In his 2016 state of the union address, Barack Obama famously said “Food Stamp recipients didn’t cause the financial crisis; recklessness on Wall Street did”. Since 2008, regulators have been trying to plug the gaps which caused the crash by using two main approaches; massive fines and masses of new regulation.
The implications of the fines are clear enough, with calculations running up to over $300bn globally since 2008. While this is a pretty big stick with which regulators have sought to punish the industry, in many cases it is actually the reams and reams of new regulation which has caused a bigger problem. While it has been drafted with the best intentions of correcting poor behaviours and protecting consumers, the regulation is all too often longwinded, technical and lacking in clear and measurable outcomes.
In order to deal with this outpouring of good intentions, global FS firms have hired in hundreds, and in some cases thousands, of additional risk and compliance professionals. One of their key jobs has been to support the enormous translation exercise required to make sense of what the new regulation means for their businesses.
Thankfully, relevant technology has made great strides over the past few years. Taking a lead from translation services like Google Translate, firms are now looking to utilise the various technologies associated with Artificial Intelligence to translate the language of regulation and compliance into something more easily understandable. Many of these firms have badged themselves up as RegTech companies.
At Altus, we define RegTech solutions as being those that either solve challenges associated with a particular highly regulated activity, or solutions which improve the management and implementation of compliance within businesses. So in its broadest sense, everything from identity management solutions and reconciliations software through to advice process management and risk and control framework software. Importantly, understanding what the regulator requires of you is at the heart of all of these areas.
The first step for firms is to be able to reliably collate the requirements which relate to them. With regulation coming from the FCA, PRA, TPR, HMRC, HMT, EBA and ESMA to name but a few, there are a multitude of acronyms to keep your eye on. All of these organisations have different publishing schedules and approaches, which result in a big overhead for financial services firms.
Luckily a number of technology providers are looking to include functionality into their systems that monitors and consumes the output of these organisations. This gives firms a central repository of documentation that relates to their businesses. This monitoring has been enabled by the regulators themselves becoming more consistent in their output. The FCA for example, publishes all of its new consultations and discussion papers on a central searchable web page. The collection of handbooks is also available as a set of time stamped data which means that solutions can be built which rely on this data structure and availability.
By building automated systems which crawl these web pages and data sets, technology firms are building self-filling and self-maintaining repositories of regulatory data, which can be varied based on the types of business firms operate and therefore the regulators they are covered by. By having a consolidated set of data with the noise removed, the onerous task of “regulatory watch” can be reduced and much improved.
Having all of the regulation in once place is useful, but for many firms, one of the biggest tasks is to read it and understand what is being asked of them. Because of the complexity of most regulation, this isn’t a job which is easily resourced. Regulation policy teams, staffed with qualified compliance professionals, are typically responsible for this activity but even with expertise, the process is a slow and manual one. Large consultation papers and completely new pieces of regulation can take weeks to digest in order to understand the true complexities of what is being asked of firms.
The impact of this can be seen clearly in the hiring profile of Financial Services firms. Big banks have been upping the number of people in their compliance departments by up to 500% which has resulted in costs for compliance teams rising dramatically. Risk and compliance now takes up a significant portion of the overall cost base of financial services firms.
Firms are trying to use technology to circumvent this approach. Specifically, they are looking into using a couple of techniques from the Artificial Intelligence canon, Natural Language Processing and Supervised Machine Learning. NLP technologies take the free form text contained within regulatory documents and convert it into machine and human understandable content. They then go through a process of key word extraction, sentiment and key point analysis and categorisation. Compliance professionals can then review this focussed output, clarify exceptions and provide feedback on where the system was right and wrong. This aspect forms the basis of supervised learning and allows the algorithms within the system to learn what good and bad outcomes look like, and use this information to improve their future performance.
Of course, understanding the scope of the regulation is one thing, but for many firms, the biggest pain point comes next. Most compliance staff aren’t necessarily aware of the detail and restrictions of operational processes or technological systems. In most regulatory change programmes, there is a stage of impact analysis whereby the change function works collaboratively with the compliance team to understand the business context and required changes in order to meet compliance.
Unfortunately, the change function is all too often focussed solely on the change at hand, and not the wider organisational context. This usually results in the impact analysis work required for a piece of regulation being essentially throw-away, as it doesn’t have a balanced and logical base which can be used again for a different project.
In order to solve this challenge, what is needed is a translation of the actions required from the regulation, which is attached to a framework which exists within the business, which is agnostic of the change project, and provides a consistent view of the entire business. This should be used to build a common language and understanding needed which can get change to work more effectively. If this framework is effectively linked to the policy owners in compliance, the project leads in the change function, and the business heads in the operations function, all stakeholders can be kept abreast of the requirements new regulation is bringing and the impact this will have on their teams.
For forward-looking Financial Services firms, there are huge opportunities to improve the way compliance works within their businesses. By working with RegTech start-ups to improve internal processes and automate cumbersome translation work they can ensure that their team of compliance professionals are focussed on higher value work. Firms who embrace this new way of operating will see drastic decreases in the cost of managing risk and compliance in their businesses and those that don’t will struggle to keep up in tomorrow’s market.