Call for input: The seven categories of RegTech or the attempt to categorise its players
Fair warning! It probably is a futile attempt to provide another categorisation of RegTech firms and their activities. This for two reasons: Most RegTech firms don’t put all their eggs in one basket but combine their offering and aim to provide a holistic approach. Secondly, considering the pace of developments in the sector, the result may soon be out-dated (if not already), especially with the progress of innovations in artificial intelligence, machine learning, data visualisation and, of course, the application of blockchain technology and smart contracts.
Includes solutions that focus on traditional transaction and regulatory reporting obligations. Trade and Transaction Reporting rules compel financial firms to submit data to exchanges and regulatory authorities. Regulatory Reporting is necessary to monitor the safety and soundness of the financial system and the compliance of its participants with its rules. Following the financial crisis, lawmakers and financial watchdogs have issued numerous new rules and thus raised the bar for firms to comply with their obligations. For instance, MiFID II, the revision of the EU’s Directive on markets in financial instruments that will apply from 2018 on, increases significantly the already challenging obligations of financial institutions in respect of what they have to report already. Needless to say, that MiFID II is not the only regulatory initiative added to the mix because of the regulator’s appetite for transparency; many in the industry believe that without innovative solutions firms may not be able to comply with their responsibilities in terms of reporting.
Covers checks to determine whether transactions breach Anti-Money Laundering (AML), Market Abuse or Payments regulations as well as for the purpose of Fraud prevention and detection. Rules with regard to AML and Combatting the Financing of Terrorism (CFT) require firms to employ software to prevent and report such activities like Currency Transaction Reporting systems that monitor large cash transaction. Other systems are used for the surveillance of other suspicious activities, for example, in relation to insider dealing or market manipulation. RegTech aims to automate these processes and provide better analytics, sometimes using artificial intelligence and machine learning to do so.
Consists of products and services that aim at the education of staff on subjects like laws and regulations, governance, internal policies, which apply to their day-to-day responsibilities. Regulators expect financial firms to train their employees on a wide range of topics including AML, Financial Crime, Compliance-related aspects like Conflicts of Interest, Market Abuse regulations, Anti-Bribery and Corruption, or IT and Cybersecurity. Of course, this list is not comprehensive and depends on the nature of the business of a financial institution. Thus it is not surprising that a large group of start-ups as well as established players try to cover this field, mostly through online platforms in different formats. Gamification of learning, i.e. the attempt to package the content of training into the form of a game, is one of the latest trends to motivate participants to study by using video game design and game elements in learning environments.
The activities of firms often overlap and aren’t limited to one category
Legal and Regulatory Analysis
Deals with the identification and interpretation of laws and regulations applicable in the financial services industry. Solutions could also identify gaps in existing systems and controls, assessing and highlighting risks for an institution. Laws, regulations or guidelines oblige firms to maintain internal controls and governance systems as well as established policies and procedures that define and describe these. An example would be a Personal Account (PA) dealing policy in combination with the recent Market Abuse Regulation (MAR) of the European Union: financial firms are required to establish a PA dealing policy and with the introduction of MAR significant aspects have changed. A RegTech solution could not only analyse the new regulation and alert the user to required changes to a policy but also advise on impact in respect of staff training.
Client and Counterparty Identification
Focuses on the gathering and processing of the necessary information of a financial firm’s clients and counterparties for Know-Your-Customer (KYC), Anti-Money Laundering (AML) and Due Diligence purposes. The process of client on-boarding for banks is often burdensome and time consuming. It can take from several times to often weeks before checks are completed and a client can be approved for business. It is also one of the areas where the application of blockchain technology promises to bring significant time and cost savings, but that is only one of the angles RegTechs take when they try to come up with ways to improve the status quo.
Regards the access and management of data. The simple storage of the massive amounts of data that financial firms create, receive and have to collect is a challenge by itself, be it through onsite database centres or cloud computing. With many offerings in the sector, there is an overlap with other categories, in particular with the reporting and monitoring of data as it is only logical to attempt to combine data management with analytics, but in this category the focus is on storing and making data accessible.
Deals with all solutions that aren’t already classified in one of the other categories or deal with new trends and aspects that don’t fit into those. Regulatory risk modelling, scenario analysis and forecasting could be such activities or all actions to evaluate and oversee a firm’s internal culture and behaviour.
Oftentimes solutions do not fit into one bracket only, but could be put into several baskets and most firms focus on several aspects to disrupt the industry through RegTech innovation.
Do you agree? Do you think we have missed something or should have done it differently? Let us know at firstname.lastname@example.org