Like brakes to a bicycle, fintech must exist within the realms of regulation if it is to ditch its ‘wild west’ persona. Indeed, the adoption of various elements of the industry, like cryptocurrency, has ultimately suffered due to the lack of regulation that surrounds and supports them. Throughout the entire month of May, The Fintech Times will be dedicating its focus to highlighting the most current developments in this ever-perplexing and constantly-changing foundation of regtech.
Academia and government are taking the future of regtech very seriously
Nigel Cannings, CTO and founder of Intelligent Voice, said, “Historically, a lot of regtech investment focused on streamlining the onboarding processes for new customers, allowing KYC and AML checks to be automated to increase customer satisfaction and reduce risk. Combined with this was increasing investment driven by covid-related home-working of automated surveillance systems, particularly of voice/video channels, and we are seeing this increase as the technology matures as the ability to capture electronic communications becomes easier and costs are driven down via increased acceptance of secure outsourcing of monitoring platforms.
“These areas are narrow and very regulation focused, however. Recently, we are seeing more of a focus on ‘general’ risk, from cyber to, perhaps more interestingly, culture and ethics. There is an increasing acceptance that a toxic work environment is no longer tolerated by many, and it is believed to be responsible in part for the ‘Great Resignation’ that followed two years of pandemic: research by MITSloan backs this up. So there will be an increased focus on communications monitoring and network analysis to promote a more inclusive environment: a very delicate balance for a ‘Big Brother’ system to achieve!
“Interestingly, last week saw the launch at the House of Commons of the University of East London’s ‘Centre of Fintech’, focusing in part on the UK’s approach to the specific challenges of regulation of fintech in the post-Brexit world. This new initiative represents a bold new approach to bringing together academia and industry to help forecast and shape advances in and regulation of fintech, combining both the Schools of Business and Law and of Architecture, Computing and Engineering, which is a pioneering initiative.
“The keynote speaker was Ron Kalifa, OBE, who delivered a landmark report on UK fintech and regtech last year, talking about the financial services regulatory regime in the UK, and how this is being seen a framework that is being adopted across the world, focusing particularly on the compliance ‘sandbox’ approach that the FCA uses to help encourage the adoption of new Regtech technology.”
“It is clear that UK industry, academia and government are taking the future of regtech very seriously indeed.”
Blockchain can solve compliance challenges
Lars Seier Christensen, chairman of the Concordium Foundation and co-founder of Saxo Bank, says: “The biggest challenge in finance today is unquestionably compliance. Blockchain can solve many of these challenges.
“For example, a blockchain like Concordium offers a wide range of opportunities to meet compliance requirements. Let me mention a few examples:
- Access controls based on KYC digital certificates to ensure that only suited users can access complicated and sophisticated financial products.
- Transparency and a definitive audit trail for transactions, making it much more simple to monitor and regulate capital flows.
- Immutable and secure ID and KYC functions.
- Finality that will limit capital requirements by reducing risk exposure to minimal periods.
“When regulators and lawmakers fully embrace the blockchain opportunity, the world of finance will be a safer and much more manageable place. I think there are great benefits to merging traditional finance with the nascent blockchain industry.”
Analysing Confirmation of payee, open banking, customer security program and ISO 20022
Ed Adshead-Grant, general manager and director of payments at Bottomline, looked at the three main ways regtech trends were emerging in the UK.
“Confirmation Of Payee – the PSR leads:
“Remember this number: 71 per cent. That, according to UK Finance, is the percentage increase mid-year in Authorised Push Payment (APP) fraud from 2020 to 2021. The market is struggling with record fraud numbers and sorely needs intervention, which The Queen’s Speech covered in the Financial Services and Markets Bill on May 10th. This legal power will support consumers and businesses by helping to protect them against scams. For banks, it means a liability shift and more risk reviews. The bill enables the Payment Systems Regulator (PSR) to require banks to reimburse victims of APP fraud. As the APP fraud level approaches £1billion this liability change is one of the most impactful regulations, followed by the expected mandating of Confirmation of Payee (CoP) usage beyond the initial 6 banks, which will feature in the next PSR consultation.
“Open banking – the JROC leads:
“On 25th March, the UK’s Competition and Markets Authority (CMA) confirmed the creation of a new governing body involving the Payments Systems Regulator (PSR) and the Financial Conduct Authority (FCA) to monitor and standardise account-to-account payment services, which is the backbone of open banking. The Joint Regulatory Oversight Committee (JROC) will now oversee the future model of UK open banking, taking over from the initial CMA order. Many banks have started to move from a compliance mindset to one of competitive differentiation with the power of open banking. The innovation and competition outcomes desired by the initial CMA order has delivered since 2018, with over 250 approved open banking players (or Third-Party Providers) in the UK providing consumers and businesses with more choice and value. JROC needs to be functionally effective to make sure the market continues to evolve and deliver the envisaged benefits. Centralised oversight from two powerful regulators working together is a creative approach to get this done and ensure UK plc competes globally in the digital era of trade.
“Customer security program and ISO 20022 – SWIFT leads:
“Although not a regulator per se, SWIFT continues to prove its significance in global commerce by modernising its rule book and network at pace. The ISO 20022 standards it has been promoting to banks for over a decade now have, for the first time, real deadlines imposed for the infrastructure to implement it. The November 2022 date is key for the community to be ready. The magic sauce of network interoperability across the world will start to fade away and some messages simply not work, for those who do not ‘get their skates on’ and meet the ISO deadlines. Equally, with the rise of the ruthless cyber-criminal, the Customer Security Program (CSP) has become a mandated requirement for many aspects of the network across the world. The ecosystem needs to be robust, with any bad actors identified and expelled from the transaction flows. These outcomes can only be achieved through SWIFT’s global governance driving the ISO standards and security compliance across its membership.”
Automated model risk management tools
Louis Brown, head of data science and advanced analytics at Chetwood Financial said, “In terms of regtech, some of the most interesting areas include automated model risk management tools which are doing the workaround model monitoring, model validations, as well as model registers. As model risk has become such a large industry over the last couple of years it will be interesting to see how these tools progress. That said, the question remains around whether they will start classifying a model from a calculation?
“Model risk platforms are sometimes confused with model development platforms as they also try to cover the model management lifecycle and have monitoring and model registries usually packaged with them, offering a great tool to capture expected (from the developer’s side) issues in production. However, a good model risk platform has a few more bells and whistles, typically from a validation point of view, such as historical monitoring and may have the companies’ model policies coded into the system. The focus of model risk tools also is to create presentations or documents for senior management to understand the model risk for their whole modelling estate, considering that for large institutions, this can run into hundreds or thousands of models across different business areas. In contrast, a platform flags up an issue to be picked up by DevOps/MLOps on individual models, which might be reported to a model developer. It will be interesting to see if model platforms start integrating with model risk platforms.”
High-quality reference data needed to improve regtechs
Neil Samanti, COO at VASPnet, said, “While differences in regulation implementation between countries are nothing new, we are seeing a global trend in the establishment of industry-driven data and protocol standards and thus the interoperability of heterogeneous solutions. Regtech solution providers are noticing that their solutions are only as effective as the data provided. The old adage of garbage in-garbage out couldn’t be truer. Providers of high-quality reference data to supplement in-house or directly sourced financial, operational and counterpart data will allow regtech providers to supply their customers with a better quality of service.
“More specifically, the global landscape for virtual asset regulation is rapidly evolving as we see a rise in jurisdictions implementing regimes and identifying the risks associated with the use of innovative technologies. In cases related to the requirement to comply with FATF recommendation 16 (specifically the discovery of associated virtual asset address in a transfer), technical solutions are not yet feasible. This leads to an operational overhead that negates the value offered by blockchain technologies. Greater engagement with regulators to inform them of such challenges is now in the cards as we see consultative forums and TechSprints in various jurisdictions grow in popularity.”