Fixing the disjointed nature of regulatory control management has become an imperative for regulators and their patience is wearing thin. Huge volumes of detailed new rules has created an army of ‘horizon scanners’ who struggle to work across the silos and auditors are often disappointed with the resulting controls.
NextGen RegTech control solutions are available in the market who can introduce ‘end to end’ solutions. However, buyers need to wary of some AI salesmen that promise the world but can’t deliver a system that meets all business needs. We also need joined up thinking across the tribes – including the firms, regulators and RegTech suppliers.
Regulators are concerned about the lack of automation and the disjointed nature of controls over interpretation, policy, data, infrastructure, risk assessment and reporting.
In addition to issuing big fines and demanding skilled person reviews, the regulators have become increasingly move vocal about the board needing to “fix this” and if it isn’t this could be an aggregating factor when penalties are assessed.
The size of the gap
An enormous quantity of regulatory rules has created a whole industry of ‘horizon scanners’ who seek to stay on top of global implementation of tens of thousands of rule updates every year.
Today, JWG finds one new regulatory alert is generated every minutes across the world. In 2020 we catalogued a 300% increase in documents which are relevant to financial institutions by capturing 25,700 documents with over 380,000 pages and 125 million words in just 60 jurisdictions.
The firm’s controls
The challenge for any bank is to tie this information feed back to business and define what impact they have on the control libraries. With hundreds of thousands of employees and suppliers, a global bank faces an enormous ‘end to end’ mapping challenge.
There is an opportunity for big plays in this space, but innovation in risk and compliance is not generally seen as a reasonable bet. This means that each bank with different business models requires more than just the data, it requires a system.
One of the big challenges is that thousands of people are locked up checking boxes in their silos. To break the cycle, the business, compliance and IT need to be brought much closer together to align their controls and get closer to the same source, same system.
NextGen RegTech control solutions
Leaders are investing in solutions that cover horizon scanning, risk identification, ownership, policy creation, procedures and compliance reporting and assurance. At the end of the day, the solutions need to provide a single source of truth and standardized way of working across the firm’s silos and leaves an audit trail for the auditors and supervisors.
One of the biggest challenges is that the single source doesn’t start off common. The tools need to have the right data and governance to ensure the single source is, in fact, a golden one. The starting point of the whole process is having all the relevant regulations in scope and the certainty that the library is safe, secure and up to date.
As an industry we have made progress in creating good systems for housing all the regulations, controls, policies and procedures. However, there has been very little progress in stitching it together without armies of lawyers, compliance professionals, risk owners and technology.
More digital and standards are required and regulators don’t really want to offer guidance on ‘the how’. JWG has long advocated for a data-driven approach that deploys natural language processing to allow each bank to configure obligations into their single version of a business truth.
Unlike black box AI, we do not prescribe answers to thorny business and jurisdictional legal questions. We give subject matter experts the tools to do it themselves.
We look forward to taking your questions and having a robust debate on how to move the industry forward at our November conference at our panel.
- When will the assault on the tower of babel start and how do we make this ‘straight through controls’ relevant for the business?
- How are spreadsheets and control systems linked? (the granularity problem)
- How do organisations structure themselves for efficient controls?
- How do the different tribes collaborate in an effective way?
- How can the right tooling track regulation and interpretation changes?
- What are all the factors involved in the dynamic ‘end to end system’?
- Can black box RegTech help experts with trusted decisions more than it hurts?
- How well are new regulatory challenges communicated to the industry?
- How are regulators helping? Are they scanning other regulators?
- What are some real-life examples of solving granular problems?
- David Silverman, Wells Fargo
- Peter Vissers, ING Sparq
- Rachel Wolcott, Thomson Reuters
- Monica Sasso, Red Hat
- To learn more about RegDelta, email Corrina
- Access the JWG Digital Integrity LinkedIn here
- To create your own JWG RegTech Intelligence Hub, sign up here
- To register for JWG’s 16/17 November 2021 conference, see here
- Thomson Reuter’s regulatory intelligence analysis of PRA Dear CEO letter here
- HKMA regulatory adoption practice guide: Governance, Risk and Compliance here
- Managing your risks and controls with RegTech here
- RegCast Episode 3: Digital Roars and new regulatory frameworks here
Speakers and Guests
PJ Di Giammarino
Aired on: September 17, 2021
Aired on: March 18, 2021
Aired on: February 1, 2021