The technology discourse in financial services has most recently been dominated by fintech. However, interest in regtech is growing.
Regtech is generally recognised as technology that addresses a regulatory challenge faced by a financial services provider, including monitoring, reporting and compliance obligations. It often uses automation and machine learning tools to simplify processes and reduce cost, time and effort.
There is a head of steam building around regtech that's driven by the confluence of interest from regulators, large and small banks and fintech providers.
Regulators have long been protagonists of innovation as a means of finding the most practical and efficient solutions to obtain information and protect the interests of consumers. The FCA launched FCA Innovate in October 2014 and has run several technology-focussed initiatives, including a series of problem-focussed Tech Sprints to encourage a collaborative approach to regulatory issues. More recently, the FCA issued a Call for Input on using technology to achieve smarter regulatory reporting, which it will report on later this year. These initiatives offer banks and fintech providers the space and support to provide their views and develop viable, compliant regtech solutions.
Banks are interested in regtech because of the potential win-win of saving costs and automating complex tasks to achieve more accurate and reliable results. For challenger banks and neobanks, there is also the opportunity to set up scalable regtech solutions at the start of their growth curve. Larger, more established banks generally have more challenges with migration from their legacy platforms and solutions, but the savings and efficiencies from regtech may still be substantial.
As far as fintech entrepreneurs are concerned, the more potential customers who are interested in regtech and the more of a role it has to play in the future of financial services regulation, the greater a market there is for their products and services. The current growth in interest is likely to be mirrored by more fintech investors looking for good regtech propositions that require early-stage funding to help bring them to market. Providers and investors alike will be keen to build market share while the market is still relatively open and opportunities are far and wide.
There are several related use cases for regtech, for which there are already live service offerings as well as the potential for more market developments.
A key growth area is the automation of regulatory reporting. Regtech intends to solve the problems caused by multiple data sources, systems and errors arising from manual review. A regtech solution can search multiple data sources and compile reports that are comprehensive, coherent and standardised. Not only does this save considerable time and effort for banks, freeing up people's time to concentrate on more skilled and value-added tasks, but standardised reporting is a lot easier for the regulator to analyse.
Another area that is ripe for innovation is identity verification and Know Your Customer checks. Regtech solutions can be used to verify identities in accordance with regulatory requirements while cutting out manual processes and flagging checks for review by exception only. This makes the whole process more streamlined, benefiting the bank and its customers.
More broadly, the analysis of big data – including via open application programme interfaces (APIs) and using solutions developed under the second EU Payment Services Directive (PSD2) – presents the opportunity for banks to obtain a more holistic view of their customers. This allows banks to demonstrate that they have taken appropriate steps to identify risks and make customer decisions appropriately. For example, account information service provider (AISP) services now allow customers to give permission to banks to release account information to the AISP, which can be analysed as part of credit scoring and lending decision making. This can be done in real time and offer a more sophisticated view of the customer's financial position than a traditional credit check, enabling the bank to make more prudent decisions.
Lastly, regulators themselves are looking at regtech to assist with their role in managing industry risks and digesting large volumes of data and reporting information. Regulators will see numerous further opportunities to use regtech to enhance their own internal processes and improve how they receive and provide information to those under their supervision.
The launch of Open Banking in the UK and PSD2 across the EU in January 2018 heralded the start of a new data-driven era in the banking industry.
Under the Open Banking regime, the nine largest current account providers in the UK (the CMA9) are mandated to give access to customers' banking data through secure open APIs. More bank account data is available to providers who register as AISPs or payment initiation service providers (PISPs) under PSD2. Developers must be mindful of data security risks, GDPR compliance requirements and the need to win customer confidence in new solutions that are heavily reliant of sharing large volumes of data. Provided they can do that, we can expect that the data available via Open APIs will be utilised by tech entrepreneurs to develop the next wave of regtech propositions.
While it is difficult to plot a specific course for regtech over the next few years, all signs point towards a growth in interest, investment and the number of regtech services battling to secure market share. Many of the use cases for regtech are already well established, but we can expect the pace of change to increase, including the launch of new service offerings and growing customer interest from large and smaller banks.
This article was first published by FinTech Futures.
This publication is intended for general guidance and represents our understanding of the relevant law and practice as at August 2018. Specific advice should be sought for specific cases. For more information see our terms & conditions.
On 12 October 2018, the FCA published a Guidance Consultation (GC 18/4) on the Senior Managers and Certification Regime on statements of responsibilities (SoRs) and responsibilities maps (which apply to enhanced firms).