Staying compliant with data regulation is more important than ever for organisations, as use of customer data becomes increasingly common, but it’s been common for compliance audits and checks to take longer than desired, leading to available time for other day-to-day tasks being eroded. However, many disruption trends have been introduced by Regtech, that have eased and accelerated regulatory processes.
With that in mind, this article will explore the biggest disruption trends that are occurring in the Regtech space right now.
1. Providing context
For digital technologies to succeed in bolstering compliance across organisations, various capabilities have needed to be adapted to fit the specific context of regulatory processes. From here, it’s been important for Regtech solutions to distinguish themselves from competitors, as the market has grown in size and variety.
Altaz Valani, director of insights research at Security Compass, explained: “One of the biggest contributions from the Regtech community has been around appropriating the use of technology in order to deliver novel products and services or significantly enhance existing ones to provide a distinct competitive advantage.
“There are various categories of technologies that have played an important role for the Regtech community. These include DevOps, security, compliance, and project management technologies.
“What Regtech does is integrate these categories in a contextual way that enables organisations to get to market faster while at the same time ensuring regulatory compliance.”
2. Biometric security
One area of digital innovation that’s been prominent in anti-money laundering (AML) and Know Your Customer (KYC) is biometric security. Eradicating the need to remember log-in credentials, this allows users to verify their identity using fingerprints, selfies or other biological characteristics. Biometric security also includes detection of suspicious behaviour that deviates from how a user normally uses a platform, such as a different IP address.
Banks, for example, have been starting to provide the option of fingerprint or facial recognition-powered access to accounts. But today’s solutions should look out for false face IDs, which have also risen and aim to fool the system.
“Our research indicates that fake face IDs are available on the dark web for as little as €50 and some of them are so realistic, they can often fool human passport agents,” said Roger Tyrzyk, director, global gaming and sales for UK&I at IDnow.
“The most commonly faked documents are national ID cards followed by passports. Other documents include residence permits and driving licences. The quality of these fake IDs is increasing too. Where in the past fraudsters used simple colour copies of ID cards, now they are switching to more advanced, and more costly falsifications that even include holographs.
“Biometric security is extremely effective at fighting this kind of fraud. It can check and detect holograms and other features like optical variable inks just by moving the ID in front of the camera. Machine learning algorithms can also be used for dynamic visual detection.”
Facial biometrics: assuring genuine presence of the user
3. Replacing paper-based processes
Traditionally, compliance has been based on paper documents, which has often resulted in bottlenecks in processes. However, Regtech has managed to digitise checks and audits in order to get networks up to regulation standards quicker.
Vivek Dodd, CEO of Skillcast, explained: “So far, Regtech has been successful in replacing paper-based processes. It has streamlined data collection, data access, and screening, but it’s still not in the position to offer decision support embedded with the business.
“Many businesses will be satisfied with the gains they’ve achieved in terms of cost reduction and streamlining processes to deal with regulations. But the more ambitious companies are pursuing a technology-enabled compliance transformation to turn regulatory compliance into a source of competitive advantage.”
4. Finding compliance gaps
Having a dedicated staff member in place to go through data sets to find possible pitfalls where regulatory standards aren’t met may prove useful most of the time, but the process can also be time-consuming without digital processes to support them. There is also the high possibility of compliance gaps being missed.
“The Regtech domain spans the range of technologies for verification, real-time monitoring for suspicious activity, screening against lists and adverse media, internal and regulatory reporting, consolidating rules and standards, managing declarations/disclosures, and e-learning,” continued Dodd.
“Each of these is helping companies to reduce the cost of regulatory compliance and reduce the risk of breaches. However, the most significant gains to be made lie integrating these technologies to support staff to be compliant at the point of decision/action and to detect and deal with emerging compliance gaps before they result in a breach.”
Analytics supported by automation technologies such as machine learning and Robotic Process Automation (RPA) can speed up this vital task, while minimising errors.
3 steps to an effective data management and compliance strategy
5. Verification for onboarding
Secure onboarding during the Covid-19 pandemic has proven increasingly challenging for banks; with bankers joining from laptops or mobile devices more often due to lockdown restrictions across the world, this has opened up the possibility of increased money laundering and fraud.
Identity and document verification has bolstered security by leveraging AI and biometrics to check that access to services is genuine. These services have also been known to improve the experience for onboarders, with the process of joining a bank being cut from days to hours.
Adam Desmond, UK&I country lead at Mitek Systems, said: “Banks and financial organisations are already using AI-enabled technologies like digital identity verification. This helps them save millions a year in mounting fines from the regulator and solve the onboarding hurdles that usually come with good compliance.
“When customers sign up to a new bank or service, they take a selfie and a photo of their ID document, which artificial intelligence first checks for forgeries before machine learning compares the ID against the image. This verifies that customers really are who they say they are, meaning banks can comply with regulations, avoiding hefty fines, and also create a more user-friendly onboarding experience.
“Using technologies like identity verification as part of the onboarding process helps businesses reduce abandonment rates, meaning more customers can sign up in less time.”
6. Security through blockchain and AI
Not only do customers need to be kept secure, but also the products and tools of companies. This area of security has benefitted from digital disruption from Regtech, in the form of blockchain, as well as AI.
Jayakumar Venkataraman, partner, banking, financial services and insurance at Infosys Consulting, explained: “There is an increasing need to become and stay Secured by Design (SBD) both in the internal operations, but also in the products and services offered to clients. This is leading financial institutions to increasingly embrace blockchain and distributed ledger technologies.
“These enable information to be shared securely in an automated manner, with the blockchain protocol being able to transfer data via a permission-based distributed ledger.
“Specifically, for credit card organisations where strict PCI-DSS (Payment Card Industry Data Security Standard) compliance rules apply, various AI techniques are implemented to support continuous monitoring and security scorecards.”
Joining the discussion of the biggest disruption trends in the Regtech space from an analyst’s perspective, Nick Maynard, lead analyst at Juniper Research, commented: “Within the regulatory compliance area, there has been a longstanding complexity to regulatory requirements following the financial crisis.
“Financial services and banks have to deal with an enormous amount of regulations, therefore Regtech has evolved to enable them to deal with these requirements in a way that allows them to reduce their burdens and improve their processes.
“KYC (Know your customer) and AML (anti-money laundering) are two particularly important areas, but there are many other areas within regulatory compliance that can be improved with tech introduction, such as reporting with trading environments.”
Next steps for first LawtechUK Sandbox revealed as pilot draws to close – a second phase is set to be launched in the summer
The top 10 UK RegTech companies – a look at some top companies disrupting the RegTech space