The Bank of England and the Financial Conduct Authority (FCA)-convened Artificial Intelligence Public-Private Forum (AIPPF) this month discussed potential accountability and governance frameworks that could form future guidance for the use of AI in financial services. Senior management accountability as well as the creation of a chief AI officer role were contemplated as oversight options,


New European Union rules governing artificial intelligence (AI) will put compliance obligations on automated facial recognition (AFR) used in some regtech applications, particularly client risk screening. UK data privacy and biometrics regulators are also seeking to improve employee monitoring and surveillance camera operation guidance to clarify compliance obligations under local data privacy laws. These efforts,


In our second meeting, a global group of regulators, firms and suppliers discussed the changes in the regulatory building blocks required and quickly identified components which could be assembled to define a new paradigm for risk information collection. The next meeting will focus on a new paradigm for collecting risk information from a digital system


Regulatory reporting is moving out of the backwater and into the limelight. New RegTech tooling is here and leaders are deploying it now and regulators are defining their SupTech approaches. The regulators and regulated have all made progress and the sector is building momentum in Q4. Register Here Regulatory demands picking up pace Last quarter


JWG Q421 research reveals major regulatory battles for information on third parties in 2022, which has massive implications for FS suppliers. Combined with Cloud, AI and other new controls, knowing your supply chain just became a lot more critical and complicated.   Without standard supply chain messages, regulators, regulated firms and their suppliers run the


Technology, data and infrastructure provision to banks now puts 3rd parties on the critical path for systemic oversight. Knowing your supply chain just became a lot more critical and complicated. There is an opportunity to take the pain away with a more joined up approach that requires senior engagement, trust and ‘safe space’


Financial services are digitizing fast but there is much more public and private sectors can do to deliver reporting controls which fulfil supervisory mandates in a digital age. We were pleased to have 50 individuals from global supervisory organizations, financial institutions and firms for the first working session of our new Digital Reporting Taskforce (DRTF)


In our first meeting, a global group of regulators, firms and suppliers discussed the changes in the regulatory reporting story, the building blocks required, stakeholders to engage and the collaborative mode of working we would like to establish. At this next meeting we will start with 4  building blocks, identify targets and highlight gaps to


 We are delighted to reveal more details for our annual conference. With so much happening in this space – make sure that you know what risks are coming and how to tackle them! See details below and sign up now to hear a great cast of regulators, academia, firms and suppliers discussing the next generation


The UK Prudential Regulation Authority (PRA) has warned firms about deficiencies in their regulatory reporting governance arrangements, systems and controls as well as the of key rules interpretations. The PRA’s ‘ Dear CEO’ letter published last week, admonished firms for their “historic lack of focus, prioritisation, and investment in this area” and called for firms


Financial services are digitizing fast but there is much more public and private sectors can do to deliver reporting controls which fulfil supervisory mandates in a digital age. With support from top regulators, financial institutions, and vendors JWG is launching a task force to 1) define a future target operating model for the regulatory reporting


A decade ago, JWG worked with Banking Technology to produce the world’s first RegTech magazine for our sector. We are now delighted to be hosting the 6th annual RegTech / SupTech  Conference on 16 & 17 November 2021 which promises to be one of the most exciting, digital events of the season. Register Here Today Agenda


Following a great discussion about the major surveillance AI control gaps highlighted by JWG’s July research  the FATF and BIS have both published complementary AI policy papers.   With penalties of up to 6% of annual revenue 500 working days away, we have decided to build RegTech AI surveillance use cases to: Tease out the


Why attend for Sponsors Why attend for Delegates Register Now   For our sixth annual RegTech conference we are bringing our global network of regulators, trade associations, academia, firms and leading technologists together to define the top challenges facing both private and public sector and debating potential strategies to overcome them. Our global regulatory debate


Although no international guidelines on AI exist, the EU is way ahead in policy formulation with a very clear view of what good looks like. JWG research has revealed major control gaps to other jurisdictions and draconian penalties for those that don’t comply in 2023. In preparation, we will be developing detailed business use cases


Presentation from SIG meeting on 27 July to review updates to the trade surveillance regulatory agenda, review global artificial intelligence gaps and agree next steps.


A new approach to global regulatory data observation is fundamental to the fulfilment of Supervisory mandates in a digital age. The sector is digitizing fast but there is much more we can do to deliver digital controls for public and private sectors. JWG is working with industry leaders to launch the Digital Reporting Task Force


Last week, over 30 organizations including regulators, global financial institutions, trade associations and vendors met under the auspices of JWG’s Regulatory reporting special interest group (RRDS). In this 27th meeting on regulatory reporting the group examined the feasibility of integrating prudential/statistical ‘top down’ or more aggregated reporting (e.g., CRR 430C, ESG) and ‘bottom up’ or more transactional data collection (e.g., EMIR, MiFID, CSDR). So far


JWG summarized regulatory 2021 reporting efforts and explained how there are both prudential/statistical ‘top down’ or more aggregated reporting (e.g., Risk, ESG) with the ‘bottom up’ more transactional data collection (e.g., EMIR, MiFID, CSDR). The RRDS agenda will seek to share lessons learnt across both types of regulatory reporting innovations this year. Though concepts have been proven and studies generally align, without a more concrete description of the future risk information system which extends today’s notion of ‘data’ to include ‘language’ regulatory data efforts will continue to cost tens of billions while failing to achieve their policy objectives.


Business semantics and data requirements are foreign topics, not readily understood by policy makers
Complexity and (largely unnecessary) complication drive Technogenous risk
Regulation must foster system sustainability (e.g., reduce complication and avoidable complexity)
Global dialogue moving too slowly and narrowly vs. the speed and depth of technological progress


Following our discussion of several global accountability regimes and forthcoming culture audits we are turning our attention back to AI. This is a very noisy space with Germany, UK, Japan and the US all mandating new controls in advance of MiFID III update which could raise the algo trading bar even higher.   In this


  By Priya Kundamal, DTCC The fragmentation of trade reporting rules and the lack of a common data set across jurisdictions hinders transparency and global risk monitoring, writes DTCC’s Priya Kundamal. Market disruptions often spur change. In response to the 2008 Global Financial Crisis, one of the G20 reforms was to mandate the reporting of


Last week marked a key turning point for the derivatives industry as it moves towards aggressive implementation deadlines for regulatory reporting on either side of the Atlantic.   After a decade of international regulatory reporting the sector is marshalling resources to meet new CPMI/IOSCO implementation mandates for newly standardized common data elements.   A poll


JWG summarized regulatory 2021 reporting efforts and explained how there are both prudential/statistical ‘top down’ or more aggregated reporting (e.g., Risk, ESG) with the ‘bottom up’ more transactional data collection (e.g., EMIR, MiFID, CSDR). The RRDS agenda will seek to share lessons learnt across both types of regulatory reporting innovations this year


Presentation from SIG meeting on 18 May to review updates to the trade surveillance regulatory agenda, review global accountability regimes and agree priorities for RegTech and SupTech tooling.


UK banks’ annual reports show an emerging understanding of operational resilience that emphasises business continuity planning and conflates pandemic performance with high operational resilience. Banks have asked regulators for more guidance on what they want operational resilience work to look like. That safe harbour will not be forthcoming, and firms need to work on evolving


The UK’s Financial Conduct Authority (FCA) Markets in Financial Instruments Directive II “quick fix” consultation signposts issues for further consultation as the onshored regime evolves post-Brexit. At the same time, the paper alerts industry to further consultations — at least two more from the FCA this year — including one contemplating the consequences of Libor


JWG presentation and facilitation materials for Chatham house rules discussion with Regulators, Financial Institutions, Accademia and the Supply chain covering: 1.Introductions 2.Reporting strategies for 2050 3.EBA Integrated reporting consultation deep dive 4.Path forwards 5.Next steps


In an increasingly digital sector with divergent rule sets, the ability to manage the global compliance deltas in complex senior management accountability rules  is fast becoming a critical differentiator for senior management seeking to work across borders.   As we summarized in our latest Beacon, JWG’s surveillance community has covered quite a patchwork of regulatory obligations


HM Treasury and the Financial Conduct Authority (FCA) have used FinTech Week to set out their regulatory support plans to make Britain more attractive to the financial technology sector. Rishi Sunak, Chancellor of the Exchequer, and Nikhil Rathi, the FCA’s chief executive, confirmed plans to take forward many recommendations made by the Kalifa review of


The latest episode of RegCast is available now! RegCast 2 covers the UK’s fast moving political and regulatory review process, the key questions they are addressing, and what they are likely to mean for regulators, regulated and their customers. The group discusses past choices and explores the implications of digitizing the future regulatory framework including


JWG RegTech Beacon 27 published

RegTech Beacon – Guiding your way through global regulatory storms. 2021 is off to a fast start with regulators redoubling their efforts to police a more digitally enabled market. In this Members newsletter we provide an overview of what JWG has been up to and what lies ahead. Topics covered: New themes for RegCast. We summarize our research on emerging global digital regulatory themes and


The number of cyber incidents at UK banks, asset managers, wholesale brokers and exchanges rose from 21 in 2019 to 55 in 2020, a 161.9% increase, according to the Financial Conduct Authority (FCA). The disclosure was made in response to a request under the Freedom of Information (FoI) Act. Asset managers, wholesale brokers, platforms and


It has been a very busy 2021 and it is a very noisy financial services regulatory marketplace. JWG is pleased to be helping to contextualise the strategic issues in play with a new podcast series called RegCast which you can access here.   So what is RegCast? RegCast is an industry spotlight on the business


A UK Government-led forum in its third year. A dynamic and engaging event bringing together the leading public and private sector actors from the UK, China and Southeast Asia to exchange knowledge and innovative practical techniques and solutions to tackle financial crime and related issues. A vibrant and vital interaction between policymakers, regulatory bodies, law


Know your 2021 Cloud Compliance Strategy – Survey open

In Partnership with:

JWG’s 2020 research has found that the financial services market exhibits an ever-growing blind spot from technology risk which lurks off balance sheet. High profile outages like Google and Microsoft have underlined the issue for both the regulator and regulated this month. This point has not been lost on regulators who in the middle of


L’Autorité des Marchés Financiers (AMF), France’s financial markets regulator, has created a Data and Surveillance Directorate as part of a wider reorganisation announced earlier this month. Its establishment comes as a handful of regulators pursue digital realignment programmes, but the AMF appears to be ahead of the pack in establishing a new division, building data


Gentrifying The Wild West

Can suptech take DeFi to the next level? As technology-driven decentralised finance (or DeFi) grows in popularity and market value, it appears that a battle is brewing between DeFi protocols and regulators. But can technological tools in the hands of regulators head this off at the pass? A reasoned, transitional approach to compliance, along with


JWG urges sector to address systemic technology risk blind spot

In Partnership with:

JWG is proud to announce the publication of a ground-breaking research report ‘Risk control for a digitized financial sector.’    The analysis identifies a large systemic technology risk blind spot which regulators must take the lead in addressing. JWG urges Financial Services regulators and firms to collaborate with technology firms on new RegTech standards in advance of cloud and data crises.    The paper, which incorporates findings from JWG’s RegTech 2.0 conference and dozens of discussions with regulators, regulated and academia, builds on 10 years


UK regulators must endorse a single digital interpretation of European Market Infrastructure Regulation (EMIR) reporting rules if the digital regulatory reporting (DRR) work underway with industry collaborators is to succeed. The private sector has engaged and done much of the heavy lifting to prove digital regulatory reporting works for all kinds of business models, said


How a firm manages data is now intrinsic to its value, yet the FS risk management framework provides no way to account for IT obsolescence, cloud concentration and data risks on the balance sheet. An explosion of advanced computing capability facilitated by cloud technology has provided massive benefits to both regulated financial institutions and their


FS Compliance officers have been hit with an unprecedented deluge of 3,021 COVID-19 alerts 2 months into the pandemic, which JWG forecasts to be a total of 15,695 documents by year end.   Regulators expect firms to be able to navigate these difficult circumstances while delivering fair outcomes for customers and complying with existing rules. That’s one of the clear messages in these 3,000 plus regulatory updates.  Better RegTech tooling is


By PJ Di Giammarino, CEO JWG   Key points: In 2019 JWG tracked 204,469 pages with 60 million words on FS regulatory reform 8 RegTech discussions require senior management attention now and will be debated under Chatham house rule with audience Q&A 6+ regulators, 12+ firms and 8 tech SMEs will debate winning strategies and


RegTech: the new lifeblood of compliance

By PJ Di Giammarino, CEO JWG Group and Chair of the RegTech Council In the aftermath of the global crisis, financial regulators rushed to implement complex rules without having a complete view of their consolidated impact and how the technical infrastructure of the industry would have to respond to their new demands for data. After


JWG RegTech 2.0 conference – Regulators, regulated and leading technologists to explore winning strategies for top 2020-2021 issues   London, 6 December 2019 – JWG is pleased to announce that its 5th annual RegTech Conference will be held on 7 February 2020 at the Gouman Tower Hotel in the City of London.    At a crucial point of inflection post financial crisis the Financial Services sector faces 374 new legal challenges. New JWG research has revealed low levels of awareness to key shifts in the regulator’s RegTech framework. Specifically:    Enabling market ecosystems. New global RegTech/ SupTech policy initiatives    Infrastructure risk. FSB, FRB, BoE focus on cloud


Our industry has gotten serious about its approach to climbing the RegTech mountain. Are we sprinting yet? Certainly not, but the course has become much clearer, the participants much more engaged and the contestants in it for real benefits. Public and private sector boards are at a crossroads – but by and large, we are


Ready for digital regulation?

  JWG are pleased to announce new research in partnership with MarkLogic, which shows that financial institutions are ill-equipped to deal with the data demands of new regulation.   During Q4 2018, JWG conducted in-depth interviews with senior executives from 12 global financial institutions to develop the insight published in a subsequent paper titled ‘


With the General Data Protection Regulation (GDPR) coming into force, it is time to reflect on such a huge overhaul of the data protection laws affecting every organization operating within the UK and the EU, from schools to large multinationals. To put things into perspective, in the UK alone, GDPR impacts over 500,000 data controllers


The GDPR broadens and deepens the rules between data controllers and data processors for processing of personal data and for the first time, directly enforceable obligations are imposed on processors as well as controllers. The GDPR also requires that controllers and processors enter into written contracts (“C2P Clauses”). Practical Law recently published its data processing


A key focus of our RegTech Capital Markets conference this year was ‘the future of rule books and policy controls’. To discuss this topic, we assembled a panel of experts including Paul North, Head of Product Management EMEA at BNY Mellon, Alan Blanchard, Senior Associate and Handbook Publisher at the FCA, Mark Sweeting, Head of Strategic Change, Basel Measurement


Waking up to the power of RegTech?

The past year has been illuminating for the RegTech market, the past twelve months has seen an increase in discussion on the application of technology to regulatory compliance. We have seen action from the regulators, including the FCA’s recent TechSprint in which we at JWG were involved, and major regulatory initiatives, most notably MiFID II,


With the implementation date of GDPR just seven months away, firms will need to start getting to grips with the requirements soon to be ushered in under the EU’s flagship regulation for data protection.  As things stand, GDPR will kick in before the UK formally leaves the European Union, meaning that its implications will still


GDPR and data security by design

In exactly one year, the General Data Protection Regulation (GDPR) will apply across the European Union, yet firms are struggling to prepare for new data security obligations due to the sheer quantity of regulations due to be enforced in 2018. With the current date of MiFID II being 3 January 2018 and PSD2 due 10


What image is conjured up when you hear the term “cybercriminal”?  A Guy Fawkes mask partially concealed underneath a black hoodie to the accompaniment of sinister music? Whilst this image provides an excellent trope for Saturday night TV, it does not reflect the reality of cybercrime. At our second RegTech Capital Markets Conference, we held


The terms FinTech and RegTech are both used increasingly frequently in the financial services industry. However, they are not by any means used consistently, or indeed necessarily separately. What they most definitely describe is the increasing use of technology in the provision of financial services and the solving of regulatory problems, but beyond that it


SMCR: one year on…

7 March 2017 marked the first anniversary of the implementation of the Senior Managers and Certification Regime (SMCR). The rules set out by the Financial Conduct Authority and Prudential Regulation Authority seek to instil a culture of conduct and responsibility across the UK banking sector by focusing on individual accountability and placing explicit standards on


Blockchain is not something new to the financial sector.  In fact, it’s been around for years.  It will be, however, a slow process to integrate it into systems already in place and, as with any disruptive technology, for regulators to assess and mitigate its risks by regulating appropriately. Although the technology isn’t novel, regulators now


As the public cloud services market continues to mature and grow – up from $178bn in 2015 to $209bn in 2016, according to research company Gartner[1] – the concentration of computing resources into cloud data centres is increasingly attracting the attention of NPEs as a target for patent litigation.  At a time when data security


Semantics: the key to finance’s food chain

The regulators that oversee the economy are drowning in oceans of data, but need better standards to make sense of it all. The struggle stemming from the lack of standardised data was clearly visible in 2012 when the Commodity Futures Trading Commission (CFTC) needed to trace the so-called ‘London whale’, a trader who accumulated Credit


Fintech, RegTech and operational disruptors

Looking at the FinTech and RegTech conversations in 2017 we find that there is considerable confusion about some basic terms, definitions and relationships amongst policy makers, academics and practitioners alike. The now much more popular term is being used to describe many things. When you say RegTech, do you mean it to be a subset


Culture, conduct and how RegTech can help

Improving the culture and codes of conduct within financial services firms has been a longstanding issue of contention since the financial crisis.  Combatting negative behaviours and inefficient controls has proven difficult to regulate and tackle head on. In 2013, the FSB officially acknowledged business conduct as a new category of business risk and now, in


Technology and the ascent to compliance

The rise of [insert-abbreviation-here]Tech companies signifies a pragmatic shift of business consciousness toward solutions that make use of advances in modern technology. In the banking sector, the magnitude and complexity of firms has immobilised the possibility for innovation. FinTech solutions attempt to combat this issue by producing new and intuitive services for banks and the


Since the financial crisis, we have been gifted over two Eiffel Towers high worth of complex and costly financial regulation, ever increasing in quantity and intricacy. Boards struggle to formulate their strategies to deal with regulatory-driven change to their operating models. There are answers, and now is the time to flush them out – before


Brexit and IT Law (II): Data Protection

This is the second in a series of occasional blogs we’ll be writing about what Brexit means for IT and IT Law in the coming weeks and months. Deirdre Moynihan reviews what Brexit is likely to mean for Data Protection, where the approach to implementing the General Data Protection Regulation could well turn out to


This is the first in a series of occasional blogs we’ll be writing about what Brexit means for IT and IT Law in the coming weeks and months. It looks at the choices facing the UK IT industry around Brexit and Article 50.  In the second, Deirdre Moynihan reviews what Brexit is likely to mean


Instilling a culture of compliance

On 5 July, JWG hosted their RegTech Capital Markets Conference in London, attracting over 150 attendees from top tier banks, buy-side firms, vendors, lawyers and academics from across the industry.  A speech from the FCA’s own Nick Cook at the start of the day told of the clear signs of progress being made and reiterated


Dismantling data standards barriers

The push for increased transparency following the financial crisis has had a visible impact on the financial services industry.  Many regulations have created similar, but slightly different, requirements, in particular across the Atlantic.  Increased – but uncoordinated – demand on data, and proof of process in different formats and languages, without proper impact assessments conducted


The RegTech domains

In our response to the FCA’s call for input on RegTech, we recommended framing the thinking via the RegTech domains to help enable the prioritisation of new technological solutions in the context of external regulatory circumstances. As we have stressed before, RegTech is about the application of technology to solve a specific regulatory problem, not


With JWG’s RegTech conference coming up on 5th July, we thought it wise to spell out a few of the most pressing issues up for discussion on the day. Our first panel – Unblocking the ecosystem* – will provide a comprehensive review of the barriers to RegTech development and adoption. On this topic, we have


We were pleased to speak at the Asset Control User Conference on Tuesday about the challenges of using RegTech in the context of comprehensive MiFID II data requirements.  JWG’s CEO, PJ Di Giammarino, presented a helicopter view of the regulatory landscape ahead of us, an approach to getting the cost of the data under control.


An EY report released this week in conjunction with the UK Treasury, declared the UK to be the highest ranking FinTech sector in the world with a market size of £6.6 billion.  The authors predominantly attributed this to the UK’s accommodative regulatory regime for startups and the associated disruptive technologies they bring to market. We


Only hours before JWG’s Customer Data Management Group (CDMG) met on 23 February, an announcement was made that more than a third of firms that submitted their responsibilities under the Senior Managers Regime (SMR) had been rejected for technical reasons. The UK FCA/PRA SMR passed its first major milestone for grandfathering on 8 February and


In November last year, at JWG’s monthly CDMG meeting, we discussed the incoming General Data Protection Regulation which – at that stage – remained a draft and the implications of the removal of the US safe harbour rule.  The safe harbour rule was an agreement between the US and EU allowing businesses to transfer personal


There will no doubt be many concerned faces amongst senior management this year as the new rules for the Senior Managers and Certification Regime (SMR) come into force over the next 12 months.  The first implementation date will be in February 2016 when firms will have to submit documents for grandfathering, then commencement of the


The FCA has just dropped their comprehensive review of UK banking culture, which focused on whether pay, promotions or incentives in the financial sector encourage malpractice.  Shortly after its announcement last year, it has been shelved, with the FCA citing that each business is unique and thus cannot easily be compared. To some this is


LEI: to renew or not to renew

2015 has been a year of genuine progress for the Legal Entity Identifier (LEI) project. It is fair to say that it would not have been particularly difficult this time last year to find sceptics about whether such a statement could be made at this point. ESMA have been a key driver behind this progress.


Getting your head round the main objectives of the current financial reform agenda is a task in itself, but when it comes down to the increasing data management requirements that follow hand in hand, it’s all about the nuts and bolts. Whose responsibility is it to manage this data, and keep it up to quality?


Last week, the Regulatory Oversight Committee (ROC) published their report on the progress the Legal Entity Identifier (LEI) has made since its proposal in 2011 as a solution to transparency, organisation and risk aggregation in the financial industry. The report is split into five sections: (1) Completion of the Global Legal Entity Identifier System (GLEIS)


JWG analysis. The Regulatory Oversight Committee is branching out. On Wednesday, the ROC released a consultation paper on the possible issuance of LEIs to international branches of a head office legal entity.  The idea is that this may reduce the likelihood of the double trade and transaction reporting that foreign branches are often subject to


JWG analysis. The ousting of Martin Wheatley from the Financial Conduct Authority during the summer is a sign that the UK Government wants to take a stand on ‘bank bashing’, sending a global message that London is a bank friendly capital, and that there will be more emphasis on individual responsibility. During this year, there


JWG analysis. Reporting systems are already buckling under the weight and complexity of new compliance demands, and yet more requirements are on the way.  Trade and transaction reporting regimes are set to expand significantly in 2017 when the Markets in Financial Instruments Directive II (MiFID II) and the Markets in Financial Instruments Regulation (MiFIR) come


GIIN! … LEI! … PRN?

JWG analysis. Over the course of the year, JWG’s Customer Data Management Group (CDMG) has covered in-depth customer due diligence and KYC requirements under global tax, reporting and anti-money laundering regulation, and market monitoring under MAR/MAD2.  For the ninth CDMG meeting, JWG took a different direction and covered fund management regulation and the regulatory interdependencies


GDPR … tick … tock … tick … tock

JWG analysis. Amongst a number of themes and issues that are raised on a regular basis at our monthly Customer Data Management Group (CDMG) meetings, data protection and the need for harmonisation are consistently top contenders. Recently, CDMG has covered the OECD Common Reporting Standard, MiFID II and the new Market Abuse Regulation, and will


JWG analysis. At the 8th Customer Data Management Group (CDMG) meeting of 2015, on 18 August, over 20 members from 10 firms came together to discuss the new Market Abuse Regulation (MAR) and the potential challenges it holds. With less than 11 months until particular sections of MAR will apply to the financial services industry,


JWG analysis. Eleven of the industry’s most high-profile trade associations and ISDA this week urged regulators to adopt consistent and harmonised trade reporting requirements across jurisdictions.  However, reporting rules are already on the books and the consequences are high for firms.   In part 1 of our analysis on reporting, published last week, we explored


By Sam Tyfield and JWG. As RegTech readers may recall, back in 2014, the prudential regulator in the UK released new rules for the firms it regulated – the ‘senior managers regime’ or SMR – and that the Bank of England was running a Fair and Effective Markets Review (FEMR) looking at what needed to change in


Are EU algo rules converging?

By Sam Tyfield and JWG. Here algo again … Yesterday, ESMA published a notice stating that supervision of automated trading across the EU (in compliance with the ESMA guidelines from 2012) was converging.  We found that interesting – a closer look at the BaFin’s rules versus those MiFID II/R creates would appear to show less