RegTech and Regulators or the Sandbox isn’t for everyone

As a subset of its bigger sibling FinTech, RegTech was going to attract the attention of regulators sooner or later. Since the main objective of Regulatory Technology is to help financial institutions with the regulatory burden, it should a good thing when authorities and firms work together.

What would be more obvious then to apply the Regulatory Sandbox concept that has been praised for its use with FinTechs. Just to recap, the Sandbox allows businesses to test innovative products, services, business models and delivery mechanisms in a live environment. In its first round the FCA last year accepted 24 firms, which were predominantly focusing on providing financial services. This is not surprising since RegTech in comparison is smaller than FinTech and the initial focus was on solutions that disrupt the banking industry such as payment systems and lending platforms, but also because the Sandbox provides a space for firms to test their services that would normally have to be regulated. For many of the services and solutions offered by RegTech firms this is not necessarily the case, so they might not even be eligible for inclusion. It should be noted, however, that the FCA does not stop here in its efforts to promote innovation. The Regulatory Sandbox actually is only part of its larger program entitled Project Innovate and Innovation Hub, which contains specific measures and events for RegTechs like the FCA’s latest TechSprint in November 2016 that focused on the topic of ‘Unlocking Regulatory Reporting’. The event brought together a cross-section of firms, including financial services providers and technology companies, to develop technology ideas to help address the cost, efficiency and effectiveness of regulatory reporting.

Regardless of these subtleties, the general consensus seems to be that the Regulatory Sandbox is the way to go and some jurisdictions have already picked up on the idea. Our recent publication “The Planet Compliance RegTech Directory” provides, among other valuable insights on the RegTech sector, an overview of the efforts of regulators around the globe. Not all regulators, however, have chosen the Sandbox approach: some because they may simply be slow to implement it or need more time to analyse its implications, while others choose a different approach – either by choice or because of necessity.

A unique opportunity

Before we get to this we would like to highlight that RegTech is not only helping financial firms though; it may equally be a unique opportunity for regulators themselves. For example, regulatory technology could be used to monitor automatically whether firms comply with certain rules. Take blockchain technology which has been touted as means of alerting authorities in real-time by using smart contracts that automatically trigger a notification if a certain requirement is fulfilled could be one way to employ RegTech directly for regulatory oversight.

The use cases aren’t limited to direct implementation of regulatory technology: RegTech could also be used to help with designing future regulatory structures itself. For instance, something that often comes up in our conversations with financial firms and RegTechs alike is that, as a first step, the authorities could provide regulations and other documents in machine-readable form. This would make it significantly easier to automate and track regulatory change. Just to give you an idea of the potential, imagine a scenario where lawmakers amend existing rules in the form of regulatory data that is directly processable by the systems of financial firms who in turn could amend their internal setups, update policies and reporting mechanisms automatically and so on.

Why then don’t all regulators embrace RegTech with open arms? Well, unfortunately it isn’t that simple as our interview with the German financial watchdog, the Bundesanstalt für Finanzdienstleistungsaufsicht or BaFin, about the authority’s views on RegTech and approach, shows.

BaFin had already rejected the idea of a regulatory sandbox in the wider discussion on FinTechs regardless the popularity the concept had received in other jurisdictions. While the BaFin’s approach may surprise, it is important to understand the difference in the setup of the German regulator in contrast to other authorities like the FCA. When we talked to Mario Kyriasoglou, Press Officer at BaFin, in order to get a better understanding, he pointed to BaFin’s role as port of call for FinTechs: if, on one hand, a firm’s business model and activities are already subject to regulations and the firm seeks to guarantee and optimise its regulated activity; on the other hand, BaFin also advised firms who are not sure if and how regulations apply to their products or services. He stressed that especially in the field of FinTech several examples show that successful unregulated business models exist that add value for their clients.

Why RegTech is different

RegTech is different though since in most cases the business models of RegTechs are not subject to regulatory supervision as we’ve already mentioned above. “The responsibility for ensuring that when employing one or more RegTech solutions the principles of proper business conduct are respected remains with the supervised institution”, he said. BaFin, in its function as a financial market supervisory authority, is not responsible for RegTechs and would therefore only act against the regulated financial firm; theoretically though, it would be conceivable that the BaFin would also act against an external RegTech company, for example, if the prompt dissemination of a faulty RegTech solution would need to be prevented in order to avoid numerous regulatory violations.

While Kyriasoglou emphasized that BaFin is however going to deepen its dialogue with the RegTech industry in order to develop an even better understanding of the potential for meeting reporting requirements, he also made it clear that BaFin’s setup differs from regulatory authorities in other countries. Unlike the FCA, for instance, the German financial watchdog has no mandate to promote innovation in the same manner. This also explains why a regulatory sandbox would be unthinkable in Germany given the current circumstances and legal structure. “In Germany, the promotion of innovation in the sense of technical development is traditionally more a matter of research and development centres”, he explained. At the same time, however, BaFin aims to closely monitor the development and not hindering meaningful solutions. “A RegTech solution is, in any case, sensible if it has a tangible practical value for the supervised or supervisory authorities and is in accordance with the relevant supervisory practice”, the press officer added.

Kyriasoglou also pointed out that “a larger portion of RegTech’s development does not necessarily stem from start-ups, but more often from large IT companies, audit firms (e.g. Big 4) or other consulting houses”. Something that is also highlighted by IBM’s recent acquisition of Promontory, the financial consultancy, which it wants combine with cognitive capabilities of Watson, its artificial intelligence system.

He made it clear though that BaFin is generally supportive: “Whenever there will be functional and market-capable RegTech solutions that require the involvement of supervisory authorities and regulators, e.g. By RegTech-compatible design of reporting requirements, BaFin will be glad to participate in the concrete discussion.”

When asked about BaFin’s on whether RegTech presents a unique opportunity for regulators as well, Kyriasoglou agreed that supervisory authorities might use innovative RegTech solutions in the extraction and analysis of their own data stocks. “On the whole supervised financial firms are going to be the main beneficiaries”, the Press Officer added. Thus, RegTech would also have an impact on BaFin’s regulatory practices. In this respect, there is also an opportunity for the supervisory authorities to ensure that RegTechs lead to a quality increase in the reported data sets and thus increase their meaningfulness and usability.

While the technology development in RegTech is remarkable, the development is, according to Kyriasoglou, when viewed realistically, however, still at an early stage and he pointed to the European Commission’s establishment of a Task Force on Financial Technology as recent as November 2016. He went on to say that the expectation that RegTechs can solve the regulatory requirements practically by means of a “button” for the supervised companies might certainly be unrealistic. “While RegTechs offer to analyse and implement regulations, extract, analyse and store data, monitor employees and customer behaviour, such as solutions that provide information for stress tests, aggregation of data on risk, KYC requirements, and monitoring of traders.” He also stressed that eventually the supervised firms themselves have to assess whether and at what point it is appropriate for them to be supported by a RegTech.

Bottom line

It certainly is an interesting case and it could be seen as an example of structural issues amongst authorities, something that is lamented in the United States, too, where several state and federal financial watchdogs do not seem to communicate or collaborate to encourage innovation as well as they should in the eyes of their critics; it could be seen as a case of a regulator that is simply behind the curve; or it could also be seen to illustrate that not one size fits all and that sometimes a different approach might be required. While we think that the German regulator certainly could do more, so could most authorities and one should not forget that often it is also a question of resources. So we leave it to you to decide for yourself, but in any case would encourage all regulators to grasp the huge opportunity RegTech represents for the industry and authorities alike – whether in- or outside the box.

If you want to know more about how other regulators worldwide approach RegTech, read our in-depth analysis we published as part of the PlanetCompliance RegTech Directory, which contains more valuable insights and more than 150 RegTech company profiles. The PlanetCompliance RegTech Directory, the most comprehensive guide to the RegTech industry, can be downloaded for free here.

 

One thought on “RegTech and Regulators or the Sandbox isn’t for everyone

  1. Pingback: Planet Compliance