Regulators don’t just want firms to read what they put on their websites, they want them to prove their risk and control frameworks do what they say.
RegTech now enables firms to interpret their requirements and provide businesses with an opportunity to bring costs down and avoid regulatory actions that can put the business ‘on hold’.
Industry veterans shared their insight about the state of the market and how long standing challenges can now be RegTech opportunities, in JWG’s latest RegCast 17. In this article we recap what we learnt in advance of our annual virtual conference.
Orders, Audits and housecleaning
In the last 18 months, enforcement action globally shows firms failing to manage risk and compliance across their unwieldy organisations.
In the U.S. the OCC has even gone as far as to order firms to revamp their entire risk management and compliance framework. The Bank of England recently commented that firms had not learned the lessons of the 2008 financial crisis let alone made enough changes to manage risk effectively. In Germany, firms are required to prove that they have a process in place to manage regulatory change.
The root cause of many control failures is the difficulty of interpretating the law. As regulators get ever deeper into the ‘how’ banks operate, a tower of Babel needs to be disambiguated for operational purposes. ‘What is the definition of a business day?’ needs to be agreed for the organisation which has the responsibility to file the report in 3 days and the answer will depend on the business and risk appetite.As industry veterans pointed out, firms have literally spent hundreds of millions trying to solve the risk management process. The challenge is that procedure libraries have become so unwieldy there is a ‘housecleaning’ effort that is required across all businesses.
This means that all change projects are picking though a control minefield to protect the business from changes in law. The real opportunity is to look at the regulatory change as a way to be more efficient so that not so many people are required to watch the first line of defence.
RegTech for horizon management
Part of the challenge with horizon scanning is the volume and complexity of change. Once every minute a regulator updates a website. In 2021 alone, JWG filtered 612,000 events from 700+ regulatory publishers. By year-end we converted 28,000 documents with 138 million words describing 634 legislative initiatives.
Constant change and new rules add another layer of complexity to managing regulatory risk. For UK firms that complexity and pace will accelerate as the government seeks to rewrite the entire financial services rule book by year end 2023.
This year, a major step forward has been achieved by the operational risk community. The O.R.X group has created a common reference taxonomy which lays the foundations for sharing insight.
This means that firms can use an industry standard to map their regulatory obligations to reference controls. JWG has been busy in proofs of concept which enable the identification of a global change’s impact on the business in the country in which it operates. We have also been working with experts at PwC to take RegDelta’s rich metadata and help focus decisions on the likely impact and when action is required.
Whatever the tooling, it is important to start with good data and a structured workflow that helps evidence the risk management decisions which are made and senior management is involved in the controls.
It occurred to our panel that we have not met many bankers which like housecleaning so incentives need to be realigned.
The most obvious one is to articulate the business opportunity as the generation of specific value. The attention of senior management is more likely to be piqued by lowering the cost of controls and preventing regulatory action which prohibits new business than ‘cost of compliance’ discussions.
For German regulators, documentation of the lineage between regulation and controls is front and centre. Regulators are taking a keen interest in new RegTech which help them understand how to best meet new obligations.
Humans’ RegTech workflow
JWG has pioneered RegTech which gives enterprises the power to scan the horizon and configure your obligations into a single business truth.
We have developed a process for humans and machines to enrich each document with the data required to provide a detailed ‘manifest’ of routing instructions. This puts the obligations on the right dashboards in near real-time which in turn enables collaboration across all lines of defence.
Unlike any other provider, we use NLP to determine relevance from millions of alerts, enrich every document with a deep, proprietary model for FS obligations and deliver them to your instance in near-time as global policy develops.
In a nutshell, we helps the humans ingest a level of reading that is not possible to keep up with in the day job. We do the hard analysis up front so that our natural language processor can streamline the interpretation of the many different, overlapping and interconnected regulatory obligations.
This eliminates manual processing and clunky spreadsheets which prevent the organisation from having a single version of the truth.
We do this in a transparent and open way with full audit trail of how decisions are made. Unlike software solutions which portend to ‘read’ text and ‘translate’ what they mean to your business we can prove the lineage between text, decisions on what it meant and how it was implemented.
If a shifty AI salesman says you don’t need this, run away. Telling the regulator that you missed a new requirement or interpreted what an obligation meant to you because ‘the system told me’ is going to go very badly.
For more information on how we can help with RegDelta and our RegRadar services see here.
Want to know more? Come along to our 7th annual RegTech conference on November 9-10th to join the RegTech conversation and look ahead to the agenda for 2023.
Please contact Corrina.Stokes@jwg-it.eu if you would like more information.