Mike O’Hara, Partner, The Realization Group
To capitalise on investment in compliance-related technology, firms need to act strategically. How can ‘RegTech’ be leveraged to drive business growth?
Since the global financial crisis, banks have been fined a total of more than $350 billion for various regulatory infractions.
Add in the lost opportunity costs associated with those fines and the reasons behind them and it is not hard to see why regulatory compliance is so high on banks’ and financial institutions’ agendas.
Given that complying with regulations is not an option, it is an essential aspect of doing business today, how can firms turn this situation to their advantage?
This was the topic of discussion at a recent event hosted by BT in New York, entitled “Is RegTech your differentiator?”, where senior executives across banks, brokers, investment management firms and solution vendors came together to share their ideas on how regulation can be treated as a catalyst to bring about technological and process-driven change and to drive business growth, rather than being viewed simply as a burden.
The Regulatory Landscape
At a high level, there are two main areas that the regulators and central banks have been focusing on since the global financial crisis. The first is around transparency, improving management and governance at financial institutions to protect investors from dishonest, malicious or illegal practices. The second is around stability, improving the banking sector’s ability to absorb shocks from financial and economic stress.
The regulatory landscape has changed beyond all recognition in the last ten years and continues to evolve, with many financial institutions now reassessing the products and services they offer, the assets they trade, the customers they serve and the business lines they operate.
From a trading perspective, one implication of increased regulation is the need to have in place a complete set of logging, recording and audit trail technologies, accompanied by policies and procedures for their use, to ensure no trading activity can escape review.
The regulatory motivation for this is clear. Eliminating market abuse, manipulation, mis-selling and rogue trading is what the regulators have in their sights. They want to understand not just the nature of communications from a deal perspective, but also how did that deal go about getting done? Was the way the deal was struck appropriate?
However, capturing voice data alongside a wide range of written and electronic communications in a way that it can all be meaningfully reviewed is a difficult undertaking. Multiple communication channels need to be aligned so that captured data can be used to reconstruct a trade narrative.
Data challenges around trading
The fundamental basis for any firm to be able to understand and comply with all of these regulations in an effective way, is data. If a firm takes a strategic approach to how it collects, stores, manages and uses compliance-related data, it can move regulatory compliance from a box-ticking headache to a true enabler for business growth.
However, there are many challenges that have to be addressed first, one of which is sheer volume. For larger firms active in electronic markets, capturing and storing all electronic trading data for compliance needs is already a significant task, but that only scratches the surface.
To combat suspicious trading, regulators increasingly want to see far more than just the deals that have taken place. They are also looking for granular time-stamped data on orders, quotes and indications of interest, which can present significant technological challenges for firms in terms of both scale and complexity.
Trades in fixed income or OTC derivatives instruments for example, might begin with a Bloomberg message, evolve into a phone call and then end up with the trade being processed through a trading platform. The decision-making process around why a client order has arrived at a particular destination to trade and why a particular dealer, venue or counterparty was chosen, is not typically stored in a standardised or structured way, which is a problem from a data compliance perspective.
Data challenges around risk
From a risk and capital perspective, in order to establish a common framework for managing and reporting risk, banks need to be able to aggregate risk-related data from multiple sources in order to perform the necessary risk modelling and reporting.
There has been a massive shift in the way banks are now required to analyse, compartmentalise and drill down on risk-related data in order to run scenarios and simulations. Firms that have taken a ‘siloed’ approach to risk data for stress testing for example, have discovered that they could not achieve a wide enough overview of their risk, failed the tests and had to go back to square one to revise their approach and to put an appropriate framework in place.
Taking a more front-to-back approach to data infrastructure can pay significant dividends in the longer term. Data sets that are deep and accurate, where contents can be interrogated, viewed and analysed flexibly, not only demonstrate to regulators that firms are managing their risk and capital levels effectively for their chosen business models, but they can also provide greater visibility into those figures for the firms themselves, allowing them to make more efficient use of that capital, which can save them significant amounts of money in terms of margin and collateral requirements.
RegTech to the Rescue?
Deloitte defines RegTech as “technology that seeks to provide nimble, configurable, easy to integrate, reliable, secure and cost-effective regulatory solutions.”
The ideal situation with any RegTech solution is to have a data-oriented digital backbone with a clearly defined workflow that would allow new regulation technology to be plugged in to a firm’s infrastructure. However, often the only viable option when implementing RegTech solutions is to take a gradual approach, layering new systems and processes on top of what already exists. And because there are still many firms that keep trading data and risk information in their own silos that do not always match up, there is plenty of work to be done to standardise and contextualise that data to bring about a more transparent infrastructure.
RegTech solution providers can help both themselves and their customers by making sure their products can integrate easily through standardised APIs and, although many RegTech solutions are delivered over the cloud, having a capability to deploy in a privately hosted or hybrid environment is also an increasingly essential requirement.
However, despite their innovative ideas, scalable technology and cost-efficient solutions, smaller or younger RegTech providers can face an uphill struggle when aiming to do business with larger institutions. The barriers in financial services are high. Many large banks, due to conservative procurement policies, often cannot commit to using new providers that have not been properly tried and tested. And rather than having to coordinate coding and connectivity with many external vendors and systems, larger banks often prefer to use a small number of proven providers.
How can RegTech vendors encourage institutions to invest in their solutions?
1. Understand your customer
They need to have better empathy and understanding of the needs and constraints faced by banks, both in terms of their shareholder concerns and as highly regulated entities. RegTechs really need to understand their customer and how their buying decisions are made.
2. The right delivery partner
Many RegTech vendors overlook the importance of their own credibility – or lack of it – when it comes to delivering a solution to a large scale, complex institution. A five- or ten-man technology house is going to find it very difficult to take the lead on an integration and transformation project at a tier-one bank. This is where finding the right delivery partner can make a significant difference.
3. A results driven framework
They need to consider what constitutes success when working with a large organisation, and plan accordingly. Being able to clearly articulate what the results will be, with proof points along the way, is essential. Plan strategically, but implement tactically.
Compliance as an enabler
Despite banks looking to consolidate their vendor relationships and work with a smaller number of vendors, there is definitely an appetite for taking a modular approach that allows multiple solutions to be integrated. Accordingly, there is a growing demand for Cloud and ‘as-a-Service’ offers, because of the scale, flexibility and cost-effective deployment they can deliver.
One of the key benefits of Cloud is that it can bring disruptive technology from a business value point of view, while being non-disruptive from an implementation perspective. Onboarding a pre-integrated set of solutions-as-a-service overcomes many implementation challenges.
A Tier Two bank undertook a project to consolidate its entire electronic communications base using a cloud-based environment, ingesting voice from IP telephony, instant messaging, chat and other e-comms to serve compliance needs. The bank has now started extending that project, using that data to look at how it can better serve its customers, uncover sentiment, and find potential cross-selling opportunities that would not get picked up otherwise.
The premise is that the wealth of information disclosed during a conversation between a sales trader and a client could be considerable if it is tagged with metadata and integrated into a single data layer, which can include wider context of market activity and execution analysis. By integrating eComms data with electronic trading data from order management and execution management systems, the bank is now starting to gain a more granular understanding of customer and trading behaviour.
This model requires that data is not tied into siloes but made more easily accessible across front- to back-office functions. For this particular bank, it is giving them a deeper and richer analysis of communications with their customers, their counterparties and within the bank itself, which can be scrutinised to support a range of business objectives, not just compliance.
This case study above demonstrates that compliance departments can have a very rich view of the business. Compliance-related data can be used within the business to gain new insights and efficiencies, potentially offsetting the costs of investing in these technologies.
Intelligent automation (artificial intelligence, machine learning & robotic process automation)
The need to continually ensure compliance is now focusing firms’ attention on machines that are faster and more rigorous than humans, but which can learn and adapt. And there are enormous opportunities for driving growth and increasing productivity through the use of intelligent automation based on data sets collected for regulatory compliance.
One application of this is in trade surveillance, where machines can recognise patterns and identify new threats as they emerge, and they can explore evidence, or contextual data, once unusual behaviour is flagged for further investigation. Behavioural analytics that combine data analytics with behaviour profile algorithms can also be used beyond compliance, to monitor decision-making behaviour with the aim of improving performance, for example.
To operationalise models for intelligent automation, firms need to integrate these new technologies into their existing frameworks. At an architectural level, the more a firm can standardise in its IT environment, the more easily solutions can be deployed, helping those organisations to become more agile. APIs and messaging standards are providing gateways between systems where there used to be barriers. Now digital data layers can be laid over the top of multiple systems to aggregate and publish data for use within automated processes, introducing robotic process automation to replace manual work and improve productivity, executing work that might be unviable for a human to do, either because it is too labour-intensive or takes too long.
We are now in a world where it is realisable and achievable that real-time human and machine interaction can be captured, indexed, contextualised, correlated, and presented in an accessible form either via a dashboard or through an API, and then used to trigger activities and events.
Financial services firms are employing this technology within their operations today, they are seeing the benefits today, and they are increasing their use in readiness for tomorrow. From anti-fraud systems, identifying suspicious patterns of behaviour, to trading platforms that determine how best to place an order for a securities trade, data is being mined by enterprises seeking competitive advantage, increased efficiency and more rigorous risk management.
But firms need to be intelligent in their decisions to build, buy or partner. They need to ensure they are maximising their technology investment in areas they can differentiate, and to leverage trusted partners and vendors for the rest.
This article was originally published on the BT website