Demystifying regtech

Arnaud Picut is global head of risk practice for Asia-Pacific at Finastra.
Arnaud Picut is global head of risk practice for Asia-Pacific at Finastra.

The ever-growing complexity associated with the regulation across all aspects of banks’ activities has led to an urgent need for technology solutions to aid compliance. Regtech has also been integral to financial disruption by allowing newcomers such as telecom companies, food chains, and others to capture retail clients during the onboarding phase and convert them into banking clients.

The heralding of regtech has been compared with the fintech movement but there are important differences. Its cloud-based platform creates an open ecosystem which brings in multiple parties to help manage and develop solutions which moves regtech from a monolithic onsite implementation to cloud-based micro-service. As such, this particularly has implications for banks’ technology architecture and business models.

Regtech covers a wide range of functionality across multiple regulations that are at various stages of maturity. Because of the scope and impact of the rules, banks need to take a wider perspective than simply considering individual regulations and the specific regtech tools for them. Although the immediate goal is compliance, ultimately regtech is about a cultural shift in the organization and a new agile architecture that is responsive not only to regulatory change, but also to business challenges.

In order to understand the regtech universe, it is helpful to imagine three basic dimensions: the type of regulation addressed by the solution, where in the lifecycle of the regulation it is designed to be employed and the local region-specific dynamics for implementing regtech solutions.

Types of regulation
There are three broad types of regulation: non-financial (e.g. market abuse, data protection, anti-money laundering), financial (e.g. accounting, capital adequacy and exposures), and competition and market (e.g. barriers to entry and account switching rules).

Non-financial regulation
Non-financial regulation encompasses rules regarding conduct, consumer protection, compliance with procedures and laws, and some forms of operational risk. Examples include the EU’s Market Abuse Directive (MAD) and General Data Protection Regulation (GDPR), the US’s Foreign Account Tax Compliance Act (FATCA), and global anti-money laundering (AML) and know your customer (KYC) regulations.

Financial regulation
This stream is the traditional body of rules that banks must follow and report on and includes accounting, capital adequacy, positions and exposures, and settlement. Examples are the International Financial Reporting Standards (IFRS), Common Reporting (CoRep) and Financial Reporting (FinRep), Markets in Financial Instruments Directive (MiFID), Fundamental Review of the Trading Book (FRTB), and Central Securities Depositories Regulation (CSDR).

Competition and market regulation
Newest on the block is the set of rules that aims to reduce barriers to entry for new competitors, making it easier for customers to compare cost and value, and facilitating the switch to alternative providers. Examples include the EU’s Payment Services Directive (PSD), Single Euro Payments Area (SEPA), and best execution and account switching rules.

Where regtech fits within the regulatory lifecycle
The response to regulation goes through a series of phases and associated solutions – inception/manual, tactical, strategic, and, in some cases, standardization and utility solutions. Non-financial regulations are largely in the manual and tactical phase. Financial regulations are the most mature and responses are moving towards strategic solutions. Competition and market regulations are the newest and the industry is in the early phases of response.

Although meeting compliance deadlines is the immediate goal, banks should look to move on from manual and tactical solutions to strategic approaches as soon as possible. They should aim for an agile systems architecture that can handle present and future regulatory requirements, while bringing business benefits in terms of flexibility to adjust to a changing competitive landscape.

The Localization of regtech
Regulations, although with similar concepts and outcomes in mind, can be applied in various ways in different locations – each country has its own interpretation and timings. While this has pushed for regtech to come to the fore in the past few years, the variable nature of each approach means the frameworks being applied need to be more ‘agile’. An Agile framework is the only chance to capture all changes, different national dynamics, and different timelines/life cycle expectations.

Overall, obstacles to regtech success include data protection rules, inconsistency of regulatory definitions and data formats, and unrealistic deadlines. An important factor for success is for all the different stakeholders – regulators, financial institutions and third-party-vendors – to work together towards a properly considered and coordinated implementation of the new rules.

Ultimately, regtech is about a change in mindset in the organization and an agile technological infrastructure that will enable banks to be more resilient to change, and more efficient and adaptable to evolving competitive challenges.

Arnaud Picut is global head of risk practice for Asia-Pacific at Finastra.


18 Aug 2017



Share this article