As part of the International Compliance Association’s Big Compliance Conversation #BigCompConvo, International Compliance Training hosted a panel last week that brought together experts from the banking, RegTech and FinTech sectors to consider the key issue of RegTech and FinTech’s impact on the regulated sector, and in particular on banking.
Two linked questions were considered:
- What is the impact on the regulated sector of FinTech/RegTech today?
- What does the future of RegTech/FinTech look like for the regulated sector and compliance practitioners?
Before embarking, the meeting agreed its understanding of the relevant terms:
FinTech: an industry evolved from new technology and innovation that aims to compete with traditional financial services methods. FinTech includes crowdfunding, cryptocurrencies, mobile payments, and Artificial intelligence (AI).
RegTech: businesses involved in developing new technologies to help overcome regulatory challenges in financial services.
Whilst panel members represented a range of different disciplines within banking, RegTech and FinTech, there was a clear consensus over the key issues today and very little disagreement about the future of the industry. Here are the headlines.
Impact on the regulated sector of FinTech/RegTech today
(i) Level of understanding within traditional banking and regulators about the nature of FinTech and RegTech is poor. Conversely, there is evidence of weak understanding within the FinTech community about compliance and financial crime risks.
The issue was illustrated by the example of a major bank that had bought and deployed sanctions screening software, running this for some time before finding that a key programme within the system had simply not been turned on. Another bank employed many hundreds of staff dealing with false positives that were in large part generated by a system that hadn’t been configured correctly.
(ii) Convergence of non-financial products with financial services. Amazon, Facebook and Google are, for instance, venturing further into the provision of financial services that are fully integrated within existing social media and product sales channels, changing the customer’s experience. The meeting noted the potential for banks to be moved increasingly away from interaction with customers into a ‘back office’ role as front-end functions are undertaken by non-traditional services.
(iii) Legacy systems combine with current financial crime compliance systems to form complex and at times disconnected networks. Examples included sanctions software that was entirely disconnected from CDD and similar systems. This ‘legacy spaghetti’ presents a significant and growing challenge as new and often disruptive technologies are deployed.
(iv) Misunderstanding and suspicion between FinTech businesses and the banks have, on the one hand, contributed to a blanket approach by some banks seeing business based on emerging tech as automatically ‘high risk’ and outside of appetite. This has made it difficult for some start-ups to access financial services.
On the other hand, RegTech providers have on occasions adopted an opaque approach to the deployment of their systems within banks, declining to disclose how the software operates (i.e. what takes place within the ‘black box’), citing fears about IP rights and control. This has contributed to the poor levels of understanding within the banks mentioned above.
(v) Regulatory expectations in the context of FinTech and RegTech are unclear. Whilst the opportunity to use the regulatory sandbox has helped, the pace of change within the industry appears in part to have outstripped the development of regulatory guidance. This has the potential to inhibit the deployment of new products and services.
What does the future of RegTech/FinTech look like for the regulated sector and compliance practitioners?
(i) The significant potential for new and emerging technologies to radically change the way in which the banking industry manages financial crime risks was noted, and was implicit to much of the discussion. AI, blockchain, machine learning and big data have the potential to disrupt current arrangements, for example, reducing customer on-boarding timescales from several weeks to a few days, or even hours or minutes. Current and anticipated developments in these areas have many implications for the industry and for individuals working within it – now and in the future.
(ii) Growing collaboration between RegTech businesses and banks is anticipated. Greater awareness and involvement by banks in the development of technical solutions is likely to lead to a more collaborative, transparent approach. The meeting noted the importance of building trust between concerned parties to drive and enable required change.
Many RegTech providers offer niche products focused on, for instance, one element of a control framework. The meeting anticipated growth in joint initiatives bringing together a number of providers to offer integrated solutions.
(iii) Digital standardisation was recognised as a requirement and driver for continued growth in this area. Systems operating within existing and future services will need to talk to each other using common language and protocols. There is an opportunity for governments and regulators to lead the way here through a consistent approach to the submission of data to FIUs / regulators.
(iv) Resourcing requirements within the industry are likely to be impacted by the increasing adoption of RegTech solutions. The meeting noted that many staff currently working in compliance are engaged in process-driven activities that may in the future be automated. These roles have been located off-shore by many banks and the impact of the changes may be felt more keenly in these locations.
(v) Skills requirements for compliance professionals are likely to change. Whilst some functions are likely to be automated through the use of new technologies, there is likely to be an increased need for staff displaying a range of skills, many of which are currently under-developed, or not found together.
Compliance officers and managers of the future may need to display a range of skills including: -
- Financial crime risk and mitigation
- System design
- Critical thinking
It was suggested that existing financial institutions in which IT and financial crime capabilities are integrated perform significantly better (in financial crime compliance) than those in which these functions are separated.
The panel concluded by noting that performance of the current AML ecosystem globally is poor, if measured by the continuing growth of the criminal economy, asset recovery levels and money laundering prosecutions. The opportunities offered by RegTech have the potential to not only realise efficiencies through automation and similar functions, but also to drive significant improvements for instance in the context of data analysis and information sharing. Given the right legal and regulatory context, these and similar changes have the potential to radically improve the industry’s response to the threat of financial crime.