regtech fintech


Beware: Siri, Alexa and Watson will soon be watching you. Artificial intelligence, machine learning, biometrics and blockchain are just the first seeds of a revolution that will take us into an era of robo-regulators and smart regulation. Sanne Wass reports on a future that is closer than we think.


She’s nothing like an ordinary compliance officer; even the smartest Oxford graduate would not stand a chance against her. She knows 70 languages, and it takes her just a few minutes to investigate thousands of websites, documents, reports and legal records.

“She” is a computer programme – one that replicates the intelligence of a human being to help banks with their regulatory requirements.

We’re in London’s Canary Wharf, where Tapan Agarwal, product council head at iGTB, is about to demonstrate the company’s DDIQ engine – developed by OutsideIQ – which uses artificial intelligence (AI) to undertake due diligence.

The engine knows exactly what to look for. It’s programmed to think like a financial crime investigator, using natural language processing tools combined with machine learning techniques to automatically expose bad actors and potential risks.

“We had a case study with a large private bank in the US which was under regulatory pressure to complete due diligence on a large set of its private customers,” Agarwal says. “If the bank were to do it with its own team and software, it would take an estimated 12 months, whereas with the DDIQ it was able to complete the task in one month.”

iGTB is among the growing number of companies that are seeing the huge opportunities in offering technology to help banks cope with the tsunami of regulation that has hit them since the financial crash of 2008. Welcome to the world of regtech, or, for those less familiar with the new buzzword, ‘regulatory technology’ – often referred to as the ‘little brother’ of fintech (financial technology).

“In the last year, we have seen a lot of interest,” says Agarwal, whose clients include both big and small banks globally. “The market acceptance has matured. People have more faith in artificial intelligence.”

On the other side of the Atlantic, the interest in regtech has similarly taken off in the past year, including from private equity.

“We, as venture capitalists, started to get phone calls from large consulting firms saying that their clients were begging for solutions but they couldn’t find any,” says Michael Meyer, partner at Middlegame Ventures, a US-based fintech venture capital firm. “About a year ago, we could only find 26 companies in the world identifying as regtech companies. Now the list is up to about 160, but that is still a very small amount, considering the large demand.”

Technology to resolve regulatory issues and manage compliance risk is more in demand than ever before. According to Thomson Reuters, the annual volume of regulatory updates increased by 492% from 2008 to 2015. JWG, a London-based think tank that focuses on financial regulation, has estimated that over 300 million pages of regulatory documents will be published by 2020. To meet the growing requirements, big banks have thousands of compliance officers on staff and spend billions of dollars on regulation and compliance every year.

“The industry is beginning to wake up to the reality that the pace of regulatory change is not stopping,” says Elliot Burgess, JWG’s head of product. “There’s a new normal, where regulation is constant, and firms are now waking up to the fact that they need to have robust technologies in place to deal with it.”


Old word, new wrapping?

Despite all the recent hype, regulatory technology is nothing new. “Innovation has been happening in financial services forever, and we’ve always had regtech in some way,” says Meyer. “But we are now talking about tools like AI, machine learning and cognitive computing. There’s an opportunity for these cutting-edge tools to be used to accelerate and make the regulatory oversight process much more efficient.”

The enthusiasm about regtech is understandable. Most sources that GTR spoke to for this article agree that the advanced tools could in fact revolutionise compliance, an area dominated by huge manual and mundane processes that machines can do not only faster, but also better than humans.

This is especially the case in the trade finance space, which has historically been characterised by paper-heavy processes, the replication of work across institutions and jurisdictions, and the ineffective use of transaction and counterparty data in risk identification.

Now, AI, machine learning, biometrics, computer vision, blockchain, cloud computing (and so on) can help firms with anything from streamlining know-your-customer (KYC) processes and conducting efficient due diligence, to monitoring transactions and detecting suspicious activity to meet certain anti-money laundering (AML) and counter-terrorist financing (CTF) regulations.

As a recent example, HSBC, for one, rolled out a mobile app last year using biometrics, which allows clients to supply identification and address verification via selfies and photos rather than going to a branch.

“It’s best for the customer because they are able to do it immediately, and also offers improvements in spotting fraud. It can compare the passport against known government templates and do a facial algorithm match and liveliness test against the selfie,” says Richard Davies, HSBC’s global head of propositions, commercial banking.

Another role for regtech is helping banks automate regulatory reporting, as well as the daunting task of reading and understanding the hundreds of new regulations that come in every week.

IBM, for example, recently entered the regtech space after acquiring compliance consulting firm Promontory Financial Group in November last year. Together, the companies have trained IBM’s cognitive computing platform Watson to crunch complex legislation and compliance materials, so it can now help process and interpret new regulations as they are created, and decide on the implications.

“The interest has been tremendous,” says Marc Andrews, vice-president at IBM’s Watson Financial Services Solutions. Having met with a range of international and regional banks to promote Watson’s new capabilities, Andrews says he has seen “a lot of variability” when it comes to the adoption of regtech.

“What we are seeing is that there are a couple of banks that are very forward-thinking, starting to apply some of these techniques and capabilities. But even those are more at the experimental pilot stage. There are a lot of banks that are in the thinking stage. And then, frankly, there are some banks that are somewhat far behind, still just trying to catch up and address the specific regulatory rules,” he says.


Regulators in the game

Despite being in need of assistance, many financial institutions are still hesitant when it comes to embracing new regtech opportunities.

“The preliminary state of the regtech market means that no dominant, widely used solutions have yet emerged,” says a report by the Institute of International Finance (IIF) published last year, adding that international financial institutions are “often still unfamiliar with new regtech solutions due to their [the solutions’] short history”.

According to a recent article by Deloitte, the majority of regtech firms are still in the start-up phase and no older than three years, and although there is strong potential for the market, there is still “a long way to go before many of the regtechs have built up enough reputation to really get to the movers and shakers of the financial industry”.

IIF also emphasises that the regulators themselves could act as a barrier preventing the regtech movement from fully taking off. “Uncertainty over regulations and the stance of the regulator are making firms cautious about rolling out regtech more widely,” it says.

Undoubtedly, regulators play a crucial role in the promotion of regtech. “A regulator should be progressive and work with innovative ideas and companies, and allow the regulations to be flexible within a safe sandbox environment, giving space to test the ideas and the technology,” says Vic Arulchandran, COO at Nivaura, a tech start-up developing a platform that uses automation and blockchain for the issuance, execution and administration of financial products.

Some regulators are already starting to pay attention to growing regtech enthusiasm. Nivaura, which has already been part of three accelerator programmes, including those of Microsoft and Accenture, is now one of the first technology companies that, over the past five months, has been testing its solutions as a part of the UK Financial Conduct Authority’s (FCA) regulatory sandbox, and received regulatory approvals.

With the FCA sandbox, which debuted in 2016, and other initiatives, the UK has taken the lead in proactively supporting the development of new technologies that can help firms meet regulatory requirements.

“Our direct experience with the FCA is that it is very progressive, open to listening, adapting and moving with the technology and potential changes in paradigms,” Arulchandran says.

Other countries, including Singapore, Hong Kong and Australia, have followed suit, creating dedicated spaces where financial services companies are encouraged to test new fintech products without regulatory consequences.

The new interest from the regulators goes beyond promoting start-up culture and making bankers’ lives easier.

IBM’s Andrews says that when the company first started working in the regulatory field, it reached out to regulators, who were intrigued by the technology for their own use. “Part of the initial discussions were around trying to gain their support for applying these innovative technologies. However, as we shared those approaches with them, they started turning back, saying this is something that we could potentially leverage internally,” he says.

If you aren’t thrilled by the prospect of regtech just yet, this is where things start to get exciting. According to a journal paper by researchers at the University of Hong Kong and the University of New South Wales (UNSW) in Australia: “Regtech represents more than just an efficiency tool and rather is pivotal change leading to a paradigm shift in regulation.” The paper argues that regtech could facilitate a transition to another type of regulatory model altogether.

Imagine the regulator being able to continuously access and monitor compliance data on a real-time basis, thus completely changing the dynamics of the relationship between banks and regulators. In this way, regtech could not only enable the regulator to identify and manage risk effectively but also launch preventative measures rather than taking enforcement actions after a compliance breach.

For Nivaura, for example, the intention for its platform is to give the regulator direct access to monitor financial activities on the blockchain. The solution also allows for a much simpler regulatory framework.

“We are showing that our novel use cases don’t easily fit into the current regulatory framework, and will challenge particular regulatory rules and safety measures put into place during a time when certain technology was not available,” Arulchandran says. “Some of these rules may even be invalidated.”

Further down the road, one could even envision regulation being written directly into a computer code, explains Burgess at JWG.

“I think we will see the adoption of regtech solutions to address challenges within the firms initially,” he says. “The second step will then be, how can the regulators leverage that. As the technology becomes adopted, regulators may have to change the way in which they circulate, create and publish regulation.”


Smart regulation and robo-regulators

While we’re at it, let’s continue a few steps ahead into what may seem to many like complete fantasy.

“In the very distant future, imagine an AI detecting an issue immediately, and potentially reporting it, fixing it, and even in some cases ensuring it doesn’t happen again,” Arulchandran says. “Less regulatory oversight would be needed in certain places.”

Meyer at Middlegame Ventures says it is not unlikely to imagine a machine-governed regulatory world in the future, 10-plus years from now, where certain regulatory decisions are automated. This could involve smart contracts pre-negotiated between a bank and the regulator, enabling some compliance requirements to change automatically based on real life events (such as another Brexit or a stock market crash), and thereby creating a more dynamic regulatory control.

“That’s a vision that will make lots of people nervous,” Meyer says.

There are obviously many questions to be answered before we let Watson, Siri and Alexa take over the regulatory space. Is principle-based regulation even fit for machines? And who is to blame if something goes wrong?

But before we start imagining the world of smart regulation and robo-regulators, it may be worth taking a step back to reality.

Looking at banks’ spend on compliance, nothing is, as of early 2017, indicating that it is even close to taking a downward turn.

At HSBC, for example, Davies says the bank has been adopting regtech solutions since late 2014. Yet, the bank’s total amount spent on compliance and regulation was at US$3bn in 2016, up US$0.4bn from the year before.

Davies says it’s a “simplistic statement” to say that regtech can help cut staff and costs, emphasising that HSBC’s main focus is on making compliance processes more convenient for the customers, rather than cutting staff. For example, the bank’s new mobile app to onboard clients is only a supplement to the human workforce, as a member of staff will still be checking the photos provided.

Andrews at IBM also admits that regtech may not be as much about cutting staff as it is about being able to focus human attention back to revenue-generating activities, while creating better stability and security in the financial markets. “No bank I’ve ever talked to thinks that we will get to a point where it’s completely automated machines making the decisions, but most of them are hopeful that they can get to a point where they can dramatically reduce the busy work and focus on the high-value critical business decisions,” he says.

It may be a question of time before the banks start capitalising on regtech. No doubt, 2017 will see the market for regulatory technology evolve, while gaining more attention from banks and regulators. The first seeds of the regtech revolution have been sown.


Regtech and trade finance

Compliance and regulation are the biggest barriers for access to trade finance according to over 90% of banks surveyed for the International Chamber of Commerce (ICC) Banking Commission’s latest annual review. As such, regtech certainly has huge potential to disrupt the sector. Advanced analytics such as big data and machine learning can help banks better identify risk and meet KYC and AML regulations, while smart contracts and blockchain will also play an increasing role in the way banks manage compliance.

GTR takes a look at some important regtech trends in the trade finance space:


Transaction monitoring

AML, CTF and sanctions regulations demand the monitoring and reporting of transactions to regulators, and for banks to identify and flag suspicious activity. Big data and machine learning platforms, which allow for large data sets to be analysed to reveal patterns, trends and associations, can enable banks to monitor transactions in real time, helping them identify unusual activity and prevent fraud.


Due diligence

KYC regulations require banks to gather information relevant to assessing client risk profiles. Big data and natural language processing tools can help undertake due diligence by aggregating data from sources across languages and jurisdictions, including government agencies and public record keepers, credit bureaus, utilities, consumer marketing firms, mobile service providers, etc.


Computer vision

Trade finance is an area that has traditionally been difficult to monitor because transaction and counterparty data is hard to come by. “Within trade finance, much of the information that the banks currently store in their systems is very limited, due to the kind of paper-based trade documents that support a transaction,” says Michael Lee, director in Deloitte’s enterprise risk services practice. “The next step in the banks’ artificial intelligence journey is to start using better computer vision to then enable automatic transcription of data and start incorporating that into their risk detection systems.”

Computer vision can interpret trade documents such as letters of credit and bills of lading, and, combined with the growing use of smart contracts and the internet of things (IoT), can increase the amount of data available to better assess risk.


Smart contracts/blockchain

As the technology evolves and becomes more commonly applied in the trade finance space, blockchain could increasingly help banks automate compliance aspects too. If all transactions were to be documented via smart contracts on a distributed ledger, a comprehensive, precise and permanent audit trail would exist for regulators to access and monitor on a real-time basis. “There have been several releases of the use of blockchain within trade finance. But in terms of its use to support specifically the regulatory side of things, that is very much in its infancy,” Lee says.


Shared utilities

Banks are already using KYC utilities, namely repositories in which multiple institutions store and share customer due diligence information in a single platform. “The last three years there has been activity on this front to try and push industry-wide solutions,” Lee says. “There has been varied uptake. The KYC utilities have had quite limited success to date, but the concept is good.”

Shared utilities, via for example the cloud or blockchain, wouldn’t just be limited to KYC: they have the potential to store the processing and documentation of other compliance requirements, such as payments monitoring. “In a trade transaction, the activities such as the transaction monitoring or customer due diligence are often duplicated across financial institutions,” Lee continues. “If you can create a controlled environment where that activity is only performed once, that would be a paradigm shift in terms of cost effectiveness. If the industry wants to adopt this, there will be significant advantages, but there is still some way to go to reach this point.”


Read more about regtech:

Regtech could save banks £2.7bn on AML compliance

Swift announces new regtech solution to combat fraud

Fenergo: the Irish fintech making hay from regulation