The European Banking Authority (EBA) has recently published an analysis looking into the RegTech landscape in the EU. The report assesses the many benefits, challenges and risks of the use of RegTech in the EU and lays out the steps to be taken to support the sound adoption and scale-up of solutions in this sector. The study also proposes actions designed to enhance the knowledge and skills of the competent authorities (CAs).
ESMA has also published a report on Trends, Risks and Vulnerabilities of the Financial sector dedicating a part on RegTech and SupTech and the change for Markets and authorities. This report highlights that market participants are increasingly using new automated tools in a variety of areas, while potential applications of new tools for regulators include greater surveillance capacity and improved data collection and management.
When technology is used for compliance, it is called Regulatory Technology or ‘RegTech’. Regtech is defined as any range of applications of technology‐enabled innovation for regulatory, compliance and reporting requirements implemented by a regulated institution – with or without the assistance of RegTech provider.
RegTech solutions in Financial Institutions (FIs) and Investment Firms (FI’s) are currently evident in:
- Anti-Money-Laundering and Countering the Financing of Terrorism (AML/CFT) – for example, providing solutions for sanction screening or remote onboarding of customers.
- Fraud prevention – through automated behaviour and transaction monitoring.
- Prudential reporting – supporting institutions in their regulatory submissions.
- ICT security – providing detection mechanisms for an institution’s operations security.
- Creditworthiness assessments – providing new capabilities for assessing the creditworthiness of clients.
- Regulatory Reporting – supporting institutions in their trade reporting.
- Risk Management
According to financial organisations using RegTech solutions, their key benefits are improved risk management, better monitoring and sample capabilities, and a reduction in human error. At the same time, RegTech providers place heavy emphasis on their ability to increase efficiency and effectiveness and quell the impact of ongoing regulatory change.
Some of the increasing disparities in perspective between financial institutions (FIs) and RegTech providers suggest that further research of the benefits afforded by RegTech solutions is required.
ESMA also believes that the move towards a more data-driven and pro-active approach will enhance monitoring of the financial sector and help ensure better outcomes for market participants and consumers. The continual push for efficiencies and cost savings, particularly for back-end and legacy systems as well as for labour-intensive processes will increase the use of RegTech in the foreseeable future.
EBA highlighted that when not implemented correctly, RegTech solutions may also generate risks for FIs that would need to be identified, monitored and managed. These risks may relate to, for example, compliance, concentration, business continuity, ICT and security, reputational issues, internal governance, conduct and consumer protection, and/or technology.
RegTech may also create new risks for CAs supervising FIs. These include potential difficulties in assessing the effectiveness and reliability of the technological solutions used by FIs, and a potential lack of skills and tools needed to supervise the use of technology enabled RegTech solutions and, say, audit the underlying algorithms.
ESMA focused on the risks and challenges for regulators and market participants in the areas of data collection and management, digital transition and failure on the part of market participants to adapt to the new digitalised infrastructure and the need from regulators to invest in the technological tools and human skills that will allow them to effectively analyse the results, operational risks and the risks from strategic incentives such as developing expertise in RegTech.
The EBA report suggests that the majority of challenges to RegTech market development involve internal factors within the FIs and providers. Likewise, ESMA considers most of those challenges to apply for FIs. However, a lack of common regulatory standards across the EU could also constitute a barrier to the wider market adoption of RegTech solutions.
The main challenges from the FI perspective are summarısed as follows:
- Data-related challenges and cybersecurity threats: FIs often indicate data quality, data privacy and protection, lack of data integration, data availability, and lack of data standardisation and harmonisation as issues.
- Interoperability and integration with the existing legacy systems: FI legacy systems and processes have too many silos, making RegTech adoption difficult, and this is further compounded by doubts about the ICT capacity of FIs to support FinTech, RegTech, and InsurTech solutions.
- Changes to regulation: changes with national or international regulations and other regulatory challenges can be another key barrier to RegTech adoption.
- Costs and procurement process: RegTech solutions seen as part of compliance and usually treated as a back‐office function may be at risk of underinvestment.
- Lack of necessary skills and training: when working with either in‐house or external RegTech solutions, FIs need specialists, e.g. data scientists and engineers, to be able, where relevant, to scout, assess, operate, and maintain updated RegTech solutions.
- Perceived immaturity of RegTech providers’ solutions: FIs that see RegTech as a potential competitive advantage often cite the lack of available and mature RegTech solutions as a challenge.
Challenges from the RegTech provider perspective include:
- Lack of technological capabilities – the lack of some clients API capabilities and lack of standardisation are perceived as obstacles for technical integration.
- Security, data privacy and protection issues – privacy regulation may be one of the key constrains for FIs from sharing datasets with RegTech providers.
- Changes of national and international regulation – complex and continuously evolving regulatory landscape is perceived as a challenge, in particular on prudential reporting, fraud prevention and AML/CFT.
- Cost of user acquisition – a challenge, especially for recently established and smaller RegTech providers.
- Lack of FI understanding of RegTech solutions –it appears to RegTech providers that FIs may not be fully aware of all advantages that RegTech solutions may bring.
- Lack of harmonised legal and regulatory requirements – RegTech providers perceive the lack of harmonisation of regulatory requirements across the EU and the lack of regulatory data standards to be obstacles for wider market adoption of RegTech solutions.
- Clarity of regulatory/supervisory guidance – RegTech providers consider the lack of regulatory/supervisory guidance and support can be an obstacle preventing the roll‐out of their solutions across different countries.
- Competition with other solutions – a high level of industry competition with other solutions, detailed in segments where RegTech providers offer comparable solutions.
What’s needed to better adopt & scale up RegTech solutions
The EBA proposes several steps to support the adoption and scaling up of RegTech solutions. These include boosting RegTech knowledge, addressing the skill gaps among regulators and supervisors, supporting the convergence of supervisory practices, providing clarity on market expectations, and harmonising the legal and regulatory requirements.
How can MAP FinTech assist?
MAP FinTech grants you full transparency, security and reconciliation over your regulatory reporting processes to prove to both CAs and senior management that you retain complete oversight over your firm’s reporting function.
Furthermore, we can assist with accurate and error-free regulatory reporting, keep you insulated from change in a fast-paced environment, and help you remain 100% compliant.
With our expertise and innovative solutions, you can simplify compliance and efficiently manage your increasing regulatory requirements, thereby reducing your operational burden and minimising the risk of non-compliance.
You may contact our team of experts for more information.