The finance world is changing big time, driven by a wave of innovative technologies collectively known as Fintech. But what exactly is it? In a few words, it is a dynamic domain where IT companies like Relevant Software are developing tools and solutions that are transforming the way we manage our money. 

Why is this transformation so critical? Traditional financial services, while established, are often riddled with inefficiencies, limited accessibility, and a lack of personalization. This translates to a frustrating and time-consuming experience for customers, who increasingly demand agility, convenience, and a tailored approach to their finances. 

So, how can Fintech address these challenges? Let's look at the details.

Digital Banking

Fintech innovations are breaking down barriers to financial inclusion. Millions of people worldwide still lack access to basic financial services. Fintech is bridging this gap with mobile-based solutions that don't require traditional bank accounts. This allows individuals to save, send, and receive money securely, promoting financial independence and inclusion. 

Payment Innovations

Remember when making a payment meant writing a check or waiting days for a bank transfer to clear? Those days are long gone. Now, peer-to-peer payment apps, contactless payments, and instant payment systems are the norms, radically reducing transaction times and increasing user convenience. 

Automation and AI

Fintech introduces automation solutions powered by Artificial Intelligence (AI) that streamline tedious manual tasks. Mortgage approvals, for instance, can be significantly expedited with AI-driven document processing and risk assessment, saving both time and resources for lenders and borrowers. Similarly, AI-driven chatbots can handle customer inquiries 24/7, providing a level of service that was unimaginable just a few years ago. 

Low Code Platforms

Low code platforms are shining as a new trend in fintech innovation. By using visual tools instead of writing code, creating fintech apps becomes much easier, helping close the skills gap. Fintech newcomers can harness the power of low-code platforms to quickly bring to life innovative ideas that stay in step with market trends

Blockchain and Cryptocurrency

It's impossible to talk about Fintech without mentioning blockchain. Through this technology, one can perform transactions securely and with transparency, without reliance on a centralized authority. Additionally, blockchain is used to prevent fraud, streamline cross-border payments, and improve supply chain transparency.

RegTech

The fintech sector moves fast, often outpacing regulatory frameworks. This can lead to a gray area where innovations flourish without adequate oversight, potentially leading to risks for consumers and the financial system at large. Therefore, collaboration between fintech companies, traditional financial institutions, and regulatory bodies is crucial to ensure that innovations benefit everyone without compromising security or fairness. 

InsurTech

Insurance is another area ripe for disruption. InsurTech companies are utilizing tech to make insurance options more economical, widely available, and tailored to specific preferences.. Think pay-as-you-drive car insurance, or parametric insurance that pays out based on specific events, like a natural disaster.

Open Source & SaaS

For fintech startups, being quick and adaptable is key. That's where open source and SaaS (Software as a Service) come in. They allow companies to use and improve software without the hassle of managing it. This means more time focused on customers and less on tech headaches. 

Embedded Finance

This means users can access financial services through non-financial platforms. Think buying insurance from your favorite online store or getting a loan from your ride-sharing app. It's making finance a seamless part of everyday life. 

It's easy to get caught up in the excitement of all these innovations, but it's also essential to approach them with a critical eye. Regulatory hurdles, security concerns, and the digital divide (the gap between those with access to digital technologies and those without) are just a few of the issues that need addressing. Moreover, as the financial sector increasingly relies on technology, the risk of cyberattacks constantly grows, necessitating robust cybersecurity measures. But the potential benefits—increased accessibility, efficiency, and personalization of financial services—are too significant to ignore. 

And what about the traditional banks? Some may argue that fintech is spelling doom for conventional banking institutions, but that's not entirely accurate. Sure, fintech is disrupting the status quo, but it's also pushing banks to innovate and adapt, leading to collaborations that combine the best of both worlds. Traditional banks are leveraging fintech to enhance their digital offerings, making banking more accessible, efficient, and customer-friendly. 

Therefore, what can we expect for financial services moving forward with the rise of Fintech? It's a question many in the industry are pondering. While the trajectory seems clear—more automation, increased personalization, and further democratizing financial services—the pace and nature of these changes remain fluid. 

What's certain is that those who can adapt to and leverage these innovations will find themselves at the forefront of a new era in finance. The journey is complex, but the destination—a more inclusive, efficient, and secure financial ecosystem—is undoubtedly worth the effort.

But the growing digital footprint of financial services entities is a double-edged sword, with regulators imposing increasingly stringent and ever-evolving financial promotion and record-keeping rules across the sector to improve transparency and accountability.

 Just as across the economy and other sectors, it’s technology that could offer a solution to businesses, with regulatory technology or “RegTech” solutions emerging as a valuable tool in helping financial services companies stay compliant with digital communications.

Digital communications offer opportunities, but also compliance implications

Technology has radically changed the way financial services firms communicate today, fueled in part by the rise of FinTech challengers that have attracted attention through the convenience of their digitally-powered offerings. Underpinning this has been the potential of online communications channels to help gather engagement data, helping both FinTechs and established institutions to better understand customer needs now and in the future.

The COVID-19 pandemic has increased the dependence on these communications channels, as clients look to financial services firms for regular reassurance and updates that their investments, pensions or other interests remain secure despite significant economic volatility.

However, for regulated businesses, the use of such channels has implications for compliance, with MIFID II stipulating strict recording keeping rules, while the FCA enforces stringent regulations around financial promotion. Indeed, the FCA notably fined a claims management firm £70,000 in December 2019 for misleading consumers through its websites and printed materials.

The RegTech industry is expected to grow from US$ 6.3 billion in 2020 to US$ 16.0 billion by 2025, according to MarketsandMarkets.

The extent of these regulations and their bearing on all digital communications for financial services firms is far-reaching. For example, if a financial advice firm decides to undertake a livestream on Facebook about the economic impacts from the crisis, is it clearly stated the content of this isn’t financial advice? If a bank was to tweet information about how it oversees mortgage security during a crisis, is the language clear enough without becoming misleading for a retail audience? And when it comes to investment updates, are firms fairly displaying their performance – taking into account an appropriate benchmark and required timeframe?

So, the challenge remains: how do financial services companies communicate effectively and efficiently while remaining compliant?

RegTech can help

Since the start of the decade, RegTech businesses have used the latest technology to help companies enhance their ability to comply with this wide range of regulatory pressures and their support has seen investment in the sector grow significantly. Indeed, the RegTech industry is expected to grow from US$ 6.3 billion in 2020 to US$ 16.0 billion by 2025, according to MarketsandMarkets.

The growth of this sector is matched by the growing number of regulations that financial services firms must grapple with, as well as an increasing propensity of regulators to enforce them. Indeed, fines issued by the FCA in 2019 soared to £391.8m, a reported increase of more than 550%. As new regulations are certain to arise, with MiFID II under review and the announcement of MiFID III fast approaching, the pressure to comply is increasing.

It’s hardly surprising then that spend on RegTech solutions is rising. Figures from Juniper Research indicate that spending on this sector could top $127 billion globally by 2024, as companies increasingly look for support to help manage compliance burdens.

Our own platform at MirrorWeb is just one example of entities in the RegTech sector that are increasingly supporting financial services companies cope with increased scrutiny by regulators. In our case, we help companies capture immutable records of their websites and online channels, allowing them to keep track of any potential regulatory breaches and evidence what was published and when.

 So, digital communications do present an opportunity, but also a challenge for regulated businesses. The assertiveness of regulators in enforcing compliance in this area is on the rise, so financial services firms need to ensure a compliance solution for the long-term. The regulatory technology sector is a rapidly growing ally to the financial services sector - one that helps these firms to leverage the benefits of advanced digital communication, at the same time as ensuring compliance with fast-changing regulation.

The COVID-19 pandemic has not just had a devastating impact on health and society, it has dominated economic and business matters unlike anything we’ve seen in peacetime history, and, across the globe, schools, companies, charities and self-employed professionals are still adjusting to a brand new remote working contingency plan.

Fortunately, as a society, we are extremely well-equipped to adapt to remote working with a turnaround time of just a few days. This was proven by the sheer quantity of businesses, many of whom care for thousands of employees, who just a few weeks ago managed to transform their entire internal structure to a digital environment. Not only is this an inspiring example of human  collaboration at a time of crisis but also a true testament to the power of the technology at our disposal.

In fact, remote working has proven itself so effective for some organisations, that it has gone beyond a short term contingency plan; it’s starting to look like remote, or at least flexible working, will be incorporated in the long term for thousands of office-based workers. Clement Desportes De La Fosse, Co-founder and Chief Operating and Financial Officer at Spearvest, shares his thoughts on how the finance sector will be forever changed by the pandemic.

Although it may sound premature to think about a post COVID-19 world, a majority of industry operations are sure to change forever, and, none more so than in the financial sector. For many years, traditional banks and financial institutions have been associated with outdated infrastructure and slow legacy IT systems, which are a burden for financial professionals and consumers alike. In fact, a recent study in 2019 revealed that UK banks were hit by ‘at least one’ online banking outage every day across a nine month period.

Today, the demand for banking and financial services has never been higher: emergency loans, government payment schemes and personal finance management are required for people to survive. What’s more, visiting a branch in person is no longer an option, and therefore financial institutions are forced to invest in capable IT infrastructure and relevant automation, regulation, and finance technology to deal with influx of demand.

For many years, traditional banks and financial institutions have been associated with outdated infrastructure and slow legacy IT systems, which are a burden for financial professionals and consumers alike.

Whilst it could be argued that this much-need update was inevitable, the pandemic has certainly forced many banks’ hands in enforcing this change, and means our financial institutions will emerge from the crisis with a much more capable IT infrastructure. The following areas are where banks are, or should be investing, in the coming weeks, months and years, with insight into how exactly these cutting-edge technologies are impacting the financial services sector for the better.

Artificial Intelligence

Artificial Intelligence (AI) has been a growing trend in finance in the past decade, primarily being used to address key pressure points, reduce costs and mitigate risks. However, the demand for digital banking services as a result of COVID-19 will likely push the sector in the direction of developing and incorporating sophisticated automation and customer service AI.

We’re a few years off the mass adoption of robotics technology of this nature, but it’s safe to say the COVID-19 threat has highlighted the pressing need for more automation and better service technology.

Public Cloud

The shift toward cloud-based computing has already been significant, with most financial institution operating cloud-based Software-as-a-Service (SaaS) applications for business processes, such as HR, accounting, admin solutions and even security analytics and know-your-customer verification.

However, advancements being made in cloud technologies and increasing demand for SaaS applications for remote workers means that soon we could see core services in the financial sector, such as consumer payments, credit scoring and billing, to become stored and managed in cloud-based SaaS solutions.

RegTech

Much like the increasing demand for AI and Cloud-based SaaS applications, regulatory technology (RegTech), can do important work in ensuring financial work remains regulated and legal. The right RegTech, such as automated customer onboarding technology, can also save a firm a lot of time, freeing-up much-needed time to focus on the work that can not be completed by software or a robot.

[ymal]

Big Data

Customer intelligence facilitated by big data and consumer behaviour is an incredibly important tool which can be used for extremely accurate decision making, risk-assessments and revenue and profitability forecasts, to name just a few use-case example.

Some modern financial institutions and start-ups have been using big data and analytics technology for a number of years, and those more ‘traditional’ which may have neglected this cutting-edge technology are depriving their customers of top tier financial advice and insight at a time when they are in need of it most.

Security

Cyber attacks, money laundering and hackers have always threatened the financial services to a large extent. However, with entire workforces online, operating in a remote, sometime unsecure environment, the cyber-threat facing consumers has never been larger.

Thus, cyber-security has, and should, be invested in heavily by financial institutions looking to protect their own client, employee and company sensitive information. At the same time, safe internet and banking practice should be implemented and taught to all members of the general public to ensure they do not give away sensitive information such as payment details.

Fast forward, five years from now, we will look at the pandemic as a trigger that enabled us to spend our time more efficiently, and digital technology and the cloud will be key in facilitating this positive change.

Fintech is one of the most recognisable terms in the financial services industry but sits aside its lesser-known compatriots, RegTech and InsurTech. Put simply, these terms represent the evolution and revolution of financial services globally, and the UK has firmly embraced the use of such advances. Evolution relates to the giants of the UK financial services industry who have been around for over a hundred years and revolution reflects the large number of start-ups who have not had to adapt old systems to new ideas but have had a clean sheet from which to design a process and solution using the latest technology. Simon Bonney, Partner at Quantuma and member of IR Global, explains to Finance Monthly how fintech has transformed the industry.

Background to the UK Fintech Industry

The UK fintech industry is worth around £7 billion and employs over 60,0000 people. It now has banks that only communicate with their customers through an online platform and have no physical branches.

The UK thrives as a leading global fintech hub for a number of reasons. As a world leader in the financial services industry, there is an imperative to ensure that we invest in, and utilise, the latest technology to facilitate our competitiveness. As well as a deep homegrown pool, the UK attracts a wealth of entrepreneurial and tech talent because of its status (42% of workers in UK fintech were from overseas in 2018), and also its investment. Investors put more money into UK fintech than any other European country in 2018 ($3.3 billion). In addition, the UK recognises the importance of striking a balance between the promotion of entrepreneurialism and the regulation of new ideas to provide confidence to businesses and consumers the world over through the Financial Conduct Authority (FCA). The FCA’s regulatory sandbox, the framework to allow live testing of new innovations, has become a blueprint for fostering innovation around the world.

The Opportunity

The UK Government has recognised that fintech engenders a significant opportunity to create jobs and economic growth and also facilitate the birth of new start-ups in other industries which are able to utilise new technology to make their costs quicker and cheaper. In 2019, 79% of UK adults owned a smartphone and on average they spent over two hours a day on their phones. Access to financial services by smartphones, coupled with a loss of confidence in the traditional financial services industry following the Global Economic Crisis in 2008, has meant that consumers embrace the relative ease and convenience of fintech.

Technology generally has changed the way that consumers expect to engage with financial services and the UK financial services industry has recognised that it cannot operate the same way it did 10 years ago if it hopes to keep pace with the demands of customers. Fintech has changed and will continue to influence the experience and speed of transactions. It has had a significant impact on the cost of operations. For those businesses with legacy systems, there is a huge challenge in ensuring that fintech is embraced and implemented. In order to cope with this challenge, it is likely that banks will seek to further outsource their operations and hand over management of their legacy systems so they can focus on serving customers and finding new routes to market.

Potential Challenges

Growing opportunities do not come without hurdles. The sheer speed of change in fintech means that regulation is generally trying to catch up, and in a number of instances, such as cryptocurrency, regulators are required to learn about the technology and the way it encourages people to behave before being able to effectively regulate it. However, that regulation will have an impact on development, as the costs of ensuring that new products are compliant will provide a barrier to entry. In addition, fintech is inextricably linked with data and the use and regulation of data will continue to feature in the spotlight.

A Note on Fintech Bridges

It is hoped that through the use of fintech bridges, the UK’s best and brightest fintech ideas and businesses will be able to thrive internationally, with automatic recognition by the regulators in those partnering countries. Collaboration has been a feature of the success of fintech, with open source solutions being made available to enable the improvement of all aspects of the industry for the greater good with blockchain being a prominent example. Collaboration on an international level should only provide a more stable platform for that innovation. However, Brexit has raised questions regarding the future of the UK as a behemoth of the financial services industry, and the nature and mobility of fintech and the use of fintech bridges means that competition has been increased across the world.

The UK has been able to remain at the forefront of fintech due to its history in financial services and its depth of talent and investment. Importantly it recognises the importance of remaining at the forefront and will strive to ensure that innovation and regulation continue to go hand in hand.

Compliance is a must-do activity, not a nice-to-have. According to Colin Bristow, Customer Advisory Manager at SAS, it is essential that companies extract maximum value from compliance processes, reducing the possibility of it being considered a cost centre.

Technological innovation can help to lift some of the compliance burden. The level of technology you can realistically implement depends on how advanced the organisation is to start with. One company’s moonshot could be another’s business as usual. Assessing the starting point is just as important as considering the benefits and end goal.

RegTech, AI and the future of compliance

This is the question that the burgeoning RegTech (regulatory technology) industry is seeking to answer. AI is typically at the forefront. RegTech partly focuses on improving the efficiency and effectiveness of existing processes. As part of that improvement, organizations are using AI, machine learning and robotic process automation (RPA) to smooth the integration and processes between new RegTech solutions, existing legacy compliance solutions and legacy platforms.

Why look to AI for help? Recent regulations, such as GDPR or PSD2, are handed down in the form of large and extremely dense documentation (the UK government’s guidance document for GDPR alone is 201 pages). Identifying the appropriate actions mandated by these lengthy documents requires a great deal of cross-referencing, prior knowledge of historical organisational actions, and knowledge of the relevant organisational systems and processes. What’s more, several regulations attract fines or corrective actions if not applied properly (like the infamous "4% of company turnover" penalty attached to GDPR).

In short, the practical application of regulations currently relies on human interpretation and subsequent deployment of a solution, with heavy penalties for noncompliance. This is where AI can help, reducing the workload involved and improving accuracy. Here are three key examples of how AI can help companies turn compliance into a value-added activity.

1) Reducing the risk of nonconformity

Following the deployment of compliance processes, there is often residual risk. This can be as a result of unforseen gaps in compliance processes, or unexpected occurrences that become apparent when operating at scale.

That’s partly because there are usually a lot of steps and processes to be carried out during the data collation stage of compliance programmes. RPA can help reduce administrative load associated with these processes that include a high degree of repetition – for example, copying data from one system to another. AI can then help process cross-organisational documentation, combining internal and external sources and appropriately matching where necessary.

AI can also help to reduce companies’ risk of noncompliance with, for example, privacy regulations. Furthermore, using AI techniques, organisations can automate transforming and enhancing data. Intelligent automation allows companies to carry out processes with a higher degree of accuracy.

2) Improving process efficiency

Inefficient processes can also hinder compliance. For example, automated systems that detect suspicious transactions for anti-money laundering (AML) processes are sometimes not always as accurate as they could be. A recent report highlighted that 95% of flagged transactions are closed in the first stage of review. Effectively, investigators spend most of their day looking at poor quality cases.

Use of an AI hybrid approach to detection ensures there are fewer, higher quality alerts produced. Furthermore, it is possible to risk-rank cases which are flagged for investigation, speeding up the interaction and relegating lower-risk transactions. Although AI forms an underlying principle across most modern detection systems, maintenance is key to managing effective performance.

AI can also be used to bolster AML and fraud measures more widely. For example, applying AI to techniques such as text mining, anomaly detection and advanced analytics can improve trade finance monitoring. This, in turn, can improve the regularity for document review and consignment checking, improving the validation rates of materials as they cross borders.

[ymal]

3) Keeping up with regulatory changes

Compliance never stands still. Businesses have to contend with a constantly evolving landscape, potentially across several regions. AI can help to optimise the processing of these regulations and the actions they require, helping companies keep up to date. Companies that need to effectively comply with several differing regulations require a wide range of understanding across all parts of the business. The size, complexity and legacy systems of the business can be significant obstacles.

To mitigate this risk, companies can use natural language processing (NLP) to automate aspects of regulatory review, identifying appropriate changes contained in the regulation and then relaying potential impacts to the appropriate departments. For example, AI could help geographically diverse companies determine whether changes in the UK have an impact on their Singapore office.

Humans still needed

It’s important to note at this point that AI and RegTech are not expected to widely replace humans. We are seeing early AI entries in the RegTech space, but they’re primarily helping with lower-hanging fruit and repetitive tasks. AI is primarily enhancing the work humans do, making them more effective in their roles.

AI does not come without some considerations, however. There is a great deal of focus and scrutiny on associated possible bias in AI deployments. Other discussions are exploring the transparency and governance of applications and questions around who owns generated IP. As a result, it’s essential that AI works closely with humans, enhancing activities and balancing an appropriate level of manual oversight.

AI is augmenting compliance practices by providing faster document review, deeper fraud prevention measures and greater contextual insight. It is also reducing noise in high-transaction environments and lightening the documentary burden on staff. From the start of the regulatory review to the end of the compliance process, AI holds part of the overall solution to a more efficient and valuable compliance function.

The financial crash of 2008 created a huge amount of mistrust toward big banks and FinTech entrepreneurs have taken advantage of that. The disintermediation of banks from areas such as travel money has given rise to a new kind of financial service firm, an area set to carry on this trend. There are some brilliant ideas in FinTech and the problems they solve are widely unrelated to Brexit, meaning that investment is likely to continue to grow.

In much the same way as FinTech came from the financial crash, existing sectors will be disrupted, and new ones created to tackle problems that arise. Many FinTech innovations were born from a lack of trust of banks and traditional sources of financial services. Since 2008, over 200 FinTech companies have been founded in the UK alone, with seven of these going on to reach a billion-dollar valuation or a ‘Unicorn’ status.

Unicorns refer to start-ups that have reached what many perceive to be the holy grail of a $1billion valuation. In terms of producing these companies, the UK is the third best place in the world behind only the US and China. In 2018, 13 companies reached this valuation in the UK, bringing the total number to 72. Many of these companies are FinTechs born of the financial crash. It seems likely that in a few years’ time we may be discussing an even greater number of companies reaching this milestone with a contribution from new and growing sectors.

With Brexit, there are going to be more problems to solve, and entrepreneurs are going to come along and innovate.

The first sector that looks set to benefit is regulation and regulation technology. With Brexit, there are going to be more problems to solve, and entrepreneurs are going to come along and innovate. Everything will get more complicated with import and export, say, and some smart man or woman will come along and solve it. RegTech has already been impacted – perhaps indirectly – by the financial crash, as an increased amount of regulation and legislation led to the birth of many innovative solutions to keep financial services at such a high pace.

Since this time, it is clear to see the rise of this sector within financial services, with over 300 companies working with Financial Services firms in a variety of sectors. Each of these dealing with a specific problem that is ever evolving and often becoming more complex.

Regulatory Reporting is one such example, it enables automated data distribution and regulatory reporting through big data analytics, real-time reporting and the cloud. Many financial organisations have expressed frustration with the high level of redundancy, dependence on manual processes, and opacity of their regulatory reporting processes. This is a critical activity for financial institutions and without tech solutions would require a concerted effort from a range of departments including, risk, finance, and IT.

Risk Management detects compliance and regulatory risks, assesses risk exposure and anticipates future threats. There are over 45 companies specialising in this already and with so much uncharted territory around leaving the EU, this looks to be a potentially important field in the next few years. One of the most important things businesses can do is to properly understand and calculate risk, take too few and growth will stall, take too many and you may be overexposed.

Compliance is the largest RegTech sector with a large scope and responsibility.

Identity Management & Control facilitates counterparty due diligence and Know Your Customer (KYC) procedures. Alongside Anti Money Laundering (AML) and anti-fraud screening and detection. Identity management is the second biggest sector in terms of the number of firms and is hugely important in a wide range of ways especially when growing and taking on new customers and clients.

Compliance pertains to real-time monitoring and tracking of the current state of compliance and upcoming regulations. Compliance is the largest RegTech sector with a large scope and responsibility. Companies from this sector are charged with meeting key regulatory objectives to protect investors and ensure that markets are fair, efficient and transparent. They also seek to reduce system risk and financial crime. As regulations change when we do leave the EU, this will likely be one of the key sectors to face some of the challenges that arise.

Transaction Monitoring provides solutions for real-time transaction monitoring and auditing. It also includes leveraging the benefits of distributed ledger through Blockchain technology and cryptocurrency. Even apart from Brexit, cryptocurrency and Blockchain tech looks to be a sector of huge growth in the next few years, regulating that in the context of traditional financial service providers will be of significant importance.

For all of these sectors, it is likely that changes to legislation and procedures after Brexit will have a profound effect on what is required by firms in order to stay compliant, potentially creating a huge number of problems that will have to be dealt with in one way or another.

You just have to reverse engineer all the problems that are going to be thrown up by Brexit and then you’ve got investment opportunities. Here’s a problem, let’s find an opportunity.

Wherever’s there’s huge problems and disasters, there’s always going to be an entrepreneur who comes along and will find a solution. From my perspective, that’s exciting because these new crunch points provide opportunity and employment. I set up IW Capital in a recession after a stock market crash, and WeSwap was set up because the market was falling to pieces. What actually happened was the birth of the FinTech sector. Opportunity comes out of a crisis.

While the goals of these regulations are often described in detail, they frequently fail to outline just how the requirements must be met or the steps that need to be taken to achieve that compliance. Here Sarah Whipp, CMO and Head of Go to Market Strategy at Callsign, answers the question: Is regulatory ambiguity setting banks up for failure?

Take for example PSD2, which called for open APIs and the application of stronger authentication schemes but didn’t describe how best to meet these needs. With financial institutions in somewhat of a quandary, third party groups have noticed a gap in the market and stepped in to help, such as the Financial Data Exchange (FDX), The Berlin Group and the Open Bank project, who each put forth a different approach to meeting PSD2 compliance.

The three predominant authentication schemes that are currently being used are as follows:

• Redirect – whereby the consumer goes to a third party and when they reach the point where they provide consent, they get redirected to the holder of data, logging in via a page branded by their financial organisation
• Decoupled – when customers provide an approval via a different channel, separate to the one where they are dealing with the third party. For example, a push notification from their banking app if they are enabling access to their bank account
• Embedded – when the third-party processes the customer’s security creds and passes them on to the financial institution. This method won’t work with device-based authentication since underlying organisation won’t have visibility of device being used.

For international banks in particular, this presents a tricky challenge, as they must be able to not only offer each of the aforementioned authentication schemes, but all three of these for each of the third-party groups who’ve stepped in to bridge the gap with PSD2. As a result, these banks are tackling an extremely complex policy situation in which the 9 potential authentication methods are even further compounded depending on location or circumstance. In addition, for each jurisdiction these companies operate in, regulations will be interpreted differently, making a coordinated approach very difficult.

The issue lies not in the sheer number of potential authentication methods with no clear direction from the regulators, but the fact that many of these major, global banks are currently relying on the human policy manager – knowledge siloed to a few IT group team members – to comprehend these regulatory needs. Quite often these teams would have insider knowledge, almost like living and breathing black boxes. Of course, if one of these people leaves the company, they are also taking with them a huge amount of valuable information.

Instead, banks must move away from their home-grown policy managers, and evolve to a more sophisticated and transparent policy manager for which sectors across the organisation can have a say. It is not just the IT team that has to review internal policies at these and say they’re fine. Risk & Compliance right through to the Marketing function needs to ensure they are properly following protocol.

Challenger banks, those who have broken ground in the last decade or so and remain digital-first, are actually positioned much better to deal with these issues as much of their infrastructural practices are already grounded in flexible and agile practices. Thus, many banks facing these problems are established institutions, potentially embracing digital transformation in other areas of the organisation. To ensure they can remain competitive and compliant (regulations aren’t going away, they’re only getting stronger), they must also equip their policies for the future.

If these larger organisations don’t rise to the challenge they are in danger of dramatically harming the customer experience. They need to be able balance keeping their customers’ digital identities safe and as well as comply with regulations, while making sure users can get on without obstacles. By using the latest AI and machine learning, policy managers must adapt and learn in real time to achieve this goal. Implementing this technology, organisations can build multi-factor authentication journeys that are uniquely tailored to their own business, customers, products or services. Financial legislation is constantly being updated, so flexible technology will help them easily navigate any changes with relative ease.

It has equally attracted the attention of retail investors and potential bad actors. Combine the elements of hype tactics, fanciful notions of a new paradigm, and greed, we have the perfect market factors which could induce a frenzy unlike we’ve seen since the beenie babies craze. Oh wait, this sounds awfully similar to 2017, does it not? Below Jamar Johnson, crypto expert and owner of Otravel.ai, explains the potential regulation trends we may be looking at when it comes to cryptocurrencies.

Sure, many are now jumping on the blockchain bandwagon, and it is up to responsible regulators to guide the market and its participants responsibly for the next wave of blockchain mania, if and when it arrives. However, we must take on a more nuanced approach to said proposed regulation: how does a regulator support true innovation while not stifling its stated goals through high-cost barriers to entry as some might argue has taken place in New York with the BitLicense? How does countries like the United States incorporate policy frameworks that are similar to Singapore and Malta which are emerging as a hotbed for attracting blockchain talent? The issue becomes even trickier, when one factors in the opportunities for wealth creation (estimated to be in the trillions) despite the US currently lacks a comprehensive framework towards the blockchain across all 50 states.

Self-regulation organisations are commonplace in other sectors - for example, the Regulatory Authority in the Financial sector (FINRA) plays a major role in the Regulatory organisation of the broker and exchange.

The current EU laws do not provide protection to any investor who can be exposed to the risks of digital asset markets, taking into account the significant prices and the lack of supervision of offers and exchanges.

While many nations have discussed their policy towards the blockchain and cryptocurrencies, some of the smallest countries and regions have quickly moved into the creation of novel laws and programs designed to attract top talent within the blockchain space--like Malta, Singapore, and Puerto Rico being the closest US example, to date.

New and evolving financial technology companies need to comply with a network of laws and regulations that are designed to help customers and finance their finances and reduce the costs of repairing terrorists.

Across the pond, the Financial Authority of the United Kingdom provides fintech companies with a single domestic finance Regulatory Authority, clear qualification and test parameters, the possibility of waivers (on permission and review) and direct cooperation with Regulatory Authority.

The initial coin offer (ICOs) have become a popular way for businesses to earn money by launching a new digital coin in exchange for crypto currencies such as bitcoins or air. In countries like the US, it will be prudent for ICO founders to have clear guidance from a professional lawyer or legal team to help navigate the complex body of legals and regulations surrounding the offering of securities and meeting the Howey Test.

Last year, the Financial Authority (FCA), the UK's Financial watchdog, issued a statement detailing the risk of investment in ICOs.

In February, the U. s. Treasury Committee, which consists of several politicians, launched a request for digital currencies and a dispersed technology or a blockchain.

Part of the act requires digital exchange and portfolio to apply customer-specific care checks such as banks.

The regulatory environment within the US concerning digital currencies are not clear just yet. But we know they are coming and on its way to being formed (look into places just as Puerto Rico, Wyoming, or New York as an example). But regulations are coming. New announcements and stances are being made on a recurrent basis. The benefits for proper regulatory structure in the US is not there just yet, but the opportunity is too great to ignore: new tax base, the ushering in of the next waves of America’s greatest entrepreneurs, and the shape the narrative for the blockchain revolution currently underway.

This is according to Henry Umney, CEO of ClusterSeven, as he offers his views on the regulatory and risk management trends in the banking and financial services industry for 2019.

Brexit will confound banks in 2019, whatever the outcome

The UK’s departure from the EU at the end of March will continue to have a significant impact on the banking, insurance and asset management sectors throughout 2019, almost regardless of the nature of the final departure. Brexit uncertainty is presently forcing banks to implement their most stringent contingency plans, in terms of re-locating critical business services, processes, and in extremis, specific roles and personnel. To this end, division of data, processes and responsibility need to be managed carefully to ensure these changes are executed smoothly, efficiently and with full auditability. Further complexity is provided by the UK’s Prudential Regulatory Authority’s (PRA) announcement that institutions will be able to continue to trade as branches of their head office, rather than as a (more capital intensive) subsidiary post-Brexit. This, alongside the European Banking Authority’s (EBA) recent announcement that it sees ‘back to back trading’ between the City of London and the EU as beneficial, suggests that there is a willingness to find a modus vivendi that allows complex cross-border transactions and business processes to continue as normal, almost regardless of the final Brexit outcome.

This complex, conflicted environment will place a premium on understanding how disparate business processes and applications, including how end user supported processes (e.g. using spreadsheet-based applications) are configured, allowing institutions to respond quickly to new developments – and potentially even reversing previous decisions about re-locating people, roles and business units.

Regulators and auditors will demand mature model risk management

In the US, the momentum for a mature approach to model risk management will gather further pace as government frameworks including SR 11 7, CCAR/DFAST stress testing and CECL, for example, are more closely scrutinised and audited by regulators. Increasingly these governance frameworks are being extended to include the tools that feed the models and there is recognition of the significance of the spreadsheets and other end user supported applications to the models covered by these frameworks.

This approach to sophisticated model risk management will find favour with European regulators too, a trend that is already in motion with regulations such as TRIM and SS3/18. This is fundamentally driven by regulators’ collective objective of demanding visibility of critical models and enhancing the operational resilience of financial institutions. Effective data management, including that stored in spreadsheet-based and other end user supported applications, is central to these frameworks.

To meet the excellence in data governance and auditability as demanded by the regulators in the UK and US, financial institutions will be forced to apply the same level of controls to their end user supported application environment – as they apply to their broader corporate IT environment. This reflects that spreadsheets are often the ‘go to’ tool in developing a broad range of business and financial models.

The transition away from LIBOR will present a major operational challenge

Due to the enormity of the transition from LIBOR (London Interbank Offered Rate) to alternative reference rates (e.g. SOFR, Reformed SONIA SARON, TONAR), financial institutions will begin adjusting their processes and systems, in preparation for the switch to new reference rates by the end of 2021. The clock is ticking.

With a parallel universe of spreadsheets connected to enterprise systems such as risk, accounting models and a plethora of non-financial contracts, financial institutions will need to ensure that the relevant changes are also accurately reflected in the spreadsheet-based processes. Given the broad range of potential alternatives to LIBOR, it seems possible that multiple replacements may be in use in different jurisdictions. There will be a premium on being able to identify transactions and contracts quickly and efficiently, and applying the appropriate reference rate, quickly, efficiently – and again with full transparency and auditability.

GDPR has the hallmarks of expanding into a global framework, its compliance will need to be in organisations’ DNA

GDPR has all the makings of becoming a global standard. Already, California is taking the lead with the California Consumer Privacy Act (CCPA), which comes into force in 2020. Other US states are also considering similar regulations to protect the rights of their residents.

With a fine of $1.6 billion levied on Facebook this year, the EU has clearly demonstrated that it means business. In 2019, organisations will have to shift their GDPR focus to ‘sustainable compliance’. They will realise that inventorying IT systems for GDPR-relevant and sensitive data was merely a good first step to meet the compliance requirements on 25 May 2018. GDPR compliance will need to part of their DNA – requiring it to be a ‘business as usual’ activity. With unstructured confidential data (e.g. personal details of clients and employees) often residing in spreadsheets, visibility alongside continuous monitoring, controls and stringent attestation of information will be essential to meeting GDPR demands such as the right to be forgotten and data portability. Automated spreadsheet management will become critical to sustaining GDPR compliance.

Given the long list of regulations that organisations need to comply with – CECL, IFRS9, MiFID II, SOX, CCPA, BCBS 239, SR 11-7, Solvency II, GDPR, CCPA, among others – investment by organisations in Regulatory Technology (RegTech) is estimated to grow by a whopping 45% annually on average over the next five years. This represents a six-fold increase by 2023. The risk of hefty financial penalties because of non-compliance looms and so, clearly, institutions are wisely resorting to technology to meet regulatory demands efficiently and cost-effectively. At the same time, they are mitigating any reputational risk that accompanies non-compliance, the effects of which are potentially longer lasting than any monetary fine, says Henry Umney, CEO of ClusterSeven.

RegTech can be quickly deployed, replaces expensive manual processes, delivers flexibility and facilitates dynamism to enable financial institutions to deliver against the evolving compliance requirements. When used concurrently with existing legacy systems, such platforms can help drive innovation too.

As financial institutions make investments in RegTech capabilities – typically considered to be big data analysis, artificial intelligence, biometrics, blockchain and chatbots – the widespread use of spreadsheets in core business processes means that spreadsheet risk management must be a major consideration in these efforts. If overlooked, these risks could well be the ‘chink in the armour’ that leads to accidental non-compliance, as well as potential business impact and reputational harm.

Spreadsheet risk is genuinely a risk to the business

A large portion of regulatory compliance requirements involve complex data processing and spreadsheets often serve as the ‘go to’ tool for managing several vital business processes. For instance, spreadsheets are widely used for final mile reporting, pricing models, economic/financial models, or data manipulation. With spreadsheets feeding information to many core enterprise systems and RegTech platforms, accuracy of the data inputs in many instances is dependent on the integrity of the spreadsheet applications that store the material. Hence, incorrect inputs into any system will skew the outcome, to either cause compliance breaches or indeed impact decision-making, completely negating the value of these latest technologies to the business.

With spreadsheets feeding information to many core enterprise systems and RegTech platforms, accuracy of the data inputs in many instances is dependent on the integrity of the spreadsheet applications that store the material.

Spreadsheet risk is genuinely a risk to the business for several reasons. Not only is it easily accessible (it’s available on every desktop), it is easy to use and so, used without training and often in the absence of formal usage policies. All this combined means that there are little or no checks on data sources used to populate business critical spreadsheet-based processes.

Automation of spreadsheet risk management key to RegTech success

Spreadsheet risk can be overcome with the adoption of a best practice approach to this function. Like RegTech solutions, spreadsheet risk management is underpinned by automation.

Automated spreadsheet management enables financial institutions to have complete visibility and an understanding of the organisation’s spreadsheet environment. The technology exposes the data lineages of individual files across the spreadsheet environment to accurately reveal the data sources and relationships between the applications. Every identified critical spreadsheet can be tiered based on the risk it poses to the business. Today, spreadsheet risk management solutions facilitate an enterprise-strength model that dovetails with the larger RegTech environment to establish a seamless process that supports everything from creation of new spreadsheets through to their adoption into the relevant corporate applications and ultimate retirement from the business’ application landscape.

A considered approach to spreadsheet risk management must be an integral part of any RegTech initiative.

Spreadsheet risk management minimises compliance execution risk. Fundamentally, one of the objectives of the various regulatory regimes collectively is that they want organisations to build in operational resilience into their business to ensure commercial flexibility and strength in tougher economic times. This kind of approach helps design-in operational resilience by providing intrinsic safeguards for things like attestation management. It provides automated processes for attestation by employees for the most critical spreadsheets, ensuring that changes are made in line with the company policy – critical for regulations such as the Senior Managers and Certification Regime, where the onus of good business practices and accountability rests with the senior executives themselves.

Good data underpins business operation, decision-making and commercial success, and compliance. Stringent and ‘business as usual’ style management of these end-user computing tools where unstructured, yet business-critical data resides, is essential not merely for compliance, but for efficient running of an organisation. A considered approach to spreadsheet risk management must be an integral part of any RegTech initiative. It will ensure that financial institutions fully maximise the value of their investments in the associated technology platforms.

About the author

Henry Umney is CEO of ClusterSeven. He joined the company in 2006 and for over 10 years was responsible for the commercial operations of ClusterSeven, overseeing globally all sales and client activity, as well as partner engagements. In July 2017, he was appointed CEO and is strongly positioned to take the business forward. He brings over 20 years’ experience and expertise from the financial services and technology sectors. Prior to ClusterSeven, he held the position of Sales Director in Microgen, London and various sales management positions in AFA Systems and ICAP, both in the UK and Asia.

Website: https://www.clusterseven.com/

A greater proportion of IT decision-makers in the financial/banking sector see key financial services regulations as a driver of innovation (34%) than regard them as a barrier to it (24%).

More than a third (34%) of IT decision-makers across the UK financial sector regard key financial services regulations such as PSD2 and FRTB as a driver of innovation within financial services organisations, while fewer than a quarter (24%) see them as a barrier to it. That is according to survey of IT decision-makers across a range of financial and banking sector organisations, including retail and investment banking, asset management, hedge funds and clearing houses.

The survey, commissioned by software vendor, InterSystems, also found that just 20% of these decision-makers believe their organisation is very well prepared for the roll-out of the new regulations.

Graeme Dillane, financial services manager, InterSystems said: “Historically, firms have responded in a piecemeal fashion by putting in place new siloed applications to meet the needs of each new ruling. The latest round of regulations raises the stakes by effectively demanding businesses break down their data silos, better integrate their data enterprise-wide, and analyse it in real time in the context of new event and transactional data. All of that makes it vital that organisations innovate now.”

To lay the foundations for innovation, firms need automated systems. Currently, however, automation levels are low. Just 21% of the sample said they had fully automated the processes they had put in place to meet regulatory and compliance demands. 33% said they had not automated them at all.

More positively, the survey indicates that IT decision-makers across this sector are aware of what needs to be done to change this. Nearly two thirds (66%) said that they expect innovative technology will have an important role to play in ensuring regulatory compliance for financial services businesses over the next five years.

“It’s clear that financial services businesses increasingly understand just how crucial it is to actively innovate in order to address the challenges presented by the latest industry regulations,” says Dillane, “and the good news is that we are starting to see evidence on the ground that they are seeking out new solutions to help ensure their compliance.”

(Source: InterSystems)

With one in three bank staff now employed in compliance, and financial institutions groaning under the pressure of an ever-increasing regulatory burden, 2018 is set to be the year that RegTech rides to the rescue, stripping out huge cost from banks’ processes.

In the same way that nimble start-ups introduced FinTech to the financial sector, the stage is now set for the same tech-savvy entrepreneurs to apply the latest technology to help tame the regulation beast. 

The challenge is even more pressing now, with the arrival of an alphabet soup of blockbuster regulation including GDPR, MiFID II and PSD2, which will stress institutions like never before.

What is RegTech?

Deloitte has set high expectations for RegTech, describing it as the use of technology to provide ‘nimble, configurable, easy to integrate, reliable, secure and cost-effective’ regulatory solutions.

At its heart is the ability of ‘bots’ to automate complex processes and mimic human activity. And RegTech start-ups are already using robotic process automation to translate complex regulation into API code using machine learning and AI.

The holy grail of RegTech, however, is to strip out huge layers of cost and dramatically lower risk by developing and applying complex rules across all business processes in real-time, automating what can otherwise be an expensive and highly labour-intensive job. Simply put, RegTech promises to do the job faster, cheaper and without human error.

Behavioural analytics

Just like its FinTech cousin, RegTech is already being used for a surprisingly wide range of applications, for example banks are using behavioural analytics to monitor employees, looking for unusual behaviour patterns that may be a tell-tale sign of misconduct.

Brexit will also present a golden opportunity for agile RegTech start-ups whose tech solutions can adapt and transform quickly according to the new regulatory landscape, while traditional institutions struggle with the pace of change.

Unlike FinTech however, which has largely been focused on B2C solutions, RegTech start-ups have to work much more closely with traditional financial institutions. That’s because capital markets are a highly complex, regulated area, where institutions are cash-rich and where access to funding is critical if vendors want to disrupt.

Bespoke solutions

Traditional institutions are also more likely to need solutions that are specifically tailored to the challenges they face, rather than the one-size fits many approach developed by FinTechs. For example, they rely on many different data systems, and this torrent of data often makes it difficult to compile reports to deadline for regulators – a perfect challenge for a RegTech start-up.

RegTech could well be the cavalry, riding in to save the investment management industry from the increasing amount of data being produced that financial regulators want access to. A significant amount of this data is unstructured, making it difficult to process, which adds a greater level of complexity. The flow and complexity of this data is only going to increase, and with it the challenge for banks.

Financial institutions are increasingly pulling out all the stops to crunch data and meet the regulator’s next deadline and in this high-pressure environment teams are not necessarily developing the strategic overview needed to streamline their IT architecture in order to reduce operational risk.

Compliance at speed

RegTech promises to automate these processes, making sense of complex interconnected compliance rules at speed, making compliance more cost effective, while reducing the chance of human error.

It also promises to dispense with the current time lag between a period end, the collection of data by the institution and assessment by the regulator – a process that is always backwards looking.

Under the RegTech model, powered by data analytics and AI, information is in real-time and self-correcting to ensure the regulatory process remains dynamic and relevant.

The scale of the advantages promised by RegTech, are such that banks successfully harnessing its power will strip out huge amounts of cost from their processes, which can then be invested in business-critical innovation, giving early adopters a clear competitive advantage over the rest of the market.

-

John Cooke, Managing Director

Black Pepper Software