RegTech Can Turn Compliance from Burden to Advantage

The necessary expansion of global financial compliance regulations in a range of areas has created a resource-consuming quagmire that reminds me of the frustration of being forced to wait in a supermarket line all those years ago. The process of meeting the abundant requirements is inefficient, time-consuming and supremely frustrating.

Stuck in an Ugly Transition

Financial services are in the unenviable position of playing (an almost perpetual) catch-up in being asked to comply with FRTB, Dodd-Frank, MiFID II, AMLD V, FATCA, CRS and many more. Plus, the industry has not been given the tools to respond.  And that gets to the very heart of why financial services, and particularly the regulators and authorities, should be looking to the RegTech industry. 

Stitching together a new compliance regime, and then casting that net across the industry is only half the task. The other half is creating an environment that allows the industry’s participants to easily comply with the new rules so that they can efficiently pass with approval through the net and get on with the job of growing their business.

Instead, all across the financial services landscape we see businesses trying to deal with this compliance challenge in their own way, creating profound complexity. 

We see large financial players trying to cobble together existing software solutions that are not designed to deal with the specific compliance details of a particular regime (let alone the entire requirement). Yet for lack of a better option, they try anyway.  Worse still, large sized institutions are each coming up with their own bespoke solution that creates different ways of meeting a standardised obligation or privacy requirement.  In some cases  firms are (rather tragically) trying to address compliance manually, throwing as many bodies as they can spare at the problem, hoping it will get them through.

Now compound that challenge to all jurisdictions that have signed onto this compliance regime worldwide.  The opportunity cost alone is eye-watering.

And here’s the rub. We are entering an age of compliance where the only way of complying is through the use of advanced technology solutions, by which I mean big data, data analytics, artificial intelligence (AI), and machine learning (ML). These are solutions that only RegTech companies with the specialist expertise required can bring to the market.

Compliance Complexity Made for Technology

Imagine this challenge for a financial institution, and here I refer directly to CRS compliance. More than 200 data fields are required to be completed per report. Multiple databases with incomplete and duplicated data must be corrected. One financial institution could be dealing with many millions of financial accounts, ongoing monitoring of the status of these accounts, and they must provide a comprehensive audit trail!

More broadly, the business of compliance is grossly ineffective and inefficient and has created its own industry that adds no value but instead  excessive cost to the industries that it was set up to support.

It’s no wonder then that the International Federation of Accountants estimated earlier this year that the industry’s annual cost of ‘regulatory divergence’ (i.e., inconsistencies in regulation between different jurisdictions) is around US$780 billion. As a financial community, I think we can do better – and I mean hundreds of billions of dollars better.

Common sense says that the use of technology platforms and big data services is the only way reporting organisations will be able to survive. If we get this right, there is a strong rationale to suggest that RegTechs can help revolutionise the financial services industry’s approach to compliance in a way that converts cost inefficiencies straight to the bottom line while strengthening the position of regulatory authorities in the process.

A New Model for a New Era

If we agree that RegTech solution providers should be embraced by the financial services industry as key partners, at what level will this intervention be most effective?  The higher up one goes in the food chain, the better. And to circle back to my original analogy, it is the regulatory authorities (i.e., the supermarket owners) that should be delivering the solutions that industry participants (i.e., the shoppers) need to easily complete a compliance transaction and get on with the important business of keeping the national economy strong through the effective management of finance in all its forms.

This new business model must successfully manage compliance in a manner that all will subscribe to because, if designed correctly, it will be in everyone’s best interest to do so. 

In broad terms, the old model is being used to meet a new compliance regime in the following way:

1. A regulatory body defines rules for its industry in the form of written documentation.
2. The industry reviews and interprets both the initial and ongoing changes (at great cost).
3. Each organisation in the industry incurs significant costs in building their own (duplicated) capabilities (people, process and technology) to meet the rules that each has interpreted slightly differently.
4. Each organisation then pays significant sums to third party consulting firms to check that they have interpreted the rules correctly and that their capabilities are delivering compliant outcomes. 

In practice, a new model is needed where technology is used to leapfrog the current inefficiencies so that:

1. when the regulatory body defines rules for its industry in the form of written documentation -- rather than asking the industry to interpret the rules -- they are codified once in software and maintained by the Regulator who establishes them for the use of the industry.  This removes significant step two costs in the current model (see Figure 1 below).  It also improves the outcome considerably because everyone is applying the same set of rules instead of multiple interpretations.
2. each organisation ‘subscribes’ to the Regulator's compliance service and provides whatever data is needed.  The service tells them what they need, what is missing and what actions they need to take (by exception) to become compliant. This significantly reduces step three costs in the current model because they pay for access to an end-to-end service rather than try and build and maintain their own internal capability, enabling efficient tech solution upgrades.
3. in the new model, step four is eliminated because there is only one solution and which is the one governed by the regulator that enforces the obligation.

Figure 1: The current compliance model versus the new technology driven model.

As a model that could be applied to any area of financial services compliance, the potential for this approach to unlock immediate and sustained long term value to industry participants and the market as a whole is obvious. This value proposition by regulators to the market would, in addition, strengthen their own effectiveness and authority by not only being in line with their fiduciary responsibilities but enabling true leadership through the provision of smarter carrots and not larger sticks (which are considerable under the CRS regime).

Case Study

To make this model real, let’s look at the Foreign Account Tax Compliance Act (FATCA) and the Common Reporting Standard (CRS), areas of legislation which have received considerable attention in past IFC Reviews and which can be used to directly address this highly complex compliance field.

Both FATCA and CRS encourage better reporting between financial institutions, tax authorities and governments. The millions of businesses in more than 109 participating CRS jurisdictions (and growing) that manage the financial accounts of foreign tax residents must report to their local tax authority which in turn shares this financial information with the relevant home tax authority.

Vapourware (software or hardware that has been advertised but is still at the concept stage or not yet available to buy) abounds in the current financial service technology environment, including the larger platform and service providers who have not taken the time to create a unique ‘purpose-built’ solution. Many organisations have been caught in the mind-set of trying to adapt existing software – an approach that has also been pursued by some of Australia’s largest financial institutions – and has failed, due to the complexity and ongoing nuances that FATCA and CRS reporting require.

Tax authorities could instead set up a single technology that feeds the on-going reporting fields throughout the year. The ongoing monitoring of millions of accounts simultaneously to keep an eye on relevant account status changes is one challenge. To report on those changes in 90 days is another. Yet another is to have an audit functionality in place with the key understanding being that the tax authority will want to look at why an organisation hasn’t reported on certain accounts. GCS Agile addresses all of these requirements in their smart, simple and compliant FATCA And CRS Service (FACS), for example.

This technology platform has the inbuilt capability to accommodate both FATCA and CRS reports and can support the automatic exchange of information between tax authorities.

As a dynamic compliance regime, FATCA and CRS are not end-states, but are changing frequently. RegTech providers like GCS Agile should be key partners to the financial services industry and regulatory authorities. They not only provide solutions like the one illustrated above, but also provide the fast learning, data driven agility that all financial institutions need to keep up with the customer service delivery that these entities are obliged to offer in a continuously evolving compliance environment.

Gerry Carcour
Gerry Carcour is the Chief Executive Officer at GCS Agile. He has also served as Chairman for BigML, Local Chair for the PAPIs, and has been on the advisory board for PAPIs.