Regulatory technology is primed for massive growth as it helps financial institutions maintain compliance
The financial sector has seen significant upheaval in recent years with the rise of fintech startups and banking services challenging traditional financial institutions and leading customers to rethink how they manage their finances. Such disruption necessitates new regulation, an aspect of the financial industry that is already both time-consuming and costly. This has set the stage for regulatory technology (regtech) to become a driving force in the financial sector, benefiting both legacy institutions and startups.
What is Regtech?
Bloomberg estimates that by next year, the global market for regtech will reach $118.7 billion, making it one of the largest areas of growth in the financial sector. What makes regtech so special? Typically a cloud-based computing service or SaaS technology, regulatory technology offers quick and inexpensive solutions for companies that need to stay abreast of the changes in regulatory oversight and maintain compliance to avoid heavy fees.
In a sector where 15 percent of employees work in compliance, assistance with regulation is always welcome. Regtech meets the needs of financial institutions regarding ever-increasing regulatory demands, providing them an efficient way of maintaining five key areas: compliance, monitoring transactions, addressing identity concerns, regulatory reporting, and risk management.
Identity protection and verification is one of the chief concerns among financial institutions of any size, particularly concerning KYC (know your customer) and AML (anti-money laundering). Failure to use best AML or KYC practices can be devastating, costing hundreds of millions of dollars in fines. PassFort is a regtech company that allows institutions and startups to collect and store data, digitizing the customer onboarding process and allowing for the easy monitoring of transactions.
Similarly, services such as those provided by Trade Informatics combat money laundering through trade counterparty risk management, data analysis, and time-stamped audits. Identity concerns are of such importance that nearly a quarter of all regtech companies focus on these issues.
One consequence of the 2008 financial crisis was the implementation of more regulations for financial institutions. With constant changes in the world of finance, regulations are frequently changed and updated. Keeping track of such developments when dealing with multiple regulators has been a major challenge for companies over the past decade.
Regtech companies such as Continuity and 8of9 automate compliance by compiling data and monitoring processes in order to issue regulatory alerts when necessary. Companies have employees freed up to work on other projects without risking the fines associated with falling out of compliance due to regulatory changes.
Part of maintaining compliance is the submission of regulatory reports. Such reports merely consist of raw data which regulators can then examine to determine whether or not a financial institution is in compliance as well as to assess the financial health of the institution.
Another aspect of ALM and KYC procedures is monitoring transactions. Failure to use proper practices in this regard can lead an institution to unwittingly enable fraud, the funding of terrorism, money laundering, drug trafficking, or human trafficking. Such errors can not only lead to massive fines but can be irreversibly damaging to a company’s reputation.
Transactions must be monitored to verify the identity of the parties involved in the transaction as well as the controllers of companies involved, where the funds and the overall wealth of the parties originate, and the location of the transactions. Feedzai and Identity Mind are two regtech companies that focus on helping clients find AML and KYC solutions through the use of big data, AI, and machine learning that provide real-time transaction monitoring.
Across the financial sector, risk management has always been a major concern. Increased digitization of financial data has only made effective risk management even more of a necessity. With regards to regtech, risk management not only involves assessing cybersecurity risks but also the financial risk of falling out of compliance.
Different risk management regtech firms may focus on different aspects of threat detection and prevention. For example, Corylitics analyzes regulatory notices from around the world, rates the risk for individual firms, and helps them prioritize which areas need immediate attention. On the other hand, ObserveIT focuses on monitoring user activity to mitigate insider threats, claiming that 60 percent of cyber attacks are carried out by people already at financial firms.
Regtech is a rather large umbrella term that covers a variety of services. Clearly, some services provided by different regtech companies are more appropriate for certain financial firms based on their size and focus. Most banks and fintech companies will have to choose a few different regtech services and have them each integrated into their systems to meet all of their regulatory needs.
One thing appears certain, as more regulatory changes and demands are made, there will be a constantly growing market for the regtech startups that continue to emerge.