Skip to main content
Tag

Regulation AI

Jan 28
Love1

The Rise of Data Privacy Regulation and How RegTech Can Help

By Blog, Featured

(7 min read)

If data is money, it’s often left sitting out in the open.

Ascent founder and CEO Brian Clark has a hypothetical question he often likes to ask new people when meeting them: If you were given a giant bag of money, what world problem would you solve? 

Homelessness, poverty, world hunger — there are ample crises to choose from. But what Brian’s really interested in is your answer to his second question: If that bag of money were then taken away, and you were instead given a giant bag of data, what problem do you solve now and how do you do it?

The implication, of course, is that ultimately the two bags equate to the same thing. They’re both resources. And as technology has revolutionized our ability to capture and analyze huge troughs of data, big data has in turn become an increasingly powerful resource and disrupted industry after industry.

And much of that disruption has come at a price.

Facebook, Equifax, Yahoo! — these are just a few of the massive data breaches that have happened over the last handful of years. As companies have collected more and more data, they have not always taken the proper precautions to protect that data. In the terms of our original analogy, if data is money, it’s often left sitting out in the open.

As a result, we have seen a number of large new data privacy regulations come into play recently, with many more on the horizon. Like all things related to big data, these regulations have been extremely hefty, sometimes to the point of seeming overwhelming. But we would argue that they don’t have to feel this way.

In this article, we dig deeper into the rise of data privacy regulation, examining the major new regulations that have recently come into play, the way these regulations are transforming the compliance function, and how RegTech can help transform them from overwhelming obstacles into exciting opportunities.

READ CASE STUDY: How a Global Top 50 Bank Secured Its GDPR Obligations Using Ascent

 

GDPR: The Game-Changer

The modern age of data privacy regulation was ushered in by four letters: GDPR. The first significant update to Europe’s data protection rules since the 1990s, GDPR (or, the General Data Protection Regulation) serves as both the core of Europe’s digital privacy legislation and as the benchmark the rest of the world began comparing their data privacy policies against.

First introduced in 2012 and then argued over until it was adopted in 2016, GDPR finally came into effect in May of 2018. The regulation was revolutionary for its emphasis on citizens’ rights. It was designed to give EU citizens control over their personal data, as exemplified by the eight rights for individuals within the regulation. These rights include giving EU citizens easier access to data companies hold about them, laying out fines for the failure to do so, and requiring companies to receive consent from individuals before collecting their data. 

There are many more details to the 99 articles in the regulation, but it’s these individual rights that caught a lot of public attention, both for the burden they placed on companies and the pop-up banners they created on our web browsers

GDPR came to seem so ubiquitous because its obligations applied not only to companies headquartered in the EU, but to any company gathering the personal data of an EU citizen. In the borderless age of the internet, this more or less meant any company with a website that tracked any information about its visitors

Of course, the EU wasn’t likely to chase down every mom-and-pop shop around the world that failed to comply with GDPR regulations. But the breadth and depth of the legislation acted as a standard-bearer, telling companies and countries it was time to update data privacy regulation for the twenty-first century. It would only be a matter of time until other countries followed suit.

CCPA: GDPR Hops Across the Pond

That most notably and recently happened in the US with the California Consumer Privacy Act (CCPA). The CCPA, which was just implemented at the beginning of this year, brought similar GDPR-like obligations to the US, including consumer rights related to the disclosure of personal information and requests for personal data

The CCPA affects a significant number of companies. It applies to businesses that either exceed a gross revenue of $25 million, gain 50% or more of their annual revenue by selling consumer’s personal information, or that buy, sell, receive, or share personal information of 50,000 or more consumer households.

Like GDPR, the CCPA is similarly focused on consumer rights, including a section known as data subject requests, which grants users the right to access or delete the personal information a company may have about them.

And — just as GDPR acted as the data privacy blueprint for the rest of the world — the CCPA is acting as the blueprint for the rest of the US. A number of other states are quickly catching up:

  • Washington State currently has a bill with requirements and fines drawn straight from the CCPA currently working its way through the state senate and house.
  • New York, in typical coastal one-up-manship, recently introduced an even more comprehensive bill into its state senate, which disregards the CCPA’s revenue requirement for covered entities.
  • Nevada actually implemented privacy legislation a few months before California, but its definition of “sale” resulted in a law that was narrower and more lenient on financial institutions.

The Changing Role of the Compliance Officer

The above litany of legislation, without any guiding federal framework, is a significant challenge for companies, especially those transacting business across the country. This patchwork of regulation means, for simplicity’s sake, companies often have to comply with the strictest requirements of any one regulation, even if it doesn’t necessarily apply to all the states where they are doing business. That is, of course, assuming companies and Compliance Officers can keep up-to-date on the waves of new regulation constantly being released and updated.

But in another light, these new data privacy regulations actually represent an opportunity for Compliance Officers

These regulations could help raise the visibility of the compliance role at companies, especially those that might have dismissed data privacy as not relevant to their day-to-day. That’s because compliantly following these privacy regulations is going to require companies to make real changes in their policies and procedures and in their corporate culture — all of which are crucial aspects of the compliance role. 

As companies update and overhaul internal procedures accordingly, Compliance teams will need to play an integral role in developing business processes to ensure that personal data is being managed compliantly.

But for Compliance teams to do that, they will somehow need to keep current with the massive amount of new regulations being rolled out and find a way to quickly and concisely understand how those regulations relate to their policies and procedures. Between the hefty laws already in place and the long list of those in process, this can seem like an insurmountable task.

Technology, though, provides a path forward.

READ ARTICLE: How Your Peers in Financial Services are Tackling 3 Big Compliance Issues

 

RegTech Offers the Key to Data Privacy Regulation

RegTech (Regulatory Technology) is an emerging industry of companies leveraging machine learning, natural language processing, blockchain, AI, and other technologies to solve the challenges of regulatory compliance. These technologies offer a way to leverage the big data of regulatory compliance to help solve the problems of data privacy regulation.

In a recent case study, one global Top 50 bank tried to identify its obligations under GDPR within one of its business units. The bank had a lack of clarity around which aspects of GDPR it was required to follow, and it attempted to solve this problem via a traditional solution: hiring a consulting firm.

The consulting firm, though, proved expensive and inaccurate. The firm missed a number of obligations and the bank was forced to hire a second consulting firm to correct those initial mistakes — adding duplicative costs. It was in the midst of this frustrating process — causing costly mistakes and creating continued regulatory uncertainty — that the bank decided to try a different approach.

The bank partnered with Ascent, an AI-powered compliance automation solution. At Ascent, our proprietary RegulationAI™ technology generates the obligations that apply to our customers, helping banks and other financial firms reduce risk and gain confidence in their compliance programs.

RegulationAI™ was able to generate a complete obligations register in mere minutes and at a 99% cost savings. This technology — a true innovation in RegTech — leverages machine learning and natural language processing to ingest hundreds of regulations and then rapidly determine which obligations apply to your business — with zero manual effort from you.

Rather than the time-consuming, expensive, and inaccurate results it had received before, the bank now had all its obligations in an easy-to-read digital format, produced with significantly lower risk of human error.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

Secure Your Obligations with Ascent.

The complexity of data privacy regulation is likely only going to increase in the future. But you don’t have to drown in regulation. Ascent can help you leverage technology to make this fast-paced world of digital disruption work for you.

LEARN MORE: Click here to learn about Ascent Solutions

 

Want to receive more articles like these? Subscribe to our monthly Cliff Notes newsletter.

Subscribe


Jan 27
Love1

How a Global Top 50 Bank Secured Its GDPR Obligations Using Ascent

By Blog

Case Study

A Global Top 50 Bank sought to identify its obligations under the Genderal Data Protection Regulation (GDPR) within one of its business units.

Our Customer at a Glance

  • $20B Annual Revenue
  • 30,000 Employees
  • 1,000+ Locations Worldwide
  • 300+ Regulating Bodies to Comply With

The Problem

Our customer faced the following hurdles:

  • Needed help determining which parts of GDPR were required for the business.
  • Initially hired a consulting firm to produce its GDPR requirements, but the firm missed a number of obligations.
  • Forced to hire a second consulting firm to correct initial mistakes, creating duplicative costs.
  • Ultimately dissatisfied with the rigamarole of multiple consultancies, missed obligations, and ongoing regulatory uncertainty.

Partnering with Ascent

Frustrated with their journey so far, the Bank partnered with Ascent, an AI-powered compliance automation solution. Ascent generates the obligations that apply to the customer, helping banks and other financial firms reduce risk and gain confidence in their compliance programs.

Using Ascent, the Bank was able to comprehensively identify its GDPR obligations at a fraction of the time and effort, kickstarting its path to compliance and better positioning the Bank to protect the privacy of its customers.

How the Global Bank Accelerated GDPR Compliance with Ascent

Before Ascent:

  • Hundreds of thousands of dollars in ongoing consulting fees
  • Countless hours and headaches, only to produce an incomplete register of GDPR obligations
  • Increased regulatory risk and error

After Ascent:

  • A mere fraction of the cost (99% savings)
  • Took just minutes to produce a complete and verified register of GDPR obligations
  • Thorough and easy-to-read digital format, produced with significantly lower risk of human error

We’re here to make compliance easier.

The road to compliance can be confusing and complex. Ascent makes it simpler with an AI-driven solution that generates the obligations that are relevant to your business. Ascent allows you to:

  • Reduce the risk-prone and costly impact of human error and missed obligations
  • Review a much narrower set of obligations, fast-tracking the tedious and manual process of regulatory research and analysis
  • Save a significant amount of time and money while reducing your regulatory and reputational risk

Modern challenges require modern tools. Interested in seeing how Ascent can help you stay ahead of regulations like GDPR?

Contact Us

Jan 20
Love1

Open Banking: What It Is, Why It Matters, and How RegTech Can Help

By Blog, Featured

If open banking lives up to its promise, it could revolutionize modern banking and simultaneously usher in waves of new regulation and compliance changes.

Digital disruption is burning through almost every sector of our modern economy, creating exciting new opportunities while also unleashing chaos on long-established ways of doing business.

Banking is one of digital disruption’s latest beneficiaries, and one specific trend has been causing a lot of buzz: open banking. It’s a topic that, if it lives up to its promise, could revolutionize modern banking and simultaneously usher in waves of new regulation.

In this brief primer we’ll break down what open banking is, why it’s making so much noise, and how technology can help solve the compliance challenges technology has created.

What is Open Banking?

Broadly, open banking is a banking practice that gives users the ability to grant third-party financial service providers access to their financial data. 

The basics of open banking have been around for a few years now — the same principles can be found in budgeting tools like Mint or YNAB. But historically, apps like these have used a process known as “screen scraping” — where users give the budgeting app their bank username and password so the app can then “scrape” their financial information from the bank’s site. What is generating all the excitement around open banking now is the possibility to extract this information by instead using an API.

APIs (or, application programming interfaces) are a way for third-party providers to plug directly into an app or web service. So rather than giving Mint your bank username and password, you would instead grant it authorization to access your bank information, which Mint would then connect to directly through the API. 

So why is an API so much more powerful than screen scraping?

Because for one, you don’t have to share your username and password with third parties, whose cybersecurity protocol might not be robust as your bank’s. Also with an API, if the username or password is changed, the connection isn’t broken. And the process is significantly more efficient for the third party, who now has direct information to the data they want, rather than having to scrape it from another source, reformat it, and then ingest it.

But open banking’s most exciting opportunities extend far beyond budgeting apps.

What open banking really allows for is a more efficient and secure way to share financial data. 

When looked at from this perspective, the possibilities start to become industry-shaking opportunities. Here are just a few examples:

  • The labor-heavy process of getting a loan, currently requiring the lendee to pass off reams of financial statements and information to a lender, who then has to ingest those materials, could become significantly easier for all parties involved. An API would allow lenders to have more efficient access to up-to-the-minute information with much less work from the lendee, and would allow lendees to only share the information relevant to the lender.
  • Aggregation tools are already making money management a much simpler, more cohesive process. Existing solutions allow investors to get a truly holistic view of their investment portfolio, even if assets are custodied at different institutions. And emerging solutions are revolutionizing how investment advisors interact with custodians, how they analyze client data, and how they present to clients.
  • The complicated payment system that exists today is also starting to be streamlined. APIs are now connecting developers with payment systems, and it could soon become possible to make payments directly out of a bank account rather than needing an acquirer to process payments via a credit card company. This would limit the number of times user data needs to be shared and reduce costs for both vendors and customers.
  • Accounting solutions for both businesses and consumers are emerging that would make the process more efficient and less costly. Businesses will be able to benefit from bookkeeping applications that can plug directly into their payments feed and consumers could see a cheaper and easier tax-preparation process.

The great promise of open banking is that it liberates your data from being held solely at one financial institution in order to make it available to companies of your choosing. Ultimately, it will take some time before the benefits of this are truly understood and realized.

Regulating the Open Banking Revolution

As these benefits start to come to light, though, they will not be without risks. For example, direct access to user data, even if theoretically more secure than current practices, is an unsettling idea. And digital disruption within any industry can be chaotic, as rules and best practices become upended, outdated, and replaced. That’s why the open banking revolution is certain to be accompanied by new regulations designed to help protect consumers. 

The European market already offers a preview of those regulations — and the challenges that come with them.

The second Payment Services Directive (PSD2) was rolled out in Europe by the Competition and Markets Authority as a way to spur more innovation and competition in the banking sector. In recognition of the opportunities presented by open banking, PSD2 required enterprise banks to make their data available in a secure, standardized form, so that third-party providers (TPPs) could plug into and leverage that data through APIs.

Banks were given until March 2019 to provide TPPs with a simulated bank environment where they could test their APIs before they became fully operational in September of that same year. And yet over 40% of the European banks missed the deadline.

This is just one example of how, even in the early days of open banking, a significant number of large banks are struggling to meet the demands of the associated regulations. As the effects of open banking are more widely felt, and as wider-reaching regulation accompanies them, the workload on banks and financial firms is sure to only increase. 

New technology, though, can help solve the same problems that new technology has created.

RegTech: Open Banking’s Best Friend

Just as advances in technology are upending the banking industry, they’re also revolutionizing the world of regulatory compliance. RegTech (Regulatory Technology) companies are leveraging machine learning, natural language processing, blockchain, AI, and more to solve the problems of regulatory compliance.

RegTech solutions will be crucial both to new open banking companies looking to quickly get off the ground and to traditional, large banks implementing new solutions to stay competitive in a changing environment. AI-powered regulatory change management solutions can help automate the burdensome tasks of regulatory research and analysis, so banks and financial firms can stay up to date on all regulatory updates — related to open banking and otherwise. And obligations management tools can automatically deliver up a complete obligations register, reducing to mere minutes a task that can take thousands of hours. 

Ultimately, the wide variety of RegTech solutions currently available will allow banks and financial firms to stay ahead of the waves of regulation by quickly and efficiently building a RegTech stack specific to their needs.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

The digital disruption revolutionizing the financial services industry isn’t going to subside anytime soon. And banks and financial services firms can leverage RegTech solutions to help make this fast-paced change work for them.

LEARN MORE: Click here to learn about Ascent Solutions

 

Ready to see a live demo? Get in touch today!


Dec 20
Love1

How Ascent Helped a Global Top 50 Bank Wrestle the BEAR

By Blog

Case Study

A Global Top 50 Bank identified the need to more proactively and appropriately respond to regulatory change. Their objective was seen as especially crucial in light of today’s climate of heightened personal responsibility ushered in by recent developments such as the Banking Executive Accountability Regime (BEAR) in Australia and the Senior Managers and Certification Regime (SM&CR) in the UK.

Our Customer at a Glance

  • $20B Annual Revenue
  • 30,000 Employees
  • 1,000+ Locations Worldwide
  • 300+ Regulating Bodies to Comply With

The Problem

Our customer sought a technology solution to address the following challenges:

  • Rising volume of regulatory change, which is impossible to track manually.
  • Challenges with understanding their entire regulatory landscape, including international and domestic requirements.
  • Lack of internal visibility and traceability throughout the regulatory change management process.

These challenges led to missed rule changes and regulatory infractions.

Partnering with Ascent

The Global Bank initiated a project with Ascent to help reduce the highly manual (and inherently risky) effort of regulatory intake and analysis, as well as to provide more visibility into how regulatory changes are tracked, reviewed, and applied to the business.

The Results

Significant Reduction of Manual Effort. Ascent automatically provides a feed of regulatory changes, eliminating the need to scour regulator websites and other sources.

— Improved Accuracy in Pinpointing Relevant Requirements. Ascent dynamically generates the list of all relevant regulatory changes according to our customer’s specific products and markets.

— Greater Visibility and Traceability. Our customer is able to view relevant changes, track the transfer of the change between departments, and facilitate review of the change by team members. This capability allows the Bank to effectively identify, triage, and track changes.

We help you comply with confidence.

Modern challenges require modern tools. Interested in seeing how Ascent can help you stay ahead of regulations like BEAR around the world?

Contact Us

Dec 16
Love1

Forecasting RegTech: 2019 Trends and 2020 Predictions

By Blog

(7 min read)

“RegTech is no longer just for early adopters. We’re starting to see the actual, tangible benefit these technologies can provide.” -Brian Clark, CEO, Ascent

2020 is set to be a big year for the RegTech industry, and the start of an even bigger decade. We’ve seen a significant investment in the RegTech space over the last handful of years, galvanized by the technological advancements that now allow RegTech to solve real problems for Compliance and Risk teams, saving them money and time and reducing risk in the process.

Now on the doorstep of the new decade, we wanted to take a moment to look back briefly at some of the trends we saw in 2019 and peek into our crystal ball as we make a few predictions about the year ahead.

Trends We Saw in 2019

RegTech has crossed the chasm. Last year was the year that RegTech stopped being a thing that was going to happen and started being a thing that was happening. Companies moved past pilots and out of the innovation phase and began operationalizing benefits in a production environment. As Ascent Founder and CEO Brian Clark put it, “RegTech is no longer just for early adopters. We’re starting to see the actual, tangible benefit these technologies can provide.”

The wheat started separating from the chaff. As part of that evolution out of the innovation phase, RegTech ventures either found and connected up with a market demand or they didn’t. And with those that didn’t, we started to see the first handful of failures. Ultimately, this will be good for financial institutions as it will make it easier to identify which companies are truly creating value.

Regulators went on the record about RegTech. This year we also started to see regulators asking firms what they’re doing to leverage RegTech. This is obviously an exciting theme for the RegTech industry, but it’s also exciting for financial institutions. As regulators embrace technology as a viable solution, it should help give Risk and Compliance teams a path forward through the growing and increasingly dangerous regulatory maze. Speaking of . . .

Pressures to comply only increased. Unsurprisingly (and unpleasantly), we only saw more enforcement actions with higher regulatory fines, creating more pressure on Risk and Compliance teams. The FCA kicked off 2019 by levying its largest personal fine ever and ended up filing 160 enforcement actions before the year was over. Not to be outdone, the SEC published a whopping 2,754 enforcement actions this year alone, including 95 against public companies — the highest number in a decade. Just as unsurprisingly: this isn’t a trend we expect to dissipate anytime soon.

The marketplace became even more global. And, because of this, regulations and privacy legislation became more global too. This means that companies operating in international markets have yet more rules and regulations they’re required to be in compliance with. We discuss more below as, like the others above, we don’t think this one is going away any time soon.

Trends We Expect to See in 2020 in the RegTech Industry

Operationalizing will be the name of the game. Moving out of the innovation phase, it will be key for RegTech ventures to lock down operationalizing and scale so that they can answer the very important question they keep hearing from financial institutions: “Can you prove to me this thing actually works?

We’ll likely see still more investment, but done thoughtfully. In the first 3 quarters of 2019 alone,  investment in the RegTech space grew by 103%. We expect we’ll continue to see more funding, but it will be of the middle-stage, thoughtful kind. Now that the ideas are out on the table, investors will be looking to find companies that are demonstrating product fit by acquiring more customers. This will be a tell-tale sign for financial institutions, too, as they evaluate potential solutions.

Look out for a burgeoning ecosystem. As RegTech separates further from FinTech and truly becomes its own industry, we expect to see additional technologies and ventures popping up to create a supportive ecosystem. Financial institutions should keep an eye out for things like consultancies, which can help them evaluate and implement RegTech solutions, and complementary tech like open APIs, which would allow them to plug new solutions into existing systems.

READ ARTICLE: Building RegulationAI: Solving Compliance in the Age of Artificial Intelligence

 

. . . in Financial Services

Brace for the crunch. Increasing cost pressures on both the buy and sell side, shrinking margins, the rise of formidable FinTech and challenger banks — all of these factors are likely to continue, further driving the consolidation trend we’ve seen recently and helping firms realize that, for some of these obstacles, technology offers the only viable route forward.

Increased globalization means increased risk. We expect this trend from 2019 to only get more prevalent and more dangerous. Think of it as a simple risk array: Firms are operating in more marketplaces doing more things with increasingly larger penalties and they’re doing it with the same amount of staff. They can scale up personnel until payroll begins to buckle, or they can turn to technology.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

. . . from Regulators

Big topics will get a lot of attention. Privacy, cybersecurity, and cryptocurrency are all major themes we expect to see regulators continue to focus on in 2020. Additionally, other headline-makers like Brexit will likely cause a lot of activity. And the looming recession(s), if actualized, would kick off more action by central banks, more uncertainty, and a lot more work for regulatory compliance.

No appetite for keeping quiet. The above themes and others seem to be in the news on a near daily basis, giving regulators not just an incentive but a public mandate to become increasingly effective. This comes with the need to be stronger in enforcement actions, one contributor to some of those major fines we’ve seen recently.

Jurisdictional arbitrage is no more. The days when you could choose your jurisdiction according to a region’s regulatory policies are largely over. The globalization of the marketplace means that more financial institutions (including many SMEs) are operating in multiple countries, and so they’re forced to abide by all of the regulatory bodies governing those countries. Compliance and Risk teams are then given the mammoth task of somehow knowing all those rules, keeping up to date on them, and following them — which, for simplicity’s sake, often means universally abiding by the strictest. 

Expect collaboration — but not cohesion — among regulators. While we have seen regulators working together to find and implement technology solutions, don’t expect to see cohesion across their requirements. Even as the marketplace becomes increasingly global, each regulator will have to abide by its own government mandate. After all, they don’t serve the financial institutions they audit but the consumers of their respective jurisdictions. Ultimately, there’s only one way to reconcile the differences between regulatory requirements — via technology.

READ ARTICLE: The Ultimate List of Compliance Conferences and Events

 

What Ascent is Excited about in 2020

Just as 2020 is shaping up to be a big year for RegTech as an industry, it’s looking to be another banner year for Ascent. Here are just a few of the opportunities that have us excited to tackle the new year:

  • We were thrilled to be selected by the Global Financial Innovation Network (GFIN) to pursue a cross-border pilot earlier this year. We believe the opportunity to collaborate directly with regulators could create value for the entire market, helping firms to operate more efficiently and to reduce costs while consumers are better protected. We’re excited to see what the future holds for this initiative.
  • Speaking of excited, we recently raise $19.3 million in our Series B funding round. This investment will empower us to scale and further operationalize our business, and it will be nothing short of fundamental in advancing our mission to reduce the cost of compliance and protect the rule of law. We can’t wait to put the funding to work in the year ahead.

LEARN MORE: Click here to learn about Ascent Solutions

Dec 11
Love1

“But Does RegTech Actually Work?” 3 Ways Financial Firms and RegTechs Can Bridge the Trust Gap

By Blog

(5 min read)

With the right vetting process, it is absolutely possible for you to have confidence in the technological tools you choose to adopt

You’ve just been shown a RegTech demo and the technology is something right out of your dreams. It can save you thousands of man hours, significant amounts of money, and reduce your regulatory risk in the process. There’s no doubt it sounds amazing, you think. But can it actually do all of the things promised?

This is not an uncommon question, representative of the trust gap that currently exists between RegTech companies and the financial institutions they serve. This trust gap is certainly understandable RegTech offers new technology and skepticism is natural whenever that’s the case

Even more importantly, with something as complex and vital as regulatory compliance, financial firms need to be skeptical as they evaluate possible solutions. Consequences for any technological shortcomings can be catastrophic. Why would Compliance and Risk teams take a gamble on something that seems too good to be true?

Because, for one, the opportunities new RegTech ventures present are real and powerful. And for two, because the alternative not adopting technological solutions is far worse. 

If the trends of the last decade continue, the regulatory “tax” firms are forced to pay is only going to increase, and the fines for non-compliance will only grow too. That means firms will have to hire more people to take on more work that could have more costly mistakes. Financial institutions will be forced to adopt new technologies as they offer the only viable path forward. 

But Compliance and Risk teams don’t need to feel stuck between a rock and a hard place. 

With the right vetting process, it is absolutely possible for you to have confidence in the technological tools you choose and to be excited about adopting them. Here are a few strategies we suggest.

1) Educate Stakeholders about the Technology

New technology can often seem like a black box. If you don’t know what’s happening inside that box, it can be difficult to trust that it’s doing what it’s supposed to. But by learning more about how that technology works you can begin to understand it, better evaluate it, and (if it’s the right fit) begin to trust it.

RegTech companies can and should help with this education. At Ascent, for example, our technology helps customers automate regulatory compliance. We do this through our proprietary RegulationAI™ — a “digital brain” that processes and analyzes regulatory text in order to deliver to our customers the regulatory obligations and rule changes that are most relevant to them.  

To help this digital brain not seem like a black box, we educate our customers on how it works. It’s powered by two primary forms of technology: natural language processing (NLP), which helps computers understand human language, and machine learning (ML), which is all about creating models that are designed to learn on their own. 

Once our customers understand how these systems operate together — how, specifically, we use NLP to rapidly analyze millions of lines of regulatory text, which we then feed into our ML models to teach them how to “read” the regulations — they understand how RegulationAI™ is able to deliver up a dynamic obligations register specific to them.

Instead of seeing our technology as a black box, financial institutions can evaluate whether it’s right for them, and our customers can have confidence when using it.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

2) Pilot a Solution First

A pilot can be a great way to let you dip a toe into new technological waters before taking the deep dive. For day-to-day users, a pilot lets them understand from a hands-on level how the solution will fold into their processes. And for decision-makers it lets them see real results before making a full commitment. 

To run a low-stress, high-outcome pilot, we suggest the following three strategies:

  • Clearly defining the goals of the pilot, so you can accurately determine whether they are met or not;
  • Making sure both decision-makers and day-to-day users are on the same page about how the pilot will work and what to expect from it;
  • Obtaining useful feedback in a systematic way both throughout the pilot and once it’s been completed.

At Ascent, we offer our customers the opportunity to test drive our solutions with a low-cost, low-risk pilot. Our Customer Success team is fully engaged throughout, making onboarding as simple as possible for your team while still ensuring you gain a clear understanding of all the ways Ascent can help you achieve your goals.  

3) Collaborate with Other Parties

Here at Ascent, we are big believers in collaboration. We think that a developing space like RegTech will only be empowered by interaction and collaboration between all the parties involved. And we believe collaboration can be key in helping financial institutions gain confidence in different RegTech solutions.

Here are a few ways collaboration can help build trust:

  • Financial institutions can reach out to other institutions that are already using new RegTech solutions to help understand how the technology has been beneficial and learn about any potential pain points.
  • Financial institutions can work with consultancies to help evaluate new solutions and implement them efficiently and effectively.
  • RegTech companies can work with financial institutions to make sure their solutions truly meet the needs of those institutions and to provide educational materials to help institutions develop confidence in new technologies.

In fact, regulators themselves are getting in on collaboration too, as evidenced by groups like the Global Financial Innovation Network (GFIN), an international collection of 35 organizations which serves as a network for regulators to knowledge-share and collaborate on bringing RegTech innovations to bear.

As always, whenever regulators themselves adopt a practice, it’s a good sign that the rest of the market will likely follow suit soon.

READ ARTICLE: Ascent Selected by GFIN for Regulatory Cross-Border Pilot

 

Bridge the Gap with Ascent

At Ascent, our AI-powered solutions help you manage regulatory change with confidence, so you can focus on the high-value activities that matter most, without the constant worry of accidentally missing an important update or keeping records that stand up to regulatory scrutiny.

You don’t have to drown in regulation, and you don’t have to cling to a life raft you don’t have faith in. Find the solution that’s right for you.

LEARN MORE: Click here to learn about Ascent Solutions

 

Modern challenges require modern tools. Interested in seeing how Ascent can help you automate horizon scanning, change management, and obligations management? 

Contact Us


Dec 02
Love1

What the Tech? Machine Learning Explained

By Blog

Imagine an alien species flew down through our atmosphere and landed on your front porch. They explain that they have a perfect understanding of our language but absolutely no knowledge of our world, and ask you to answer one burning question: “What is a fish?”

How would you respond? A fish is something that swims in the water, you might say. The aliens run out, grab a small child from the nearest swimming pool, and present him to you. Is this a fish? they ask. You clarify: A fish is something that swims in the water and has fins. The child is returned and a seal is brought instead. Is this a fish? A fish is something that swims in water, has fins, and has gills. A toy shark appears on your doorstep. 

This method of instruction — providing a definition that grows longer and more precise to accommodate an issue’s complexity — can be understood as the traditional way of programming a machine. You write a complex formula that tries to take into consideration all known factors in order to help a machine answer a question or perform a task. It is the equivalent of giving a man a fish and feeding him for one day. Machine learning is teaching a man to fish instead.

Rather than relying on a definition, machine learning uses big, diverse sets of data, which are then used to train an algorithm. When you try to use a definition, no matter how long and complex that definition is, it will likely still have gaps and inaccuracies. But by gathering a very large and diverse set of examples, you can create a much more complete understanding. 

Following the logic of machine learning, instead of trying to define for the aliens what a fish is, you would take them to the nearest aquarium. Look, you would say pointing at one of the tanks, that is a fish. And that too. And that. 

Why machine learning is so powerful

Technology has advanced to the point that algorithms are now able to develop their own rules when determining whether something does or does not meet certain criteria, based on the data sets they are given. When loading a data set into a program, the programmer doesn’t have to say this is a fish and here’s why — she simply has to provide the examples. 

Things like neural networks — layered sets of algorithms designed to recognize patterns — then adjust their weightings and inputs as they “learn” what a fish looks like. The more data fed into the system, the more refined its “definition” becomes. Once the system is trained, it can be given any image and can then determine whether or not it meets the specified criteria.

There are obviously many applications of these technologies (beyond identifying fish) — facial recognition, self-driving cars, weather forecasting. And RegTech companies are now bringing these capabilities to the world of compliance. 

At Ascent, we are using machine learning in combination with other technologies to de-complicate financial regulation, making it easier for Risk and Compliance workers to know exactly which obligations and rule updates are relevant to their business.

Ascent ingests millions of lines of regulatory text and feeds them into our machine learning models, parsing and analyzing the data far faster and with greater accuracy than people could alone. 

The result is a register of obligations that are targeted to you and always updated as rules change.

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

The power of automation for compliance

Great technology augments your team. With Ascent, Risk and Compliance teams can focus on the high-value activities that matter most, without the constant worry of accidentally missing an important update or keeping records that will stand up to regulator scrutiny.

 

Enjoy this article? Subscribe to receive fresh thoughts on RegTech and other helpful insights for compliance professionals.

Subscribe


Ascent helps financial services firms identify their regulatory obligations and keep them updated as rules change. Our targeted regulatory intelligence helps you avoid fines and reduce risk, while lowering your overall cost to comply. Learn more.

Jul 23
Love1

Unleashing Wealth Managers with the Power of RegTech

By Blog

Wealth management, like every sector of the financial industry, has come in for its share of regulatory attention in recent years. Whereas the challenge of leveraging “big data” to find hidden insights dominated conversations among wealth management professionals ten years ago, industry discussions today center around complying with KYC (“know your customer”) rules and defending the suitability of investment recommendations.

As regulatory requirements have broadened and deepened across asset classes and jurisdictions, they have inflicted an increasingly heavy tax on wealth managers to ensure compliance and to keep their clients (and themselves) out of trouble.

In many ways, the growth of the regulatory burden constitutes the hidden underbelly of the FinTech boom. Distilling opportunity from an ocean of data is one thing. Exploiting that opportunity while staying on the right side of regulations can be quite another.

New RegTech ventures have stepped into the breach to support wealth managers in meeting regulatory compliance obligations. Here are a few of the ways they’re changing the wealth management landscape.

Untangling Complex Regulations to Unleash Business Potential

Regulatory text constitutes a dense, confusing stew of proscriptions and obligations written in a language foreign to most readers. Digesting and making sense of a single requirement applicable to a single asset class in a single jurisdiction takes time, patience, and a patience for complexity.

There simply aren’t enough hours in the day for individual wealth managers to absorb and implement regulation on their own, try as they might. And so, ingrained and intractable regulatory complexity inflicts a dual risk: for any given trade, an asset manager risks non-compliance with the regulations he or she knows about, and also risks not knowing about all of the regulations that may apply. 

Enter AI-driven compliance management solutions like Ascent.

Ascent is leading the way in the development of a new class of technology that teaches machines to parse and analyze regulatory text. What takes humans hours to (barely) absorb takes an AI-driven algorithm mere minutes to dissect and analyze.

These solutions hold the promise of revolutionizing wealth management by substantially reducing the risk of non-compliance and ignorance of regulatory applicability. In time, they will be able to tell wealth managers, in advance of a trade and in plain language, exactly which regulations apply to an investment strategy and exactly how to execute it in compliance with the law.

In so doing, RegTech solutions will enable FinTech/big data to achieve its full potential, freeing managers to pursue investment strategies without the fear of non-compliance. 

READ ARTICLE: How Ascent Simplifies Regulatory Change Management with Automation

 

Facilitating Compliance Management

RegTech also has its sights set on facilitating core compliance management tasks. For example, there are already solutions on the market (and more in the pipeline) to automate anti-money laundering efforts, such as conducting multi-jurisdictional screening of customers and identifying the beneficial ownership of investment vehicles (even those formed offshore). By building data networks that increase investor transparency, RegTechs promise to take the guesswork and relative risk out of doing business with a new customer in a new jurisdiction.

Likewise, RegTech solutions can help marry two related and increasingly-important regulatory functions: KYC data collection and suitability analysis. Not only can they facilitate and automate the collection of critical KYC information directly from new customers and from third-party data networks, compliance management solutions can also parse that information and derive insight about whether an investment strategy fits an investor’s profile and long-term objectives. 

Finally, RegTech continues to develop new and better ways to streamline compliance reporting. Existing and emerging solutions generate reports automatically, making filing much more efficient. Increasingly, RegTech delivers value for wealth managers by developing tools that recognize and flag issues (trading patterns, capital flows, etc.) that will likely attract regulatory scrutiny, giving firms the opportunity to tackle a thorny problem before an inspector from the SEC or FCA comes calling.

READ ARTICLE: Exam Time? Tips from a Former Regulator on How to Prepare

 

Speeding Up and Adding Precision To Rule-Making

The same compliance automation solutions that help asset managers understand and comply with regulations will also soon be put to use crafting and testing new regulations. New technology will help eliminate the vexing problem of inconsistent or contradictory provisions by giving regulators and other stakeholders the ability to see an entire body of regulations from “30,000 feet” and to model how changing regulatory text here will have an impact on obligations over there. They will also create a more streamlined process of collaborative rule-making, linking all stakeholders together and giving them the tools to track and analyze proposed amendments in real-time.

In facilitating insight, efficiency, and collaboration in rule-making, RegTech solutions also hold the promise to do something greater: they will help develop regulators develop rules that actually address market conditions as they exist at the time of a final rule issuance, instead of the conditions that existed when the lengthy rule-making process began (but have since evolved). This will in turn allow for less costly, more precise rules, eliminating market inefficiencies that result from overbroad rules that throw the proverbial baby out with the bathwater by inhibiting legitimate investment much more than they prevent illegitimate practices. 

READ ARTICLE: Ascent Selected by GFIN for Regulatory Cross-Border Pilot

 

Ascent Leads the Way

At Ascent, we strive to develop regulatory change management and compliance management solutions that free wealth managers and other financial industry professionals from the time-consuming, expensive task of regulatory compliance, so that they can do what they do best: build relationships, develop business, and implement the wisdoms gleaned from their technology backend.

LEARN MORE: Click here to learn about Ascent Solutions.

 

Enjoy this article? Subscribe for fresh thoughts designed to help you stay at the forefront of compliance and technology.

Subscribe


Jul 16
Love1

End-to-End Compliance is Closer Than You Think: How Businesses Can Get a Practical Head Start

By Blog

As advances in technology give rise to new ways of approaching age-old problems, a new term has begun to surface, one that will no doubt dominate the global dialogue around compliance in very short time: End-to-End Compliance.

Up until very recently, the only possible compliance process was by its nature a fragmented one. Typically, it’s myriad steps, activities, and tasks are handled across disparate systems and are further complicated by the fact that compliance work travels through several departments and lines of business.

There have been a few attempts at partial automation to help unify these efforts, including widespread use of Excel spreadsheets, GRCs, and various point solutions. Even with these tools in place, however, businesses have fallen prey to the gaps inherent in such a disjointed environment, negatively impacting their ability to keep up with regulatory events, implement policy internally, and provide clear evidence of compliance to auditors. 

As advances in technology give rise to new ways of approaching age-old problems, a new term has begun to surface, one that will no doubt dominate the global dialogue around compliance in very short time: End-to-End (E2E) Compliance. 

Due to its relative newness, the term is often met with mixed emotions — excitement, but also skepticism and confusion over what exactly constitutes E2E Compliance and how it can be achieved practically.

Defining E2E Compliance

At its core, E2E simply describes a process that takes a service from beginning to end, delivering a complete functional system. 

E2E Compliance is a fully traceable process that connects external regulatory events to a business’ specific obligations, then all the way through to that business’ internal controls, policies, and procedures. 

This process, which can only be achieved through automation, covers both existing regulations and new rules or changes, thereby integrating horizon scanning and change management into the overall flow. 

In an ideal E2E system, businesses could 1) be alerted to relevant new rules or changes to existing rules, 2) be directed to the exact parts of their internal controls or P&Ps that are impacted so team members can make the appropriate changes, 3) manage their obligations digitally, 4) easily produce records of their compliance activities, and 5) generate useful reporting dashboards. 

E2E as a Pathway to Better Business 

A study of other industries provides us with much encouragement about the achievability of E2E.

E2E unlocks a number of exciting opportunities. Automating the bulk of the manual tasks that plague the process, like scouring the web for regulatory changes and connecting them to internal policies, will save significant time and reduce the risk of errors that could lead to undesired consequences including fines, suspensions, reputational damage. Alerts help drive action that will allow companies to stay ahead of regulation. Automated audit trails and reporting capabilities bring much-needed relief to regulatory examinations. Overall, there are more ways to knit the process together than ever before without requiring so much laborious, manual work to see results.

A study of other industries provides us with much encouragement about the achievability of E2E. Marketing was one of, if not the first, industries to widely adopt automation and AI technologies on a massive scale. Literally thousands of MarTech solutions are available today that help businesses compile a 360 degree view of their customers and to produce and distribute hyper-targeted marketing messages based on demography, geography, behavior, intent, and a whole slew of other markers that would be impossible to tap into without some form of automation. 

The shipping and logistics industry has also made incredible advancements due in no small part to innovation powerhouses like Amazon. An E2E shipping and logistics process today combines multiple, integrated solutions to track and manage inventory, storage, and distribution, giving the business complete visibility into every minute detail, down to whether one of their trucks turns right or left — or more importantly, whether that truck should turn right or left depending on traffic patterns and delivery schedules.

As industries like marketing and shipping have been transformed by E2E, so will it be for compliance. The only question that remains is not necessarily of when, but of how. 

A Practical Approach

That a variety of solutions are available is an advantage as it allows firms to build a fully integrated technology stack that is unique and optimal for their specific business. 

The most common misconception that financial firms have about E2E Compliance is that it can be accomplished with one vendor. While an attractive vision, it’s one that is simply unattainable (at least in the foreseeable future) considering the massive complexity and scope of regulation.

On its face, this may seem like a disheartening and unwelcome truth, but again we can take cues from industries like marketing and shipping. Both have fully embraced both automation and the concept of E2E and yet no single one-size-fits-all solution dominates either market; quite the contrary in fact. That a variety of solutions are available — and this applies to regulatory technology as well — is an advantage as it allows firms to build a fully integrated technology stack that is unique and optimal for their specific business. 

The first step businesses must take on the pathway to E2E Compliance is to outline their processes and engage with the market to identify which aspects are possible to automate. Firms will find, as we have, that the upfront lift of regulatory research and analysis can certainly be automated, along with a number of other points in the process that RegTechs of all shapes and sizes today are ready to address. 

Ascent can play an integral part in E2E Compliance by providing customers with the ability to automatically identify the obligations and ongoing rule changes that apply to their specific business, then to connect that regulatory knowledge to their other systems via automation. Ascent achieves this on a level of granularity and scale that simply was not possible a decade ago.

As the market leaders in developing Regulation AI — artificial intelligence built uniquely for the regulatory compliance industry — Ascent is forging a new path to help our customers in the financial services industry not only automate and scale their compliance programs, but to make E2E Compliance a reality rather than a vision of a faraway future.

Enjoy this article? Subscribe for fresh thoughts designed to help you stay at the forefront of compliance and technology.

Subscribe


Jul 01
Love2

Better by Design (Thinking): How We Combine Sprints with Customer-Obsession to Drive Product

By Blog, Culture, Tech

At Ascent, we strive to approach each and every challenge with this mindset that promotes first of all empathy, then understanding, then innovation, and finally a “best-fit” solution.

By Subha Sriram, VP Product 

A design thinking mindset is perhaps one of the most important assets for a company as it searches for innovative solutions to problems both anticipated and unexpected. At Ascent, we strive to approach each and every challenge with this mindset that promotes first of all empathy, then understanding, then innovation, and finally a “best-fit” solution.

What is Design Thinking?

Design thinking synthesizes analytical, divergent, and convergent thinking in the various stages of its workflow to finally arrive at the optimal solution.

The term “design thinking” can be traced back to 1987; however, the concept of design thinking has been around for much longer than that. The design thinking model stands as a counterpoint to the more traditional method of problem solving. 

What are the differences between these two schools of thought?

The “traditional” approach starts out with a clearly delineated problem. Then, a consensus solution to that problem is proposed. The bulk of the problem solving in such a methodology involves moving through a linear series of steps until the consensus solution is finally achieved, or revised according to its utility.

Design thinking, on the other hand, turns such a process on its head. Problem-solvers strive to examine a number of divergent solutions at the outset of the process, and then test such solutions to determine their “fit.” Design thinking synthesizes analytical, divergent, and convergent thinking in the various stages of its workflow to finally arrive at the optimal solution.

Customer-Obsession Creates Better Outcomes

Active listening makes it that much easier for our customers to buy into our solution. They become stakeholders from day one, which is a win for everyone involved.

Customer-obsession is one of our core values. Being a customer-centric company means that our approach to problem-solving reflects our keen interest in empathizing with our customers, understanding the root cause of their frustrations and pain points, and designing systems and services that specifically meet their unique needs.

The design thinking methodology provides the freedom we need to actively listen to our customers from the very start of the problem-solving process. It’s easy to sit behind a desk and say: “This is what you need.” But when designers go beyond just serving briefs and make it a point to hear out the customer with an open mind, then the end solution is almost inevitably superior to what may have been our original conception.

As an added benefit, our active listening makes it that much easier for our customers to buy into our solution. They become stakeholders from day one, which is a win for everyone involved.

How We Implement Design Thinking

Of course, as with any high-level concept, design thinking needs a framework of practical application to be useful in the real world. What we do at Ascent is utilize design sprints to help us meet customer needs – and design thinking is an integral part of such sprints.

Our design sprints are adapted from the popular Google Design Sprint methodology. Our process involves 5 key steps:

  • Conducting empathy interviews. We make it a point to be transparent and open with our interview subjects. We don’t always know the best-fit solution for their problems, which is why we probe, and dig, and explore their perspective. It’s vital that in this initial stage, we don’t try to interject our own values or perspectives into the conversation. This is all about them being heard; our role is to listen, clarify, and confirm.
  • Selecting a target focus. Once we’ve consolidated and analyzed all the data from our interviews, we determine what our design focal point should be. We come up with some preliminary sketches to serve as a rough outline of our objectives and potential solutions.
  • Prioritizing sketches. Next, we prioritize the sketches according to several criteria, such as how well the proposed solution would meet our objectives, its practicality, its functionality, and so on. 
  • Prototyping the experience. We then begin work on a prototype, or multiple prototypes, and look to stitch together the whole experience. We want to present the end-to-end experience that we hope our customers will enjoy upon the project’s completion.
  • Conducting usability sessions. Finally, we once more enlist the participation of our customers and stakeholders via usability sessions. We gather feedback from our customers, and begin iterations of the base design.

By implementing design thinking in such a way, we’ve been able to streamline our entire design process, involve our customers from start to finish, and provide the best possible solutions, instead of simply the most convenient.

Design Thinking in Action

Design is ultimately an expression of how humans can efficiently and effectively perform the job at hand. It’s not just a means to an end – it is an integral part of the final product.

Here’s an example of the value of design thinking in action here at Ascent:

We had been receiving feedback from our customers that they wanted an easy, intuitive way to navigate a specific feature. Because this aspect of our platform was not intuitive, customers were not finding the information they were looking for quickly enough, which actually led to them questioning the credibility of the product. Yikes! This is a classic example of the importance of empathy: while this issue may not have seemed so important from our end (because we know first-hand from building the product that the data is right), the customers didn’t have that level of transparency or product knowledge and therefore could only assume that an inability to find the information in the way they were accustomed to meant that was a problem with the information itself. 

We took measures to more fully understand the scope and nature of this problem. We initiated a two-and-a-half-week design sprint, and adhered to our 5-step design thinking process. We conducted interviews with a variety of customers and internal stakeholders. We took the resultant information, sketched, prioritized, and prototyped, and finally began usability testing. 

In the end, the results were overwhelmingly positive. Our customers were thrilled that we had not only listened to their concerns, but had taken proactive measures to overcome the challenges that they were facing. Even though this design sprint resulted in a fundamental paradigm shift in the way we processed rule updates, in the end our customers and stakeholders were completely satisfied, and we learned a lot from the whole experience.

Great Design is More than a Means to an End

At Ascent, design thinking is an integral part of what we do, and its principles of empathy, listening, and humanity are a reflection of who we are as a team. 

Design is ultimately an expression of how humans can efficiently and effectively perform the job at hand. It’s not just a means to an end – it is an integral part of the final product.

 

Interested in joining us? Check out our open roles below. 

Careers