The regtech space is in for a major shake-up, with the FCA‘s new Consumer Duty regulations coming into effect in two months. This presents an opportunity for financial institutions to adopt a new approach to compliance and regulation.
The pandemic catalysed change in the regtech industry – the level of development was unprecedented. But to suggest the industry was stagnant prior to covid-19 would be incorrect. To get a bigger picture of the regtech landscape, and find out how drastic this development really was, we reached out to the industry to find out how the role of compliance has evolved over the last decade.
Not just one industry-defining trend
John Joy, CEO and managing attorney at FTI Law, the whistleblower law firm, does not think one factor has dictated regtech’s development. Rather, “the role of compliance over the last decade has tracked two significant trends.”
Joy explains: “First is the enormous rise in corporate enforcement actions which have led to companies placing increased emphasis on compliance and internal controls. With respect to this factor, the role of compliance personnel has become more important within organisations. Compliance departments are typically larger and better staffed than they were ten years ago.
Migration to digital communication
“The second trend that has shaped compliance has been the proliferation of business software and the migration to digital communication and record keeping. Email has been the norm for some time now. However, the widespread availability of affordable software for almost every other facet of business administration has significantly changed the role of compliance.
“With invoice and expense approvals becoming digitally run and managed, compliance personnel have had to become experts in business administration software and IT systems in order to keep pace with the challenges of their role. This is particularly true when it comes to drafting new policies.
“Previously, policies would be drafted so that they could be read and understood by individuals who were processing invoices and similar documents. Now, compliance policies need to be coded into the software that the business is using on a daily basis.
“For example, rather than an expense policy which instructs a person to seek a manager’s approval, compliance professionals now need to work with IT. Together they will code the expense approval software to electronically seek the approval of certain managers. This has led to compliance personnel becoming some of the most well-informed individuals in an organisation on the internal process and administration software.”
A new seat at the decision-makers table
The fintech industry has undergone and is continuing to go through a massive culture change. Previously, it was very difficult for some to get into the field and work their way up within a company. Now though, organisations are starting to look inwards for guidance on how to progress. Liudas Kanapienis, CEO and co-founder of Ondato, an AI solutions provider streamlining KYC and AML-related processes, identifies how compliance officers are having more impact when it comes to decision-making.
“Over the last decade, the role of compliance has become critical. During this time, compliance officers worked directly with the board of directors or CEO to help overcome unique challenges. They are, among others, ensuring that clients are genuinely who they claim to be (KYC and KYB). In turn, they’re preventing money laundering (AML), maintaining proper record-keeping processes, and reducing expense onboarding processes.
“Keeping up with ever-changing rules and regulations is one of the significant challenges, especially for companies operating in multiple countries. For instance, governments worldwide imposed new sanctions against Russia in 2022, requiring businesses to allocate substantial resources, amend existing internal policies and ensure technical implementation to comply with new regulations.
“The regulation of crypto-asset service providers with the European Commission’s regulation of Markets in Crypto-assets (MiCA) is another thing to consider. Looking ahead, we expect the establishment of a new, dedicated anti-money laundering authority (AMLA) aimed at starting most activities in 2024.”
Views towards compliance are not keeping up with regulations
There are many positives to take from the past decade of regtech. However, to say it has been without its faults would be wrong. Using GDPR as an example, Rory Yates, SVP corporate strategy, global, at insurtech, EIS, explains how customer relationships have not been improved like they could have been: “Regulation has changed considerably, but the way the business views compliance has not.
“This has slowed progress and made it difficult to grasp the potential regulation offers. In this last decade, for example, we’ve seen GDPR treated merely as a burden and tick-box exercise rather than a chance to change the data model and form vastly better customer relationships.
“This must change. Compliance should be seen as an enabler, holding our commercial drive to account, not stifling but guiding us to find the balance between risk and value exchange. Ultimately, regulations like the General Insurance Pricing Practices (GIPP) and Consumer Duty in insurance ensure that consumers are protected and build the trust needed to drive adoption.”
Ukraine case study
Daniel Globa is a deputy director general for legal affairs at YouControl, the open data service provider. Speaking to The Fintech Times, Globa uses Ukraine as an example of how compliance has evolved this past decade.
He said: “The role of compliance in Ukraine has evolved significantly over the last decade. Compliance has become a much more important part of doing business. Many companies have established dedicated compliance departments or hired external compliance consultants to help them navigate the complex regulatory environment.
“Compliance professionals in Ukraine are also increasingly engaging with international organisations and attending conferences and training programs to stay up to date with best practices and emerging trends.
“Overall, the role of compliance in Ukraine has evolved from a largely overlooked function to a key component of risk management and corporate governance. While there is still work to be done to improve regulatory enforcement and counteract corruption, the progress made in recent years is a positive sign for the future of compliance in Ukraine.”
Adapting to UMR and EMIR
John Pucciarelli is the head of industry and regulatory strategy, Acadia, an integrated risk management service provider. Pucciarelli explains: “In the derivatives space over the last few years, compliance requirements such as The Uncleared Margin Rules (UMR) and the European Market Infrastructure Regulation (EMIR) have introduced new obligations for firms trading derivatives both cleared and uncleared. The final phase of UMR was in September 2022, however, firms are by no means out of the woods.
“The need for firms to comply with regulatory requirements such as a yearly AANA calculation and SIMM recalibrations and backtesting remains an ongoing responsibility firms will continue to adhere to under UMR.
“With EMIR, while it aims to increase transparency across the OTC derivatives market as well as reduce the operational risk for market participants, meeting the requirements poses significant technical and regulatory challenges for firms.
“There is no doubt that compliance to UMR and EMIR will remain an essential driver for firms looking to operate in the most optimised way and that the technologies developed (and being developed) will be key to helping such firms navigate an ever-changing regulatory landscape.”
An everchanging landscape
As the landscape continues to evolve, Sean Wagner, founding partner at Wagner Hicks PLLC, a corporate law firm that focuses on compliance, provides one example of how organisations can better prepare themselves to deal with these changes:
“Regulatory compliance teams have faced a difficult and uncertain landscape over the past decade, including inconsistent state or federal regulatory frameworks, operational complications, and questions around pending regulatory changes.
“While there is no simple solution, there are some practical steps that compliance professionals should consider to mitigate and succeed despite these challenges.
“For example, when dealing with regulatory requirements in multiple jurisdictions, we generally advise our clients to operationalise a single process that is sufficient to satisfy the regulatory requirements for the most restrictive regulatory provision, as opposed to having different processes for different jurisdictions. This high-level approach often makes it easier to expand into new jurisdictions without changing company policies.