Here comes RegTech — a new technology field that ensures that companies, especially tech firms, act in accordance with implemented government rules and regulations.
The first time we came across the term RegTech was when our team was delivering Python development services to Clear Minds — an investment platform that acts as a digital adviser for people who want to make profitable investments in the long run. During the final stages of development, in May 2018, the GDPR came out.
If you’re lucky enough to have never dealt with GDPR, I will briefly summarize what it is. It’s a regulation created by the EU that forces companies that work with customers’ personal data — in our case, tech companies — to protect the information they capture. Namely, they cannot disclose it to third parties, and must even delete it if a customer asks them to. GDPR is the reason why your email boxes were recently bombarded with new Terms & Conditions and Privacy Policies of all the services you were using or subscribed to.
Like many other companies, we faced a problem with storing personal data. Not only did we have to study the law itself; we also had to understand how it would affect Clear Minds and what we had to do to comply with the regulation. And we weren’t alone. In this article, I’ll describe RegTech and how it helps solve issues related to compliance with government regulations.
What’s wrong with regulatory compliance?
The problem is that (1) GDPR is only one of the hundreds of other regulations that companies have to comply with. And (2) new regulations appear faster than companies can analyze them and take the corresponding action. Hiring additional legal staff and forming a compliance department isn’t something that all tech companies can afford, never mind startups.
Of course, many firms decided to ignore the regulation — but hey, GDPR fines can be up to €20m and 4% of a company’s annual revenue. I doubt that anybody who’s sane would take such a huge risk. Although non-compliance with any regulation may result in enormous fines, some companies still think, “Well, I don’t care.” That’s a big no-no. Usually, breaking government regulations or even one-time malpractice will result in huge fines, then scandals, and eventually a trial. CB insights made a terrific compilation of 2017 headlines that illustrates the problem:
RegTech — an effective compliance solution
Regulatory Technology (a.k.a. RegTech) is any technology that aims to standardize regulatory processes, create unambiguous interpretations of the regulations, and, most important — automate the compliance process. To characterize the RegTech industry, Deloitte analyzed around 333 RegTech companies and identified 5 main categories of Regulatory Technology.
Let’s dive deeper into these categories and consider how artificial intelligence can contribute to automating each of them. This will help us understand why excluding the human factor by using AI-based tools offered by RegTech developers is more effective than traditional manual operations.
The regulations landscape is extremely dynamic, which makes it nearly impossible for a human to keep up with the latest updates. Here’s exactly where AI and machine learning enter the picture, as they can perform such regulatory compliance activities as:
- Searching for new or reviewed regulations
- Analyzing the collected information
- Sharing the impact of changes with the stakeholders, etc.
AI algorithms can be trained to automatically perform these tasks, with appropriate reviews at key decision points made by the compliance officers.
64% of companies that have already adopted AI tools name compliance requirements one of their main reasons for doing so. These include:
Identity management and control
The Know Your Customer (KYC) process covers client identity authentication and screening. It’s common to perform it the old-school way, manually working with documentation, but RegTech developers rely on advanced data aggregation and analysis tools. Again, AI and machine learning can expand the scope of the KYC process by gathering information from multiple sources that usually requires hours of searching and ultimately may never be found.
Some RegTech solutions can continuously monitor risks. That is, they learn to identify insecure situations based on predefined data. In the financial sector, RegTech solutions use advanced analytics and big data to predict market changes and mitigate similar risks. After all, machines are far better with numbers than people.
The adopters of AI tools for FCRM consider them to be most effective for performing the following activities:
Few people enjoy drawing up reports, and even fewer actually create them. But this is work you have to do, whether you’re a clerk or a high-ranking executive. But people tend to make errors in reports, and this results in unclear or incorrect data. Robotic Process Automation (RPA) makes data management processes work without employees being involved. The result is correct data, reported on time.
Here are a few of the processes in regulatory reporting that can be optimized thanks to AI instruments:
- Data validation
- Analytical calculations
- Categorization and classification
- Data processing and preparation
- Regulatory change management, etc.
Automation of these activities results in significant time- and cost-savings.
This is the process of monitoring financial transactions that go through banks, online shops or other financial institutions to identify suspicious activity and flag it as illegal. There’s normally a separate department in a bank that performs this work. They have certain standards regarding what should be considered suspicious. Like the previous point about reporting, RPA can analyze and monitor transactions faster and more accurately than any professional.
As you can see, most solutions, regardless of the category, utilize RPA, Big Data Analysis, AI, and Machine Learning.
The need for RegTech solutions arises from a number of issues most companies face. Let’s consider the most common challenges and the ways RegTech industry helps to meet them:[supsystic-tables id=20]
Stage #1: Manual operations
All these benefits are driving more and more businesses to search for RegTech experts that can optimize regulatory management. So let’s look at the stages a company can go through when implementing RegTech tools.
It’s the primary stage of managing all regulatory activities, and today it can be compared to cave painting. Well before AI and machine learning turned the industry upside down, nearly all companies used Microsoft Excel for data capturing, reporting, and auditing. Some firms still use it to collect and manage regulatory data. Obviously, this slows down the compliance processes.
Stage #2: Workflow automation
When entrepreneurs realized that Excel cannot possibly keep up with ever-changing regulatory requirements, RegTech development started to evolve. This is when banks started using software solutions for auditing, regulatory reporting, and other compliance tasks they used to perform manually.
MetricStream was among the first to appear, in 1999, and remains the most popular RegTech development company. It’s a comprehensive solution for risk, quality, and compliance management. Along with MetricStream, two other pioneers of compliance workflow automation emerged: Ripcord and Workfusion.
Stage #3: Ongoing tracking and monitoring
Over the past decade, banks moved on to the next stage of RegTech implementation — ongoing monitoring. This allows them to fill in the compliance gaps caused by the large number of constantly arising regulatory requirements. Thanks to real-time tracking, companies can instantly respond to the new regulations and reduce the potential risks of non-compliance.
Stage #4: Predictive problem-solving
After the rise of artificial intelligence and machine learning, RegTech engineers started using these technologies in their software. AI enables smart analytics, proactive risk estimation, and so-called compliance intelligence. Today, companies have much more powerful tools they can use to keep up with regulations and predict and eliminate potential risks.
Examples of RegTech solutions for banking and fintech
In this section, I’ll provide you with a few concrete RegTech examples and explain how they help businesses. Despite the areas that Deloitte has identified, most solutions are cross-industry and comprise several technologies that solve a set of problems in a particular industry. However, my list includes five companies that best fit banking and fintech companies.
Provenir is a risk analytics system that integrates with, as the founders claim, “virtually any structured and instructed data source quickly” and creates risk analyses based on preset parameters. By data source, they mean that they can operate with Twitter, Facebook, Salesforce and many other tech giants. The great thing about Provenir is that it can be used in a variety of different industries, from e-commerce websites to banks. By the way, HSBC is its largest client, which makes it one of the best RegTech examples in the banking sector.
Continuity is a US service that provides regulatory compliance services. The system monitors the US Federal Register and, depending on the client’s business area, interprets changes to the regulations that apply to the client company. So instead of hiring a huge compliance department, a company can use Continuity to save staff time. Moreover, Continuity offers a Unified Compliance Management System Model. You just schedule compliance tasks, and the compliance management process becomes automated.
IdentityMind provides a platform that performs a KYC process: it finds, maintains, and analyzes digital identities, which allows companies to identify a person, perform regulatory identification, and detect and prevent identity fraud. For commercial businesses, it means fewer frauds and protection from money laundering. They also have a base of 20 partner companies that provide data, services, and technology to support larger data operations.
Luxembourg is famous for two things: it’s one of the smallest European countries, and it has an excellent economy. It’s no wonder that Luxembourg is the home to Regis-TR, a RegTech development company that offers a reporting system for all kinds of trade transactions for various assets in the EU. Their reporting system is compliant with three regulations: EMIR, FinfraG, and SFTR. The company plans to create an ecosystem that enables clients to report their data to only one entity at a time and not violate any requirements in different jurisdictions.
Feedzai, as its founders describe it, is an “AI platform to fight financial crime.” Simply put, it detects fraud in omnichannel commerce by offering banks and commercial businesses payment processors protection. They use historical and behavioral analysis of data to identify whether a transaction is potentially suspicious or not.
As you can see, RegTech isn’t something vague and unclear. It’s just that the entire RegTech industry is B2B, so consumers are unlikely to ever come across it.
RegTech is software that helps companies, primarily FinTech ones, comply with established regulations. Most solutions rely on the continuous utilization of AI and machine learning to exclude human error from regular processes like reporting and risk management.
The RegTech market isn’t stable, since governments tend to establish new regulations every year, based on technological progress. Think about the crypto market. Ten years ago, nobody attempted to regulate it. Over the last three years, governments have been trying to figure out how to control it. This clearly demonstrates that RegTech is just starting to develop — and that the more regulations that hit the books, the more solutions we’ll see.