The financial crisis of 2008 changed the world of finance forever; sowing the seed for massive regulatory overhaul and increased compliance costs. Pressures increased dramatically, as regulators and governments sought ways of preventing the mistakes of the past. New rules were introduced, old rules were abolished and as a result, compliance teams became more important than ever before.
Regulators have since taken no prisoners. In the years following the financial crash we have seen record fines for those firms failing to achieve the required standards. The industry has reacted accordingly – the cost of non-compliance now outweighs anything that might be gained from cutting corners. This means there has been an increasing demand for technology solutions that support compliance, and with it the creation of a whole new specialist sector.
RegTech to the rescue
Heralded by Deloitte as “the new FinTech”, regulatory technology – or RegTech as it’s more commonly known – is a sector specifically focussing on the compliance, security and regulatory aspects of FinTech. RegTech platforms facilitate the delivery of regulatory requirements more efficiently and effectively than traditional, manual solutions. Essentially, RegTech is about developing technology solutions that can help firms better comply with regulations in an agile, comprehensive and cost-effective way.
Since 2008, regulators have imposed more than $300 billion in fines and penalties to firms that have failed to achieve compliance standards. With so much at stake, companies are investing heavily in RegTech. According to research by FinTech Global, investment in RegTech has more than tripled over the last five years. With regulators demanding a much higher level of transparency, technology solutions that enable this are becoming increasingly important.
RegTech in reality
Complex directives such as the Markets in Financial Instruments Directive II (MiFID II) are starting to put pressure on compliance teams to respond to regulatory change in new ways – traditional tools can no longer keep pace. With MiFID II, regulated firms will need to monitor the records of transactions to assess compliance with recording procedures; the adequacy of such procedures; that records are accessible; and that records accurately reconstruct the audit trail of a transaction. It’s a massive task that’s proving daunting for many firms that, quite simply, do not have the technology or infrastructure in place to comply. Alongside having advanced data encryption and security procedures in place to guarantee who has access to recordings, organisations will need impressive storage resources in place to cope.
Modern compliance challenges require modern tools, and these need to be as globally dynamic as the organisations they support. RegTech systems harness global data sets in a way that offers new and timely insight into regulatory processes, automating compliance and risk management tasks by pooling and aggregating data from a range of sources. Often this data is too complex, too varied, too expensive, or just plain impossible to review manually.
Innovative RegTech companies are automating these complex processes to significantly reduce the cost of achieving compliance. They are helping financial services companies meet regulatory obligations by, for example, providing aggregated global credit and anti-money laundering (AML) risk data, providing on-boarding, screening and monitoring tools for due diligence and know your customer (KYC) processes, and the recording, storage and analytics of regulated telephone conversations.
A new stage for RegTech
In 2018, RegTech will play an even more important role, stretching beyond financial services into virtually every industry. The EU General Data Protection Regulation (GDPR) will come into force in the first half of the year and this represents a huge overhaul of data protection rules. Organisations in virtually every industry will need to make stark changes to the way they treat compliance, and take heed of the huge financial penalties at stake should they fail to comply.
Under GDPR, companies can be fined up to 4% of their global turnover for a breach. With such a significant overhaul of the data protection landscape, regulators will want to make examples of companies failing to achieve the new standards. Many industries will be taking inspiration from financial services firms, rolling out specialist technology solutions to support the transition to a new era of oversight.
Next steps for RegTech
For most companies, the primary issue of the near future will be the scope of new regulations. Compliance will not be straightforward and some regulations will contradict each other. For example, if one regulation insists that all records of a transaction are kept for five years whilst another provides rights to remove this data, which one prevails? The RegTech sector will be poised to answer these questions with practical, technology-driven solutions, interpreting the new regulations for multiple sectors.
A great example of where RegTech is already helping address compliance challenges is in the voice space. Just imagine how much personal data is held within call recordings. These are ubiquitous across many industries – a range of sectors store call data. With GDPR offering customers new rights to access, view and delete this data, how can companies ensure they can offer this capability? How will they even know what data they hold? A technology approach to the problem is the only way many organisations will be able to address these challenges effectively.
A bright future
Huge fines and reputational risks mean that for the majority of businesses, non-compliance is not an option. RegTech is poised for huge growth, as regulators promise a greater level of control and oversight than ever before. Frost & Sullivan suggests the global RegTech market could reach $6.45 billion by 2020. The future of RegTech looks bright. Those tasked with navigating the increasingly complex compliance landscape will be waiting with open arms to welcome any innovative technology solution ready to help.