By Bernard Lunn
Back in October 2014 we wrote about how Compliance was a huge market opportunity. However it maybe one of those markets where the problem is blindingly obvious but the solution is non-trivial. Nearly a year later I still do not see the Regtech Compliance killer system; if it is hiding in plain sight please tell me. So I got to thinking about what a great Regtech Compliance solution would look like, so that if I ever spotted a beast like this in the wild I would recognize it.
Here are the 5 attributes that a Regtech Compliance killer system should be able to offer:
- Real time and in context. Big Data is just “digital landfill” unless it is delivered “just in time and in context”. Just in time means that the data is made available in real time even if it is not consumed in real time. It is not relevant until it is relevant in context (which is why it is not always consumed in real time). For example, consider a conflict of interest statement. The fact that a family member just moved into a conflict of interest position is only useful if delivered within the context of a system where you need to declare any conflicts.
- Legacy integration. Any solution that involves changing legacy system is a showstopper. It is a weakest link issue. Just one legacy system that is not integrated could be your compliance nightmare. Combining 1 & 2 (real time and in context plus legacy integration) is tough. Rewriting all apps to be compliant is expensive and takes too long. Doing integration according to the constraints of decades old middleware and batch core systems cannot be real time and in context.
- Understanding the risk/reward trade off. Perfect Compliance is like Perfect Security. It is totally simple to design a perfect Compliance system. Any bureaucrat can do that. The problem is that you will stop the business as all customer facing processes grind to a halt – or you encourage people to ignore compliance rules and just pay the fines as a cost of doing business. In the real world it is a trade off. You have to enable people to do their jobs without putting the business into great danger. Traders understand this. All opportunity has risk.
- Immutable. This is is where Blockchain technology could be a break through. A shared database where all parties can trust that nobody can change the database is a big deal.
- Rules based user interface for non-programmers. Apart from death and taxes, we can be confident that compliance rules will change and grow in complexity. Unless a compliance person can “code” these rules using legal language rather than programming code, any solution will quickly become obsolete.
In short, this is difficult, but the prize is still big.
Daily Fintech Advisers (the commercial arm of this open source research site) can help implement strategies related to the topics written about here. Contact us to start a conversation.
Hi Bernard, I’m happy to tell you that you find it!
The 5 attributes are key. I would add the ability to scale and adapt when new regulation emerges = FLEX REGTECH
Having been wrestling with this problem, you’re spot on. Given the speed of regulatory changes, 309 in 2014 from the US federal agencies alone, both logical and technical architectures need to be build to change at the speed of regulation. Given those dynamics it really is a challenging problem to solve, but with over 200 banking organizations on the Continuity platform, it’s clear that the problem is solvable.
[…] is an interesting element of the full ‘RegTech compliance killer system’ Bernard envisioned back in September 2015. Whether or not someone can deliver the killer end-to-end […]
[…] need to invest in the development of the killer regtech apps, needed by financial institutions; therefore subsidizing the cost of keeping the financial system […]
“For anyone interested in RegTech, here’s a great list of 40 RegTech companies to follow – https://www.linkedin.com/pulse/40-regtech-startups-follow-jan-maarten-mulder.
The highlights for me are ComplyAdvantage (AML data and surveillance platform), Fenergo (KYC data management), Onfido (KYC background checking). “
Thanks, that is very helpful. I will reach out to him and see if he will post it as an editable wiki on the Fintech Genome http://genome.dailyfintech.com where you can engage in existing conversations like this and initiate new conversations and create and edit wikis. We created Fintech Genome as a P2P Knowledge Platform for the global Fintech community and your insights would be most valuable there. Bernard
Securium Solutions is one of the best companies that give ISO 27001 Compliance Services in Dubai, Abu Dhabi and Sharjah. To know the details about the configuration of International Standards contact at support@securiumsolutions.com for information related to other compliance services.