Regulation is changing at the fundamental level as it moves from the notion of KYC (Know your customer) to KYD (Know your data). This change is emanating from the fact that we are moving from a system where we regulate people to one where we will be regulating data that involves processes, automation & algorithms. RegTech is trying to play catch up with the startups in this new tech dominant economy. This transition would mean for the regulators to have a different mindset as well as the skill set to perform their job efficiently. We will be looking at comparing the elements that will bring about this transition but before that, let’s review a couple of major changes that will need to happen on the regulatory side.
From the regulatory mindset perspective, they have to realize that “technological neutrality” is not a starting point anymore — this concept has been very important to regulators over the years to prevent them from chasing any new technology but with the technology cycles getting shorter & shorter, this theory does not hold anymore. Let’s put this into perspective — every time the technology changes you go to the regulator & ask for a suggestion on an authorized technology, the regulators are going to get overwhelmed with such requests. Therefore, they will be shifting their focus on what you as a customer are trying to achieve with the automated process involved & make sure that process is compliant & not worry about what technology was used to achieve this. This, however, can become a problem if the regulators don’t understand how the algorithms & automation of the products work at the code level. They need to be able to understand how the data is being used at this level to perform their role of consumer protection, financial stability & market competition.
Human Capital 👦 👩
The other core change will be bringing about new team members to the regulatory team to better perform their functions as regulators. The most important addition in this regard would be of Data Scientists. Just like the Financial institutions & Technology companies, the Regulatory authorities will keep on adding more data scientists to their team as the need for handling a bigger volume of data increases.
As the RegTech space continues to evolve, we are going to see a fundamental shift in how regulation is done today with how it will take place in the future. Let’s look at a comparative analysis:
⮚ Consumer Protection → Data Protection: The current model safeguards the clients by making sure that their money doesn’t get lost or misappropriated. With the new precious commodity being the data, which can be used by the consumer to take a financial decision or from a monetization perspective, the security & privacy of their data would become paramount.
⮚ Capital Regulation → Algorithm Sandbox: Companies have capital control requirements in place currently to mitigate the risk but going forward it’s going to be about algorithm compliance involved in the process automation. Regulators will be doing due diligence on the automated system before it is allowed to operate in the market.
⮚ Financial Stability → Financial Networks: While the previous emphasis on the financial stability of an organization is important it doesn’t encapsulate the dynamism of the current & future technology-driven financial systems, connecting companies & individuals. Therefore regulating a financial network would become more important.
⮚ Prevent bad behavior → Promote good behavior: A Major positive development following the financial crisis has been the Preventing of Conduct risk, companies have still been able to find their way out of reprehension by utilizing loopholes in the current regulatory regime. Going forward regulators can set a system in place where good behavior is reinforced & rewarded to strengthen the quality of financial networks.
⮚ Re-active → Pro-active: Traditionally, Regulators have taken a reactive approach to fix problems & we saw the manifestation of this in the last financial crisis when safety valves were put in place after that fact. However, with the speeding up of technological changes, the reactive approach is quickly becoming redundant. Regulators will need to be forward thinking on how the FinTech environment will change tomorrow so they can be prepared for it today.
⮚ Reporting compliance → API compliance: Currently, the financial institutions are sending reports to regulators about specific questions. A common question being asked of the financial institutions by the regulators has been the impact of FinTech companies on their businesses. This question has therefore changed the behavior of the financial firm on how the technology is impacting their business model, the current reporting process becomes tedious & cumbersome. A better way in the future would be the process of API (Application Program Interface) compliance where the regulators can pull the information directly from the financial institution to analyze the shocks from external factors like FinTech. This would allow regulators to supervise firms without inducing a change in their behavior or wasting time.
⮚ Licensing barriers → Deep Learning barriers: Financial markets today are regulated by the number of licenses issued to operate in the space as financial institutions. For example, only firms with banking licenses can operate as banks. Come tomorrow, the barrier to entry will be the quality of the algorithm used in the automation of the processes by the financial institutions or technology companies. Data gathering based on the algorithm would be incredibly personalized & the customization and individualization, which will eventually represent the experience barrier to entry.
The New regulatory model takes a major deviation from the traditional paper-based, time intensive & tedious process to a technology-driven Plug & Play solution (e.g SaaS applications) for all the emerging companies in the Fintech arena, where they can figure out & ultimately address their regulatory woes. RegTech promises to disrupt the regulatory landscape by presenting software-based solutions – something like an online tool that monitors the transactions in real-time. This RegTech tool would not just adhere to compliance guidelines while monitoring transactions, but also work as an early warning system to spot irregularities, potential threats & fraudulent transactions in the digital payment universe. The real-time reporting of these problems to the FinTech companies would also mean that the problems can be rectified in a timely & efficient manner.
Realizing the growing importance of RegTech, the funding to this space has increased manifold over the past few years. 2017 saw the tripling of the investment of the previous 5 years to $1 billion while 2018 promises to comfortably run past this number with more than $500 million invested in the first quarter alone. Dozens of promising startups have emerged over the past few years presenting a wide array of RegTech solutions. Companies now have the choice to select the right suite which is tailor-made to address their unique challenges. According to recent research from Deloitte Consulting there are a total of 263 RegTechs serving areas of Regulatory Reporting, Risk Management, Identity Management & Control, Compliance, and Transaction Monitoring. They have created a small database of all these companies, which they intend to update on a regular basis. Pretty handy resource. 👍
With the disruption of the traditional business models and the growing complexity of the regulations associated with the emerging technology companies, the investment in the RegTechs has to play a catching up game to meet these new challenges & technology will take care of the rest.