Even with a stabilized regulatory landscape, changes implemented since the financial crisis continue to have costly impacts on banks, asset managers, and insurers worldwide. Up to 15 percent of financial institutions’ staff now work on governance, risk management, and compliance — yet even with this investment, regulatory compliance is by no means assured. Financial institutions have paid well over US$340 billion in fines in the 10 years since the financial crisis, and one report estimates that the total is likely to top US$400 billion by 2020.
In the coming months and years, regulators around the world are expected to turn their focus to investigating how well financial institutions have integrated regulatory change into their businesses. Identification of breaches of anti-money laundering (AML) regulations and knowyour-customer (KYC) non-compliance are also expected to grow. Nor is there any expectation that this level of regulatory rigor will be relaxed within the foreseeable future. This means that, in order for financial institutions to adapt to and excel in this new normal, regtech must be a critcal part of the transformation agenda.
To date, many institutions have been focused on using technology to help achieve compliance, while minimizing risk from misconduct and regulatory investigations. Now that focus is shifting towards a greater focus on cost, especially as institutions look for ways to reduce the cost base and achieve meaningful profit growth in the face of increased demands from regulators and customers alike. However, regulators will want to see financial institutions continue to strengthen their core risk management governance, controls, practices, and reporting. In addition to cost savings and efficiency, the coming increase in both supervisory activity and associated expectations should push financial institutions to consider more robust regtech solutions.
In previous years, a primary consideration when pursuing innovation was whether to build, partner, or buy a regtech solution. As the quality and diversity of regtech offerings continue to rise, the conversation has changed, with a growing number of entities actively looking for alternative solution providers. A fourth option is also becoming far more viable, especially for smaller players challenged by lack of capability and capacity: that of a third-party managed regtech solution.
These models are excellent for managing current uncertainties and addressing immediate regulatory issues. However, over the long term, financial institutions will need to take a broader approach, using regtech as part of a wider technology transformation initiative designed to help the organization weather increasing complexity. Financial institutions are facing pressures on multiple fronts, from political shifts and global financial changes, to the impacts of new market entrants, new products, and compressed margins. In order to seek solutions to these complex issues, some global investment banks are already pursuing a ‘reinvention’ strategy using technology to enable the transition into a data company. This type of transformation is the future, and financial institutions should look to take the early steps today.
While financial institutions grapple with where, when, and how to best use technology in their risk and compliance processes, many regulators are already pushing full steam ahead. Supervisory technology, or SupTech, is being used by more regulators to allow them to deliver faster and more effectively on their core mandate. For example, one growing area of SupTech is in the use of machine learning and AI to examine vast data sets to predict and identify breaches or cases of misconduct. Here, the potential risk to financial institutions is that if the regulator has access to technological capacity far in advance of the organization itself, the regulator could predict risk areas that the institution does not see coming.
Regulators are also starting to push for the ability to gain direct access to financial institutions’ data, rather than relying only on data provided to them from reporting. For example, the UK’s Financial Conduct Authority has been working with the Bank of England and various other organizations to pilot a program to make regulatory reporting “machine readable and executable… creating the potential for automated, straight-through-processing of regulatory returns”. With the right technologies, regulators would not only be able to oversee a broad set of regulated entities and market activity as a whole, but also use analytics capabilities to identify systemic weaknesses and pinpoint areas for future focus.
For banks, asset managers and insurers trying to determine the right regtech options for their needs, we recommend a few critical early steps:
Many financial institutions are still reeling from the costs and other implications stemming from the massive regulatory changes implemented over the past 10 years. Regtech is the key to addressing these challenges. With the right automation and technology solutions, financial institutions can achieve sustainable change and meaningful cost savings while responding effectively to regulators’ demands and the imperative to prudently manage the evolving risk landscape for the benefit of all stakeholders.
KPMG Matchi helps financial institutions, regulators and others to engage productively with emerging technology providers.