In his 2016 state of the union address, then-US president Barack Obama famously said: “Food stamp recipients didn’t cause the financial crisis; recklessness on Wall Street did.” Since 2008, regulators have been trying to plug the gaps that caused the crash, using two main approaches – massive fines and masses of new regulation.
The implications of the fines are clear enough, with calculations running to more than $300bn (£238.8bn). While this is a pretty big stick with which regulators have sought to punish the industry, in many cases the reams and reams of new regulation has caused a bigger problem.
Despite being drafted with the best intentions – of correcting poor behaviours and protecting consumers – regulations are often long-winded, technical and lacking clear and measurable outcomes.
By building automated systems that crawl these web pages and data sets, technology firms are building self filling and maintaining repositories of regulatory dataIn order to deal with this outpouring, global financial services firms have hired hundreds – in some cases thousands – of additional risk and compliance professionals. One of their key jobs has been to support the enormous translation exercise required to make sense of what the new regulation means for their businesses.
Thankfully, relevant technology has made great strides in the past few years. Taking a lead from translation services such as Google Translate, firms are now looking to use the various technologies associated with artificial intelligence to translate the language of regulation and compliance into something easier to understand. Many of these firms have badged themselves as RegTech companies.
Key Points
- Regulation to prevent another financial crisis is often longwinded.
- Artificial intelligence is being introduced that could help interpret new regulations for compliance reasons.
- Compliance staff are not necessarily aware of the detail and restrictions of operational processes or technological systems.
I define RegTech solutions as being those that either solve challenges associated with a particular highly regulated activity, or those that improve the management and implementation of compliance within businesses.
In its broadest sense, the term covers everything from identity management and reconciliations software through to advice process management and risk and control framework software. Importantly, understanding what the regulator requires is at the heart of all these areas.
The first step for firms is to be able to reliably collate the requirements that relate to them. With regulation coming from the FCA, PRA, the Pensions Regulator (TPR), HMRC, HM Treasury (HMT), the European Banking Authority (EBA) and the European Securities and Markets Authority (ESMA) to name but a few, there are a multitude of acronyms to keep your eye on. All of these organisations have different publishing schedules and approaches, which results in big overheads for financial services firms.
Luckily numerous technology providers are looking to include functionality in their systems that monitor and consume the output of these organisations. This gives firms a central repository of documentation relating to their businesses. The monitoring has been enabled by the regulators themselves and has become more consistent in output.
The FCA, for example, publishes all of its new consultations and discussion papers on a central searchable web page. The collection of handbooks is also available as a set of time stamped data, which means solutions can be built that rely on this data structure and availability.
By building automated systems that crawl these web pages and data sets, technology firms are building self filling and maintaining repositories of regulatory data, which can be varied based on the types of business firms which operate and therefore the regulators they are covered by. A consolidated set of data with the noise removed means the onerous task of “regulatory watch” can be reduced and improved.
Having all of the regulation in one place is useful, but for many firms, one of the biggest tasks is to read it and understand what is being asked of them. Because of the complexity of most regulation, this is not a job that is easily resourced.
Regulation policy teams, staffed with qualified compliance professionals, are typically responsible for this activity, but even with expertise, the process is a slow, manual one. Large consultation papers and a completely new piece of regulation can take weeks to digest in order to understand the true complexities of what is being asked of firms.
The impact of this can be seen clearly in the hiring profile of financial services firms. Big banks have been upping the number of people in their compliance departments by up to 500 per cent, which has resulted in costs for compliance teams rising considerably. Risk and compliance now takes up a substantial portion of the overall cost base of financial services firms.
Firms are trying to use technology to circumvent this. Specifically, they are looking into using a couple of techniques from the artificial intelligence canon – natural language processing (NLP) and supervised machine learning.
NLP technologies take free-form text contained within regulatory documents and convert it into content humans and machines can understand. They then go through a process of key word extraction, sentiment and key point analysis and categorisation.
Compliance professionals can then review this focused output, clarify exceptions and provide feedback on where the system was right and wrong. This aspect forms the basis of supervised learning and allows the algorithms within the system to learn what good and bad outcomes look like, then use this information to improve their future performance.
Understanding the scope of the regulation is one thing, but for many firms the biggest pain point comes next. Most compliance staff are not necessarily aware of the detail and restrictions of operational processes or technological systems. In most regulatory change programmes, there is a stage of impact analysis whereby the change function works collaboratively with the compliance team to understand the business context and required changes in order to meet compliance.
Unfortunately, the change function is all too often focused solely on the change at hand, not the wider organisational context. This usually results in the impact analysis work required for a piece of regulation being essentially throw-away, as it does not have a balanced and logical base that can be reused for a different project.
In order to solve this challenge, what is needed is a translation of the actions required from the regulation, which is attached to a framework that exists within the business, is agnostic of the change project and provides a consistent view of the entire business.
This should be used to build a common language and the understanding needed to get changes to work more effectively. If this framework is linked to the policy owners in compliance, the project leads in the change function and the business heads in the operations function, all stakeholders can be kept abreast of the requirements the new regulation is bringing and the impact this will have on their teams.
For forward-looking financial services firms, there are huge opportunities to improve the way compliance works within their businesses. By working with RegTech start-ups to improve internal processes and automate cumbersome translation work, they can ensure their teams of compliance professionals are focused on higher value work.
Firms that embrace this new way of operating will see decreases in the cost of managing risk and compliance in their businesses. Those that do not will struggle to keep up in tomorrow’s market.
Adam Jones is head of innovation at Altus Consulting
