation today.

Enjoy this article? Subscribe to receive helpful content designed to help you win at compliance.

Contact Us

hbspt.forms.create({ portalId: "4962349", formId: "32768aaa-34da-480d-b7de-7505aa77ef0d" });

The Compliance Conundrum

Knowledge Risk Framework

Probabilistic Predictions and Measured Uncertainty

Correcting for Model Drift

Managing Enterprise Risk

We live in an uncertain world

Subscribe

hbspt.forms.create({ portalId: "4962349", formId: "acb41e22-8a4d-4ceb-9d5b-a6aaa3918020" });

What is Open Banking?

Regulating the Open Banking Revolution

RegTech: Open Banking’s Best Friend

Ready to see a live demo? Get in touch today!

hbspt.forms.create({ region: "na1", portalId: "4962349", formId: "fe451410-2e3a-4915-b02f-a1a1d990291e", sfdcCampaignId: "7013t000002BntLAAS" });

Trends We Saw in 2019

Trends We Expect to See in 2020 in the RegTech Industry

. . . in Financial Services

. . . from Regulators

What Ascent is Excited about in 2020

1) Educate Stakeholders about the Technology

2) Pilot a Solution First

3) Collaborate with Other Parties

Bridge the Gap with Ascent

Contact Us

hbspt.forms.create({ portalId: "4962349", formId: "6f56bdaf-5368-426d-8797-a8e5e9e00014" });

What is Design Thinking?

Customer-Obsession Creates Better Outcomes

How We Implement Design Thinking

Design Thinking in Action

Great Design is More than a Means to an End

Subscribe

hbspt.forms.create({ portalId: "4962349", formId: "acb41e22-8a4d-4ceb-9d5b-a6aaa3918020" });