Is RegTech the Key for Tier 1 Investment Banks In The Fight Against the FinTech Wave?

If you are involved in Tier 1 asset management, you are likely all too familiar with the following problem: smaller and less traditional asset management organisations with lower regulatory thresholds and little or no legacy technology are able to leverage new financial technology in ways that are difficult (and sometimes simply impossible) for more highly-regulated banks.

Less traditional investment groups have significant advantages when it comes to investment opportunities that carry both a high level of risk and a potentially high rate of return, and, free from significant legacy technology or processes, they possess greater room for innovation.

But all hope is not lost. Read on for ways that financial institutions can embrace the most innovative technology in a cost-efficient way, without running afoul of regulatory requirements.

The Key to Competition

The challenge for investment banks is to find ways of competing with these smaller and more agile rivals, while at the same time operating within the existing regulatory sphere. To do this, organisations must find ways of reducing the amount of time, money, and resources spent on keeping track of and complying with regulations.

The key to meeting this challenge is RegTech—fully automated regulatory control and compliance, which carries the promise of reducing what is now a largely manual and time-consuming set of procedures into a set of automatically applied, background IT processes.

RegTech carries the promise of reducing what is now a largely manual and time-consuming set of procedures into a set of automatically applied, background IT processes."

Doing it the Hard Way

Traditionally, of course, regulatory compliance has been not only a manual process, but one that is labor-intensive as well. It requires a specialised body of expertise, along with practical experience, increasing both the cost of adequate regulatory analysis and compliance and the difficulty of finding sufficient regulatory personnel. It is not unusual for major financial institutions to consistently fall behind when it comes to compliance, simply because the processes they use are neither efficient nor transparent.

Adding Automation

Regulations are, however, like all modern codified legal systems, fundamentally algorithmic. This means that they can be programmed into expert systems, as can much of the experience and expertise of regulatory specialists. This fact lies at the core of much of what is known as RegTech. Theoretically, if you know all of the regulations governing an industry, and all of the circumstances under which they apply, you can simply encode them in software, and let the software take care of compliance.

In practice, of course, it isn’t that simple, in part because real-world practices (even in the highly standardised world of banking) cannot be encoded algorithmically as easily as the laws designed to regulate those practices, and in part because the range of banking practices and the laws that regulate them is so broad that any comprehensive system of RegTech is likely to consist of a set of interconnected solutions, each designed to address a different major area of regulation.

Degrees of Automation

Much of the enforcement of regulations designed to prevent money laundering, for example, lends itself well to automation, including such things as flagging suspicious transactions and problems with customer identification.

Assessing and stress-testing capital, on the other hand, is more difficult to fully automate, at least on the level of enforcement, even if the applicable regulations are clear. A more appropriate application of RegTech is to automate basic assessment and stress tests, flagging potential problems for further investigation when reporting the results.

Automated risk management can combine both approaches, flagging major risks and obvious regulatory violations in real time, while pointing out potential risk-related problems in automated reports.

The Basic Functions of RegTech

On a more general level, RegTech serves three broad functions:

Automated Application

A significant number of regulations can be applied automatically. In the case of money-laundering enforcement, for example, RegTech software might freeze as well as flag a transaction that shows signs of being in violation of the law. Software might also put a hold on transactions that violate regulations governing capital, collateral, or escrow, or that otherwise exceeded regulatory limits.

Automated enforcement is, of course, a two-edged sword, since inappropriate or misplaced application of the law can itself lead to regulatory problems, but carefully designed software with adequate notification and other safeguards has the capability of taking over the job of day-to-day enforcement for a number of clear-cut regulations.

Automated Notification

It goes without saying that automated enforcement of regulations must be accompanied by automated notification of the appropriate personnel. There is also a much larger category of regulations that cannot be enforced automatically. Instead, RegTech software can alert designated personnel about potential compliance problems.

This may include transaction or customer identification issues that do not pass the threshold for automated enforcement. It might also include available assets or levels of risk that are approaching but have not yet reached regulatory limits.

Automated Reporting

Regulatory compliance reporting is the area of RegTech that can be most easily and completely automated. Automated reporting is itself a standard feature of almost all software-based systems for management and analysis. One of the first tasks for any organisation adopting a RegTech system should be to automate all reports. The key requirements for regulatory reports: they must include all required data; they must present it in the required formats; and they must adequately flag all significant anomalies.

The Advantages of RegTech

For Tier 1 investment banks, what are the main advantages of adopting RegTech?

One of the key payoffs, of course, is disaster prevention. The cost of moving to RegTech is likely to be more than offset by the money saved by not having to pay fines for being out of compliance. A regulatory disaster can also be a public relations disaster, which can in turn cost more than any fine imposed by a regulatory agency. By preventing even one such disaster, RegTech will have more than proved its worth.

An even greater advantage, however, may come from the certainty that your organisation is adequately meeting all regulatory requirements, and any potential problems will be handled automatically. If you know that you are not out of compliance, or that you will be notified automatically if you risk going out of compliance, you are free to act without looking over your shoulder constantly. You can move quickly to seize good investment opportunities, and you can consider high-return investments with the assurance that you will be promptly notified if they carry an unacceptable level of risk.

RegTech has the potential to level the playing field, making Tier 1 institutions fully competitive with smaller and less-regulated asset management organisations.

But how do you actually embed regulatory requirements into software? You need to shift compliance further left along the software delivery pipeline, using an automated DevOps approach. Our Investment Banking Practice lead, Ben Saunders, talks with Adam Bowen of Delphix, about how DevOps can be deployed in the specific context of the upcoming GDPR regulation in this webinar recording. Watch the video here.



DevOps Insights Directly to Your Inbox!

Join thousands of your peers and subscribe to our best content, news, services and events.

Ben Saunders

VP, Consulting EMEA

More Articles by Ben