With legislative concerns at the top of compliance teams’ to-do lists, there has never been a greater call for innovative solutions to help organisations stay on the right side of the law. Regulatory technology, or RegTech, allows companies to implement a more agile and automated approach to compliance and this is reflected in its leap in popularity, with the market that was worth €14.45 billion in 2020 and projected to hit €80.31 billion in 2026.
The World Economic Forum described RegTech as the “application of various new technological solutions that assist highly regulated industry stakeholders, including regulators, in setting, effectuating and meeting regulatory governance, reporting, compliance, and risk management obligation.”
As the nature of compliance risks develops, so does the functionality of the digital solutions to mitigate them. This article explores RegTech trends that can help you navigate the compliance landscape.
1. The importance of RegTech in today's regulatory landscape
The world has faced a wide range of challenges throughout the 21st century. One prominent example is the financial crisis of 2007 and 2008 which particularly sparked regulators into taking action to find ways to ensure the integrity and fairness of the markets. Since then, the world has also had to deal with inflation, the COVID–19 pandemic, conflicts across the globe, the rise of misinformation and changes to the way we work. These have all combined to ensure governing bodies are continually creating and updating legislation to match the pace at which the business world develops in turbulent times.
Over the last decade, compliance teams in the European Union have had to integrate new measures into their workflows to meet obligations on a range of new directives and regulations. They include the following:
Legislation |
Intention |
To protect investors by preventing market abuse that can lead to an unfair advantage in the financial markets. |
|
To ensure that companies that sell financial products and their employees do so in the best interests of their clients. |
|
To protect whistleblowers against punishment for making reports. Requires in-scope companies to implement confidential whistleblowing reporting channels and anti-retaliation measures. |
|
To regulate how organisations collect and store people’s personal data and information. |
In addition, there is a host of considerations forthcoming legislative concerns for EU organisations, including:
- AI Act
- Markets in Crypto-Assets Regulation
- Corporate Sustainability Reporting Directive (CSRD)
- Corporate Due Diligence Directive (CSDDD)
- Capital Markets Union
- Amendments to MAR and MiFID II through the EU Listing Act
- EU Retail Investment Package
- The first Anti-Money Laundering Regulation and the sixth AML Directive.
Meeting all of the requirements of each piece of legislation for which the company is in scope is becoming ever more complicated. So, the ability to use smart tech solutions to handle the workload is beneficial to compliance teams.
2. RegTech trends
2.1 Increased spending on RegTech
Companies are already increasing their spend on RegTech and that is not going to stop. Given the figures quoted above, the market will witness a compound annual growth rate (CAGR) of nearly 24% by 2028.
One of the reasons behind this is that strict regulation is no longer thought of as being necessary only for the financial sector. It is understood that many more types of businesses have a hand in maintaining compliance.
In the words of analyst firm Publicis Sapient’s head of financial services for research, David Donovan: “Widespread adoption of RegTech is a significant trend, moving beyond its initial use by challenger banks and fintech companies to now include traditional banks, law firms and real estate firms.”
With sanctions for contravening MAR of up to €5 million for individuals and €15 million for organisations, for example, it makes sense that increasing spending on tech solutions to remain compliant is still much more cost-effective than risking receiving fines.
2.2 Proactive risk mitigation
There is a risk that compliance management can become too reactive. It traditionally relies on audits to find out how well the company has performed against compliance, rather than being proactive and foreseeing the challenges ahead.
It stands to reason that knowing what future risks comprise and being able to position your compliance team accordingly will result in fewer fines and a more conscious compliance culture within the business.
Anuradha RK, business head at Iris Carbon, compares reactive compliance with proactive compliance: “Proactive compliance [is] a more holistic method, maps processes, controls, audits and risk plans back to the business. Being dynamic in nature, it re-evaluates risk every time there is a change and prepares mitigation plans accordingly.”
RegTech facilitates this by automating tasks such as the pre-clearance of employee personal trades in financial instruments to ensure staff at investment firms and other institutions do not make transactions that cause a conflict of interest with their clients.
2.3 Real-time tracking
As the business world faces ever-increasing challenges, regulators must respond by implementing new legislation and updating current regulations. For example, the electronic IDentification, Authentication and trust Services (eIDAS) Regulation only came into force in 2016 in the European Union, but it is already being revised and embellished. The forthcoming eIDAS 2.0 has already been published as the technological world has advanced so much since the original legislation came into force.
Thomson Reuters found in its Cost of Compliance Report that there has been a 500% increase in the compliance burden over the last decade, with a new regulatory update appearing every seven minutes.
Cloud-based RegTech can adjust to the compliance landscape in good time, as its features are updated to meet the evolving requirements. It can also track and reconcile large amounts of data, which helps with reporting for laws such as MiFID II.
2.4 Integration of AI and machine learning
Artificial intelligence (AI) is being adopted for a multitude of functions across a broad range of industries and its use as part of RegTech is helping compliance teams by taking away time-consuming tasks that were previously performed manually.
Tobias Adrian, financial counsellor and director of the International Monetary Fund’s (IMF) Monetary and Capital Markets Department says: “We see significant potential for AI to improve the soundness and integrity of the financial sector. Advances in AI over the past few years are reshaping risk and compliance management by leveraging broad sets of data, often in real-time, and automating compliance decisions. This has improved compliance quality and reduced costs.”
Adrian lists some of the use cases for AI and machine learning RegTech: “identity verification, AML/CFT, fraud detection, risk management, stress testing and micro-prudential reporting.”
2.5 Blockchain
Although blockchain technology is mostly associated with cryptocurrency, it is also suited to dealing with the security and data requirements of RegTech.
Blockchain creates a single source of truth for large volumes of data, to which all stakeholders have access, helping to make reporting and evidencing more streamlined. In addition, blockchain transactions are time-stamped and cannot be repudiated, which helps create an audit trail for regulators, if required.
Compliance teams can also use blockchain to monitor transactions and compliance activity, setting parameters to be able to act as soon as anything irregular occurs. You can use blockchain to automate reporting, saving manual work for the compliance team.
In her report on blockchain and its application in reducing the burden on the Know Your Customer (KYC) process that financial institutions must undertake as part of due diligence, Yvonne Lootsma says “blockchain can be used for the management of digital identities and has great potential for application in various fields such as in banking. Digital identities can be used to facilitate data exchange between financial institutions as well as exchange with third parties. An example of this is IDIN, an initiative developed by Dutch banks that allows consumers to use their banking ID with other merchants.”
2.6 Compatibility with business processes
One concern about the use of RegTech is that it has traditionally been held separately from core business functions. As if there are the daily tools that a company uses and then compliance requires users to break out of the workflow to perform tasks to tick the boxes of regulators.
However, the RegTech tools we use must fit into our processes in a more intuitive manner. For example, using insider list management software to ensure that you create lists in the correct, compliant format becomes the norm, rather than using a spreadsheet and checking the formatting retroactively.
Johan von Solms, writing a paper for the Journal of Banking Regulation, says “RegTech can provide an invaluable tool, in a business-as-usual environment, as well as in real-life stress events, such as the recent Coronavirus outbreak.“
2.7 Increasing regulatory pressure on SMEs
Traditionally, the compliance burden on small and medium enterprises (SMEs) has seen a relatively light touch applied. However, in recent years this has started to change. SMEs now find themselves having to adhere to legislation such as the local interpretations of the EU Whistleblowing Directive.
Whereas large corporations have more resources at their disposal, SMEs can struggle to fulfil all their obligations manually. For example, running whistleblowing channels and meeting the requirements for confidential investigations of reports on a strict timescale can be challenging without dedicated digital tools. This is one reason why SMEs are likely to invest in RegTech.
Eva Micheler, associate professor at the London School of Economics, says “If you are a medium-sized financial call centre with many workers in disparate places, technology that rewrites your scripts when regulation gets updated could be useful.”
She notes that small and medium companies are also in a unique position to capitalise, saying “Even well-funded entities operate on several computer silos. But maybe an SME would find it easier because they're digital-first and more agile.”
2.8 Cloud-based solutions
The fact that the same rules apply to companies of such varying sizes is also one of the drivers behind the rise of cloud-based RegTech solutions. Rather than all businesses paying the same amount for a licence for the company, using cloud tech, they can pay for what they use and increase capacity as they scale.
It also allows for greater security, with organisations not having to store potentially sensitive information on their own servers. By aligning with a RegTech solution that meets strict security protocols, the company can comply with data protection laws more easily.
Cloud computing is a major trend for organisations, with 70% saying that more than half their infrastructure is already in the cloud and 49% actively looking to move more functionality to the cloud. It makes sense to run RegTech in this manner.
3. Examples of using RegTech in various industries
- An investment firm is required by MiFID II to put in place a pre-clearance process for employees’ personal trades. Manually approving or declining certain trades would put a strain on the firm’s resources. The firm uses TradeLog, a platform for managing personal account dealing, to set parameters for what it deems acceptable trades that will not cause a conflict of interest with its clients. Employees are required to seek clearance through this platform before they trade using their personal accounts.
- An issuer occasionally has reason to delay the distribution of inside information. This means it has to draw up insider lists and inform insiders of their inclusion. The company is required to receive confirmation that the insider is aware of their inclusion, which can take up the time of the employee tasked with chasing up insiders. InsiderLog is a MAR-compliant insider list management software that automates sending reminders to insiders until they respond, alleviating the burden from the team.
- A company with 500 employees, many of whom work remotely, is required by law to implement an internal whistleblowing channel. It chooses IntegrityLog, an online whistleblower channel that allows all stakeholders to access the tool wherever they are and report misconduct that they witness in the course of their work.
4. Challenges and considerations
There are a number of challenges that companies may face when implementing RegTech, as well as issues to consider. The most common ones include:
- Employees and other stakeholders resisting the use of new technology. This requires you to sell the benefits to them and assure them that their work will not be disrupted.
- Integration with current procedures and processes. If the RegTech does not fit into the current workflow, it can cause issues with streamlining processes and improving compliance. Find options that are easily accessible and intuitive.
- Cross-border compliance challenges can occur where different countries have different interpretations of European Union law. Seek solutions that allow you to customise them for each jurisdiction in which you work.
- Balancing innovation with data protection requirements. This helps you ensure that you do not solve one compliance issue by creating another.
5. FAQ
5.1 How does RegTech differ from FinTech?
RegTech focuses specifically on leveraging technology to facilitate compliance with regulations efficiently and effectively. It aims to help businesses meet regulatory requirements through innovative solutions like automation, data analytics and artificial intelligence.
FinTech, or Financial Technology, on the other hand, is broader, focusing on innovating and improving financial services overall, including banking, investments and payment processes.
5.2 What are the key benefits of adopting RegTech solutions?
- Enhanced compliance efficiency: Automating compliance tasks reduces manual effort and the risk of human error.
- Cost reduction: Streamlining compliance processes leads to significant cost savings by minimising the need for extensive manual oversight.
- Improved risk management: Advanced analytics and real-time monitoring capabilities enable better identification and mitigation of risks.
- Greater agility: Companies can adapt to regulatory changes more rapidly thanks to flexible and updatable RegTech platforms.
- Enhanced data security: RegTech solutions often incorporate advanced security measures to protect sensitive information and ensure data integrity.
5.3 What is the estimated growth rate (CAGR) of the global RegTech market for the next five years?
The global RegTech market was projected to grow at a CAGR of approximately 20-25% over the next five years. This growth is driven by increasing regulatory complexity, the need for more efficient compliance solutions and the widespread adoption of digital technologies across financial services and other sectors.
6. Conclusion
These RegTech trends show the importance of integrating technology into your compliance procedures to ensure that your company does not run the risk of breaking the law. The legislation in place aims to make the world of business a safer and fairer place, but it does create a burden for companies that technology can help to alleviate. Here are some tools that help you meet your compliance obligations:
- Using TradeLog for employee personal account dealing can reduce the need for human input in monitoring your employees’ personal trades. Request a demo of TradeLog.
- Using InsiderLog ensures you create insider lists in the correct format every time. The software also automates reminder emails until insiders acknowledge that they are aware of being added to the list. Request a demo of InsiderLog.
- Using IntegrityLog allows whistleblowers to report misconduct internally, confidentially and, if allowed, anonymously. Access to the case is limited to authorised individuals. Request a demo of IntegrityLog.
7. References and further reading
- What is a conflict of interest?
- What is delayed disclosure of insider information?
- What is employee trade pre-clearance software?
- What is an employee trade surveillance system?
- What is an insider list?
- More about TradeLog - personal account dealing platform
- More about InsiderLog - insider list management system
- More about IntegrityLog - whistleblower software
Share this post
Article Summary
- 1. The importance of RegTech in today's regulatory landscape
- 2. RegTech trends
- 2.1 Increased spending on RegTech
- 2.2 Proactive risk mitigation
- 2.3 Real-time tracking
- 2.4 Integration of AI and machine learning
- 2.5 Blockchain
- 2.6 Compatibility with business processes
- 2.7 Increasing regulatory pressure on SMEs
- 2.8 Cloud-based solutions
- 3. Examples of using RegTech in various industries
- 4. Challenges and considerations
- 5. FAQ
- 5.1 How does RegTech differ from FinTech?
- 5.2 What are the key benefits of adopting RegTech solutions?
- 5.3 What is the estimated growth rate (CAGR) of the global RegTech market for the next five years?
- 6. Conclusion
- 7. References and further reading