What is RegTech?
Emerging technology is helping financial firms be more efficient, reduce regulatory risk, and lower their overall compliance costs.
Compliance is getting harder. Financial firms are dealing with more regulation, more changes, and more complexity than ever before. In the face of this looming regulatory burden, RegTech has emerged to help businesses streamline nearly every part of the compliance process.
What is RegTech?
RegTech (Regulatory Technology) is the application of emerging technology to improve the way businesses manage regulatory compliance. Though relatively young, RegTech is maturing rapidly. RegTech companies are now engaging machine learning, natural language processing, blockchain, AI, and other technologies in order to bring the power of digital transformation to the world of regulatory compliance.
Rule changes have increased 500 percent in the last decade. A new regulatory update is implemented every 7 minutes, according to Thomson Reuters’ 2018 Cost of Compliance Report. Fines for non-compliance are becoming more frequent and more severe. In 2019, the Securities and Exchange Commission (SEC) alone issued 862 enforcement actions, ordering those in violation to pay more than $4.3 billion combined. The U.K.’s Financial Conduct Authority (FCA) levied its largest personal fine ever, also in 2019.
These challenges have brought to bear a booming new industry called RegTech, encompassing a wide range of tools that help organizations stay above the rising tide of regulation and execute their business activities in a more compliant way.
But what do these solutions do, and more importantly, how can they help Risk and Compliance teams in financial services with the complex job of managing regulatory compliance? Below, we offer a guide to the young and growing RegTech industry – explaining how it came to be, why it matters, and what’s next on the RegTech horizon.
A Brief History of RegTech
The dawn of a new regulatory era
The year was 2008 and the financial world was in chaos. Lehman Brothers had imploded, the federal government took over Fannie and Freddie, and money-market funds broke the buck.
The world was in the throes of the worst financial crisis since the Great Depression.
This new era was epitomized by one single and massive piece of legislation: the Dodd-Frank Financial Reform Act.
Dodd-Frank would mark a sea of change in the world of regulatory compliance. Based on President Obama’s proposal for a “sweeping overhaul of the United States financial regulatory system, a transformation on a scale not seen since the reforms that followed the Great Depression,” Dodd-Frank was undeniably expansive and ambitious. But the success of the Act is more debatable.
To many, Dodd-Frank seemed like a half-measure that mended the proverbial fence only after the horse had escaped the corral. Many financial institutions saw it as overzealous and set on putting up unnecessary guardrails. To the public, it seemed disconnected from their desire to see big bank executives pay for the reckless behavior that had led to the financial crisis.
Effective or not in its original intent, Dodd-Frank would mark a turning point in the industry: the moment the regulatory pendulum swung back from the under-regulated era pre-Global Financial Crisis to the over-regulated era that would follow.
The massive tolls this new regulatory era has brought to bear on financial institutions is staggering.
The Rise of AI
Meanwhile, another tidal shift was beginning to disrupt nearly every vertical (though some much faster than others) — the rise of artificial intelligence.
In the 2010s, AI began to develop extremely rapidly. Deep learning and neural networks made it possible to “teach” a system how to complete a task using a large data set of examples rather than through task-specific programming.
The distinction has wide-ranging implications. The process of writing a program is extremely labor-intensive. With deep learning, programmers can instead feed algorithms data sets to help them learn.
Leveraging natural language processing and machine learning, AI began to beat humans at Jeopardy!, poker, and Go. The capabilities these technologies provided began to disrupt industry after industry.
It was only a matter of time until companies brought the power of these new technologies to bear on the challenges of regulatory compliance.
The RegTech Revolution
It was at this junction of the looming regulatory burden and the rise of AI that RegTech was born.
Initially, the financial services industry met RegTech with a healthy dose of skepticism. The solutions RegTech providers promised were enticing, but the world of regulatory compliance is vast and complex, and its margin of error is non-existent. RegTech companies would need to prove that their solutions worked before financial firms would be willing to bet on them.
Here is when investors stepped in. They understood the depth of the opportunity and were willing to invest capital to help turn it into reality.
A lot of capital, it turns out. And very, very quickly.
According to RegTech Analyst, in 2015 there were 149 RegTech investment deals across the world, totaling $1.1 billion. Just four years later those numbers had jumped up to 317 deals totaling $8.5 billion.
Those deals have continued to average larger and larger amounts. In 2015, only 3.4 percent of deals were valued at or over $50 million. By 2019, that percentage had shot up 17.3 percent of deals.
This investment and maturation helped push RegTech solutions past pilots and out of the innovation phase, so that they could begin operationalizing benefits in a real-life environment. This, in turn, helped RegTech providers convince financial institutions that the value they now offered was real and meaningful.
Benefits of RegTech
For financial services, the benefits of RegTech are substantial:
» Efficiency gains — As regulation continues to grow, it becomes nearly impossible for compliance personnel to keep up without the aid of technology. Technology, capable of processing a high volume of data at incredible speeds, can quickly parse and analyze raw legal text and extract valuable insights.
» Greater accuracy and comprehensiveness — Manual, siloed processes tend to create gaps in the compliance operation, leading to human error and increased exposure. Implementing the right technology (and integrating those technologies thoughtfully where necessary) shores up gaps and creates a streamlined compliance process.
» Greater internal alignment — Technology tools enable greater transparency throughout the business, connecting once siloed people and processes. The result is better insights between business units that can be shared faster, which also leads to a stronger culture of compliance.
» Improved risk management — Many RegTech tools help protect against various types of risk, including market abuse, cyber attacks, and fraud, by monitoring systems and alerting personnel to suspicious activity.
Understanding the RegTech Universe
The list of those tangible benefits seems to grow a little longer every day. The industry is flourishing and constantly finding new ways to improve regulatory compliance as a result.
The expanding RegTech universe has been mapped out by various organizations, including research firms like CB Insights, Forrester and Gartner, the Big 4 consultancies, and large financial institutions. Unsurprisingly, these mappings — while certainly helpful as broad snapshots of the industry — can seem overwhelming.
To better understand how different solutions align with your existing process, it can be helpful to classify this seemingly frenzied landscape into major four categories:
4 RegTech Categories
Tools that provide regulatory content, usually in the form of a content library, feed, or resource center. Content tools consolidate documents published by regulators into one platform (including the laws, enforcement actions, guidance, rule updates, and more), making research and horizon scanning more efficient.
Technology that provides regulatory knowledge is a quantum leap beyond content. Solutions in this category transform the raw text of regulatory documents into actionable knowledge, such as the specific obligations that a firm must comply with.
Technology that includes GRC platforms and other workflow systems, considered containers because they contain all of a firm’s regulatory information — including their regulatory obligations, controls, policies and procedures. Workflow capabilities allow users to track and manage their compliance efforts.
Execution of Compliance
Once firms have the right regulatory information housed in their preferred container, they may implement additional point solutions to 1) execute a task in a compliant way, or 2) assess compliance with an obligation or control.
Implementing RegTech: Problems and Solutions
RegTech stands at an exciting crossroads. The need for compliance solutions in financial services has been demonstrated all too clearly, and the power of the technologies offered — brought to life by the wellspring of funding pouring into the space — certainly has the ability to meet those needs. There are many benefits of RegTech, but its promise is only realized when implemented properly.
Here are a few use cases that can help you identify which categories of RegTech solutions might be best, based on where your firm is in its digital transformation journey.
Example RegTech Use Cases
Problem: “I want to save time on horizon scanning and research.”
Whether you have a full staff of compliance analysts or are a compliance team of one, countless hours are often dedicated to monitoring for new rules and changes to regulation. Traditionally, personnel have captured this information manually from multiple disparate sources.
Solution: Consider a regulatory content provider
With the majority of regulatory documents centralized in one platform, your team can more easily research and review updates and other regulatory documents such as press releases, guidance notes, and enforcement actions – without needing to sift through individual regulator websites or RSS feeds.
Problem: “I want to know my firm’s regulatory obligations, as well as the impact of regulatory changes.”
Compliance workers analyze dense regulatory text and synthesize that information into obligations that apply to the firm. Once they have compiled these obligations, personnel must constantly track rule changes and additions and then determine how those changes impact the firm’s business lines and day-to-day operations. This process is not only painstaking, it is also high risk for human error and must be repeated with every change in regulation.
Solution: Consider a regulatory knowledge provider that identifies your obligations and rule changes.
If you are looking for a way to help your team surface the relevant areas of regulation— i.e. the individual actions your firm must take (or refrain from taking) in order to be compliant — then consider an AI-driven RegTech provider like Ascent that generates targeted obligations and automatically keeps them up-to-date as rules change. Know exactly what you need to do to comply, while maximizing your efficiency and effectiveness.
Problem: “I want to manage my daily compliance activities, including creating and maintaining controls, policies and procedures.”
After identifying their firm’s obligations, it is standard for teams to write their policies and procedures around those requirements. During this process, it usually becomes clear as to which departments need to be involved in order to help maintain compliance. Personnel may rely on Excel spreadsheets or legacy internal systems to create a digital system of record in the event of an audit or examination.
Solution: Consider a GRC platform or other workflow system that allows you to house and project manage your compliance activities.
GRC (governance, risk and compliance) platforms are commonplace, especially in larger organizations, and can help automate menial workflow tasks, tie together disparate data, and house controls, policies, and procedures. Team members can assign tasks, track progress, maintain important documents, and overall ensure completeness of the firm’s obligations.
If you are looking for a solution that can accomplish all of these use cases, it is likely that your compliance operation requires multiple solutions, combined to create a full-scale compliance technology stack.
A common misconception is that “end-to-end compliance” can be accomplished with one vendor. While an attractive vision, it is one that is unattainable (at least in the foreseeable future). While this may seem like a disheartening reality, it is in fact an advantage for financial firms. With a myriad of solutions available, firms can build a fully integrated technology stack that is unique and optimal for their specific business rather than attempt to use a “one-size-fits-all’ approach that would be impossible due to the massive complexity and scope of regulation.
Market Impact of RegTech
Beyond the clear operational benefits to businesses, RegTech also has significant implications for the market as a whole. Historically, spurring business and protecting consumers have been viewed as two objectives that are diametrically opposed, at least from a regulatory standpoint. Issuing less regulation is often seen as the way to give businesses more freedom to generate real value and profit, but this all too often comes at the expense of the consumer. The result is an environment that is ripe for over-regulation, or so businesses fear.
RegTech’s power is in subverting this dichotomy. RegTech helps create a world where it is easier for businesses to comply, unlocking both opportunity and business value without compromising consumer protection. And that makes a better world, for everyone.
To keep learning about RegTech, sign up for our monthly Cliff Notes newsletter.
Keep exploring with these blog articles:
- 9 Common RegTech Questions, Answered
- Setting up a regulatory compliance framework: The first (and most difficult) step
- How an Integrated Risk Management (IRM) approach can transform your organization
- What are ‘granular obligations’ in RegTech?
- Ascent’s RegulationAI™: How does it work and why is it different?
Learn why financial firms choose Ascent to automate the most tedious parts of regulatory compliance.
Read about how firms like yours used Ascent to significantly reduce their regulatory and reputational risk.