Over the past two decades, the rules governing financial services have become much more onerous, leading more organisations to rely on tech vendors to process vast swathes of data and report to exact standards. As such, the regtech sector has blossomed, with vendors popping up to offer assistance across functions.
Yet for UK based financial market participants, Brexit may mean a new set of requirements while the pandemic has cast a shadow over long term market stability.
In order to demonstrate close compliance with regulators, more firms are using monitoring and retention services to capture all assets and verify obedience in accordance with the law at any given time. The need to do so will become more prominent next year, as the Financial Conduct Authority (FCA) looks for more transparency in markets, meaning firms will need to engage more with regtech providers.
“The FCA Financial Crime Guide clearly recommends that financial services providers ‘conduct ongoing monitoring of its business relationships on a risk-sensitive basis’. Today, too many firms struggle to comply with the spirit of this rule as it was written due to outdated or inaccurate customer information and legacy technology,” says Justin Fitzpatrick, co-founder and CEO of DueDil.
Further, the FCA has stated that market abuse during this time will not be tolerated if breaches occur while firms practice remote working.
“I understand why it is often tempting for firms to look purely to the behaviours described in recitals in the Market Abuse Regulation (MAR) or to utilise ‘out of the box’ alerts from certain technology providers,” said Julia Hoggett, the regulator’s director of market oversight in a recent speech. “However, whilst that may provide assurance that you have followed a process, it may not provide assurance that you have effective controls in place to mitigate the risks that you actually face.”
The increased digitisation of financial services due to the pandemic means finance functions in major organisations are discovering they don’t have the in-house tools to leverage the volume of compliance required by regulatory bodies.
As more financial services providers embrace digital ways of serving clients, the solution, Fitzpatrick believes, is to invest in modern tools in the middle and back office.
“This will allow them to create a dynamic view of their risk exposure to their customers, and help identify opportunities deepen those customer relationships resulting in a win for both parties,” he says.
Over the past few years regulatory authorities have put a heightened emphasis on digital conduct culminating with the FCA announcement in April that a priority for 2020/21 will be ensuring consumers are “offered fair value products in a digital age”.
“This has been a consistent theme for a while now,” says Sam Roberts, head of digital marketing, MirrorWeb. “There are now so many facets that financial services companies, in particular, are struggling to keep up with it. Not only is the way that we communicate constantly changing so that firms have to continually adapt their digital portfolio, they also need to contend with the regulators snapping at their heels. That’s where RegTech companies come in.”
Using web and social media archiving software, firms can keep organised records of all digital activity to protect them against scrutiny from regulatory bodies.
Roberts believes there will be heightened competition in the sector as the pandemic accelerates digital transformation across all industries.
“There is going to be an increased focus on what you communicate as a firm and the use of tech is going to be much more prevalent; both from the regulator side in their ability to conduct surveillance and from the tech companies that will be trying to keep abreast with everything that is changing,” he adds.
The challenge of juggling current risk assessments with navigating a new regulatory landscape will be a huge concern for organisations from the very start of the new year.
A report published in November by Cappitech suggests that organisations are planning improvements for “better data quality, enhanced reporting knowledge and expertise, prioritising reporting processes and efficiency and enhancing Completeness, Accuracy and Timeliness (CAT) reporting, although there are concerns about firms’ ability to do this in light of reduced budgets and smaller businesses following the Coronavirus pandemic. When assessing solutions to achieve this, firms see merging reporting to single platforms and risk management as key decision-making drivers.”
For those companies that adopt internationally recognised ISO standards to assist with trading, the introduction of the ISO 27701 standard for privacy information means that it is increasingly important to choose tools that integrate related requirements and give compliance teams a clear view of their risks across the whole domain, says Camilla Winlo, director of consultancy services at DQM GRC.
“We expect to see a trend in this direction, as regulatory technology providers catch up with demand. Vigilant Software’s CyberComply has been designed to integrate ISO 27001 and data protection requirements so it gives a clear view of overall privacy and information security risks – but in general regulatory technology is currently highly specialised and has limitations in its ability to provide a true picture of risk across a whole domain.”
In September, the Consultative Committee of Accountancy Bodies (CCAB) released its updated anti-money laundering (AML) and counter terrorist financing (CTF) guidance. Reflecting the changes made to the UK’s Money Laundering Regulations the guidance permits and promotes the use of electronic identification and verification systems where certain criteria are met.
“This is a major step forward in the fight against fraud and money laundering as criminals are becoming increasingly clever in exploiting gaps within financial systems,” says Jane Jee, CEO of Kompli-Global.
“There is regulatory technology already on the market that makes the onboarding of a client simpler and easier because it does the heavy lifting, while human analysts use their AML expertise to offer the right information at the right time to the accountancy firm.
“By using such technology, accountants now have the most up-to-date and complete information to support its decision making whilst meeting its regulatory requirements. This is something I believe will become of increasing importance into 2021 as accountancy firms navigate both the complexity of the pandemic, as well as the innovative ways that criminals develop to exploit their systems.”