RegTech – How technology is helping business comply with regulation

RegTech (Regulatory Technology) as a sector has been born out of the need for financial services companies to comply with the strict, post-crisis governance regime. We have seen nimble tech start-ups emerge, that have been able to spot opportunities to facilitate regulatory compliance. In contrast, older, established players have in some cases been hindered by their legacy systems.

R&D & RegTech

RegTech R&D takes many guises but tends to be digital in nature. Current applications include the use of complying with regulations, acting as a health check tool, data analysis, reporting and as a regulatory and training tool.

Typical examples of innovation in RegTech include:

• Advanced data interrogation – Powerful tools to extract the required information from systems.
• Platform development – Bringing diverse compliance processes together in one easy-to-use place.
• Interfaces for legacy systems – Extending the lifespan of complex, aging systems.
• Cloud technologies – Harnessing remote processing power and data storage.
• Algorithms – Developing quick and advanced processes.
• Sandboxes – Safe environments where scenarios can be tested.
• Machine learning – Artificial intelligence to improve processes.

Exciting RegTech companies

With so many compliance problems to be solved using RegTech, there are many companies working in this field. Let’s take a look at some of the exciting RegTech companies out there, and how they are helping businesses comply with regulation.

RegTech and background checks

One company performing RegTech R&D is Onfido. Using RegTech to perform background checks, Onfido are helping businesses verify potential candidates for job positions and make background checking faster and more efficient.

Powered by machine-learning software, Onfido’s API enables users to run background checks alongside identity and document verification. Once a person’s identity is confirmed, Onfido then performs criminal and anti-money laundering checks.

This innovative use of RegTech gives companies an extra layer of security and the ability to efficiently comply with strict regulations.

Morgan McKinley, a global professional services recruitment consultancy, used Onfido’s service to vet the candidates that apply for its job listings. Morgan McKinley found that, through using Onfido, it could improve its workflow and reduce costs, whilst simultaneously providing a more secure screening process for its applicants.

In turn, this has helped Morgan McKinley stand out in a highly competitive industry, using Onfido to provide background checks such as the applicant’s right to work, their employment history, qualifications and credit and criminal backgrounds.

Email compliance RegTech

CheckRecipient was formed as a cybersecurity start-up in London. They have developed artificial intelligence and machine learning software that is integrated into organisations’ email platforms.

This clever program runs algorithms to analyse millions of data points to detect the risk of information leaks via email. This could include accidental or malicious activity. If they identify a risk, they flag it in real-time to prevent exposure. To highlight the scale of the problem this is solving, in the first quarter of 2016, data sent by email to the wrong recipient was the number one cause of data security incidents reported to the Information Commissioner’s Office.

This could be useful to anyone – we’ve all sent an email to the wrong person at some point. But it is particularly relevant to regulated industries where disclosing confidential information could see strict rules breached. Think stock market rules relating to sensitive information around mergers and acquisitions, or individual medical records in the health sector.

RegTech for managing risk in capital markets

Percentile is a London-based company that has been developing technological solutions to regulatory challenges for more than a decade.

Their flagship product, RiskMine, is a modular platform with which clients can bolt on specific components to meet their needs. These include data feed and storage, multi-dimensional aggregation and reporting, scenario generation (for example for stress-testing), and standardised and internal modelling for FRTB (Fundamental Review of Trading Book).

This innovative product aligns the functions of front office and risk by streamlining day-to-day risk management activity while complying with complicated regulations such as FRTB.

In the case of FRTB, this technology overcomes the difficulty of moving to a more detailed per-desk capital calculation that the regulations require. Where possible, the platform is flexible enough to use legacy infrastructure within a bank.

RegTech compliance platforms

Another exciting UK RegTech firm is Suade. They identified the global cost to banks of fulfilling regulation ran into tens of billions of dollars. And, according to OECD figures, more like $100 billion. Moreover, for smaller banks, there is no way they can possibly adopt the new regulations profitably.

So Suade developed a cost-effective compliance platform for banks. This allows them to see how they stand with the current regulatory framework, use tools to implement regulation and even maximise business opportunities.

RegTech for automation

Many compliance tasks are repetitive and prone to human error. One company tackling this is FundsApp. They have developed a web interface that monitors the regulatory environment and responds to changes within it. In doing so they have been able to automate some of the most difficult tasks in financial compliance.

For instance, they have automated disclosure obligations like major shareholding, issuer requests and takeover panels. By calculating net and aggregate positions, they eliminate the risk of human error.

As with many forms of RegTech, algorithms are central. FundsApp have a team of compliance experts who analyse the “legalese” provided by a partner company from around the world and transform it into algorithms. They have a huge rules library in which they keep track of over 500 rules concerning international regulation – all to simplify the compliance process for their client companies.

Using RegTech in credit risk

Understanding credit risk is an integral part of financial services and is intrinsically linked to regulation. One company taking a technology-led approach to credit risk is Credit Benchmark. This firm collects, aggregates and anonymises credit risk estimates from market organisations to offer an innovative source of credit risk data. This helps their clients to make decisions regarding risk management and capital allocation with better overall understanding. It also improves interactions with their regulators.

The technological challenges they must overcome to achieve this include upholding data quality, ensuring the confidentiality of their contributors’ in-house data, and cybersecurity. Some of the ways they fulfil these are robust data validation and entity matching, as well as having the capacity to cope with unlimited datasets.

By building this system they have been able to offer trusted alternative credit information for unrated sovereigns, investment funds, and public and privately-owned companies.

RegTech and Solvency II regulations

Solvency II regulations are a good example of the kind of niche data requirements that a regulator can impose on the financial services industry. These require insurers to report on fund investments from a holding level up to a look-through basis.

For an asset manager to be able sell its fund services to an insurer, it must be able to provide the data required for Solvency II look-through. This is potentially an arduous task with issues around collating multiple confidential data sets in a timely, controlled and secure manner.

That is where Silverfinch come in. This UK data exchange company has developed a one-stop shop that handles these requirements cost-effectively, whilst protecting asset managers’ intellectual property. In a theme cited by many RegTech companies they consider that they turn the burden of regulation into an opportunity for companies that use them.

FCA RegTech

In a blog in 2015, the UK’s principle financial regulator the Financial Conduct Authority (FCA) signalled an interest in RegTech. In particular, in relation to how financial services companies comply with anti-money laundering regulations.

Developed in the 1990s the methods used are often still reliant on a client submitting paper-based documentation such as a passport and utility bill – a curious anomaly in the digital world we live in. The FCA suggested that developing new ways of fulfilling anti-money laundering regulations could be a way that a company could gain a competitive advantage.

They fire two words of warning. First not to be blinded to the risks that new approaches to anti-money laundering procedures may introduce. And second, not to leave vulnerable people who don’t have access to technology behind.

FCA sandbox

In a further example of how regulators like the FCA are engaging with RegTech, we have the regulatory sandbox. The FCA set this up to provide a live but safe environment in which businesses can deploy innovative business models, services and products.

For the first cohort of organisations wishing to use the sandbox, 69 companies applied and 24 were accepted. These included e-money platforms, digital currency transfer services, banks, consumer protection organisations and customer authentication apps.

Further cohorts are lined up and the sandbox concept shows perfectly the need for, and application of, R&D in the RegTech sector.