RegTech: Reinventing the relationship between Regulators and Financial Institutions

As the name suggests, RegTech deals with technologies developed to facilitate the interaction between regulatory bodies and various industries such as

a)      Financial services;

b)     Environment, health, safety and quality;

c)      Healthcare;

d)     Vendor risk management;

e)     Cyber security;

f)       Background check;

g)      Cannabis

h)     Government / Legislation 

Map Source: CBINSIGHTS

In this article, we will be focusing on those RegTechs which are facilitating regulatory compliance and monitoring for Financial services (FS). 

With the ever changing BFSI landscape of risk and compliance, financial institutions are finding it difficult to keep up with the latest regulations in order to ensure compliance, reduce risks and improve revenue opportunities. Current RBI (Reserve Bank of India) Governor, Shaktikanta Das, has also announced to set up three main technological units within RBI namely FinTech (Financial Technology), RegTech (Regulatory Technology) and SupTech (Technology to Supervise) for greater adoption of technology in banking and non-banking financial services.

Today, RegTech is not just seen as a medium to automate manual compliance processes and reporting to regulatory bodies, but also as an enabler to enhance internal supervisory and monitoring processes for regulatory bodies. Financial institutions incur high running BAU costs in ensuring risk compliance, any reduction in such costs will help these institutions focus their efforts in improving business processes and enhance customer experience.

Major pain points for financial institutions in the regulatory space are given below:

a)      Rising volume of regulatory changes – it is getting difficult for financial institutions to keep track of regulatory changes on a regular basis

b)     Sorting out the relevant requirements – it is challenging to truly understand the regulatory requirements based on the product portfolio and the market

c)      Dearth of time to comply - financial institutions find it challenging to modify products or processes in a short span of time in order to comply with regulations and non-compliance results in huge fines and sanctions

d)     Lack of visibility and traceability – demanding to stay abreast on how regulatory changes are tracked, reviewed and applied into business

e)     Losing top management talent – senior management are exposed to stringent scrutiny and legal actions due to non-compliance and hence, prefer moving to less risky positions

In order to address regulatory issues for financial institutions, RegTech startups have been contributing in the entire FS value chain starting from customer onboarding right up till regulatory and management reporting. Below are some of the key areas of contribution:

a)      Onboarding (Identity Verification, Background Check, Customer Due Diligence, Know Your Customer, Anti-Money Laundering, Counter-Terrorism Financing)

Accura Scan, an Indian RegTech startup claims to enable customer onboarding in 10 seconds. It uses facial biometrics and Artificial intelligence for customer liveness check and Optical Character Recognition (OCR) to read through and verify the uploaded document of any language or country origin. Finally, it uses Machine learning algorithms for a quick background check before on-boarding the customer.

IDfy, is another Indian RegTech startup, which provides Digital KYC, Video KYC and Background Verification services. IDfy’s seamlessly integrable Application Programming Interfaces (APIs) and Software Development Kits (SDKs) ensure proper capturing of digital documents and auto-filling forms using OCR, hence, saving time and avoiding human errors; Validation APIs check for any tampering using machine learning and Verification APIs run real-time checks to cross reference various public and government databases for customer identity authentication. FaceMatch and Liveness APIs further authenticates customer’s liveness. APIs also help in masking sensitive data of customers in order to comply with regulatory requirements.

b)     Monitoring, Detection and Risk Management (Transactions and Communications Monitoring, Process Tools and Control, Risk Investigations, Fraud Management)

SteelEye, a UK based RegTech firm, provides an intelligent data analytics platform which unifies different data sets like record keeping, transactions , communications etc. and brings it to one compliant platform where they are compared with market reference data, checked for any suspicious activity using advanced algorithms and Artificial Intelligence and flagged in case of any unwanted emerging trend. Hence, it helps firms to meet their regulatory obligations timely and cost-effectively.

ThetaLake, a US based RegTech firm, leverages Artificial Intelligence, Natural Language Processing and Deep Learning technology to find compliance risk in audio, video and collaboration chat content. It addresses a major communications monitoring issue with legacy system where all the communication is simply stored and requires a person to parse through the entire content to find potential risks, making it a very time consuming process. ThetaLake can help in redacting certain types of personal information in communications, walk a compliance professional through a call recording, specify the exact time where potential compliance risk might have happened, all while providing the professional to control and apply human judgement.

c)      Data Governance (Knowledge Management, Consent Management, Data Management)

Allatus Unity, a Scotland based RegTech firm, provides data governance solutions that uses Machine learning to recognize overlap between reports and data ingredients to streamline and reduce the interpretation effort in regulatory reporting. Hence, it helps financial institutions to better deal with siloed data stores copied from the same sources, producing different reports on same topics, with the knowledge being lost in emails, spreadsheets and employees’ heads.

Trunomi, a UK based RegTech firm, provides a distributed ledger technology driven solution with its patented Consent and Permissions engine to enable financial institutions to use data rights to empower their customer relationships and drive trust without ever seeing or storing any data and complying with privacy regulations. Customers of the financial institutions are provided with a personal data rights portal to control what information is stored, why it is stored, for how long and how their data is being used by the financial institution.

d)     Compliance Management and Regulatory Reporting (Reconciliations, Audit, Accuracy and Stress Testing, Tracking, Reviewing and Reporting)

Ascent, a US based RegTech firm, provides AI-driven solution to provide a feed of regulatory changes as per the customer’s product portfolio, eliminating the need to sift through different sources and hence, saving time. It helps track the transfer of changes between departments and facilitates change review by team members.      

Kaizen, a UK based RegTech firm, has a product offering named ReportShield which helps assessing the quality of data being reported to the regulator through accuracy testing, identifies and reports all the errors, evaluates amount of over-reporting / under-reporting / duplicate reporting. It also provides reconciliation services to ensure completeness of regulatory reporting by comparing data in the company’s core system with the data reported to the regulator.