You could call Philip Treleaven the father of regtech. The UCL Professor of Computer Science was compiling research for a Government Office for Science committee and coined the term while writing a paper on how to use technology to regulate fintech companies. It was then used by Chancellor George Osborne in his March 2015 budget speech when calling for increased investment into regulatory technologies.
Treleaven admits that he 'came up with the term to give it a bit of a spin', but the phrase has morphed somewhat since, now broadly referring to the use of technology to help any regulated institution meet its obligations. It's more than just the latest buzzword. According to data gathered by CBInsights there has been just shy of $5 billion of global equity funding into what we would now call regtech since 2013 - as the paper was published in mid-2017 it’s reasonable to assume this has increased.
Estimates of the size of the global regtech sector differ depending on who you speak to - which largely reflects the fact that different bodies and studies choose to define regtech in different ways. Deloitte’s ‘Regtech Universe’ count’s 248 fintech solutions, while the RegTech Directory is made up of over 600 companies that produce a regtech product.
These products tend to cover five main functions: easing the process of regulatory reporting, risk prevention, identity management, monitoring transactions and, of course, compliance.
That’s what ClauseMatch does. It was co-founded in 2012 by Evgeny Likhoded after a career in the legal departments of Gazprom and Morgan Stanley highlighted how inefficient the internal documentation process could be. Aiming for a more simple solution, he - along with his business partner - set about developing a modern document management system to help compliance teams keep track of changes in regulations.
It essentially centralises the entire pool of documentary regulation, enabling users to keep track of any updates and link these to an organisation's regulatory obligations. Likhoded says this not only simplifies the process of regulatory audits and refreshes, but also reduces the risk of any potential breaches.
In 2016 Barclays deployed the software across its global compliance and risk departments as a tool to manage compliance and risk documentation. The start-up works with two other ‘top-tier’ banks and is starting to develop processes to work with regulators.
'I am hoping we can make the world more compliant and more efficient from a regulatory point of view. It will help everyone ultimately, not just banks but consumers as well,’ says Likhoded.
While the majority of regtech companies serve the financial services, the principle can be applied to just about any sector that needs to maintain some level of compliance, from insurance to FMCG and even automotive.
Impendulo, for example, is a London based tax and compliance consultancy. Founded in 2010, it has developed a range of cloud based TACT (tax and compliance tools) specifically for the insurance market. The software gives clients real time access to multiple sources of global insurance regulation, enabling them to track regulatory changes and forward plan more efficiently.
Then there’s the Australian firm Law of the Jungle which develops software to help FMCG, pharmaceutical and leisure companies (among others) ensure that their marketing is legally compliant with different and regularly updating international regulations.
BUT IS IT REALLY THAT NEW?
Creating software to help organizations keep on top of their compliance is nothing new in principle - the likes of IBM, SAP and the RSA Group have developed GRC (governance, risk and compliance) software for well on two decades. But over the last few years, it’s become a more pressing concern.
The scope and a sheer number of regulatory requirements and compliance obligations that institutions are subject to have increased dramatically in the wake of the global financial crisis.
'The volume and complexity of the regulatory reporting we do is significant and increases year on year,' says Santander's CIO for finance, risk and collections Ceri Godwin, who also directs the bank’s regtech research. 'It's not just the amount that you have to adopt that's new, it's how you maintain what is underneath it.'
The Financial Conduct Authority (FCA) handbook, Prudential Regulation Authority (PRA) guidelines and the Bank of England rulebook can amount to thousands of pages alone and it is estimated by the professional services group Duff & Phelps that some banks could spend up to 10% of their revenues on compliance within the next few years. The rollout of Mifid II and GDPR regulations this year highlight the constant battle to remain up to date.
Getting it wrong can be expensive. RBS’s 2018 settlement of a £3.6bn fine over the mis-selling of mortgage-backed securities is a prime example and Moody’s Investors Services estimates that collectively European banks spent $273 billion on fines between 2008-2016.
The point of regulation is to help protect society from the excesses of the free market. But when done badly, it can be burdensome, create perverse incentives and stifle innovation. Given that the advantages for the economy of having a clean and efficient regulatory environment are manifold, it is unsurprising yet reassuring that the FCA has been increasingly interested in regtech.
‘We started our work three years ago. There was this regtech term being bounded around, but when we first got involved in the market we didn't really know what it meant,’ says Nick Cook, the FCA's Head of RegTech & Advanced Analytics.
He says that now the regulator tries to play three key roles within the developing regtech sector.
The first is as a vocal participant in the market, publishing calls for input and meeting with companies and accelerator programmes to work out the ways in which the technology can be used to meet the needs of regulated firms - this involved a call for input from industry stakeholders in 2015.
The second role is as ‘a convener of new solutions’ through the hosting of tech sprints and sandboxes.
Finally, the FCA is an ambassador of regtech through experimentation, research, and development of its own. The regulator is piloting a series of tests to develop ‘machine executional reporting’ – in layman’s terms, writing the law as code - and also looking at how machine learning technology and natural language processing technology can be implemented in the regulatory process.
'It's pretty fair to say that we, like pretty much every other regulator in the world, are still at an early phase of building this out,’ admits Cook. ‘A lot of it is still in labs and the experimental phase, but we see a myriad of potential use cases.’
This innovative attitude has had huge benefits for the UK’s place in global regtech space.
Data gathered by CBInsight estimates 37% of total regtech funding since 2013 has gone to UK companies - second only to the USA. Singapore, Australia, Canada, and Israel have also attracted increasing investment, but the general consensus is that the UK will be at the forefront of the emerging global sector.
The strong affinity between regtech and the financial services of the City is undoubtedly a major pull, but the innovative regulatory attitude of the FCA is also seen as critical.
‘The FCA is the most innovative regulator in the world in terms of using new technologies and the other regulators look up to them,’ says Treleaven.
The next stage of research is looking at how blockchain and distributed ledger technologies can be used to automate the regulatory process. Treleaven is now working alongside an industry-wide consortium of six major banks and the FCA to develop what has been termed ‘digital regulatory reporting’ - essentially creating digital and automated versions of the FCA Handbook.
SO WHERE WILL IT ALL LEAD?
Regulation is never going to be a field that embraces change at the same pace as the conventional tech sector. Regtech itself faces barriers such as the complexity of banks’ legacy IT systems, cyber risks and perhaps also ethical debates over the use of such vast amounts of financial data.
While it might be pleasant to imagine some distant future when you can replace your entire compliance department with a semi-sentient robot that’s fluent in the blockchain, it’s probably best not to get carried away. Regtech’s promise is less flashy but still significant. Helping regulated firms identify burdensome compliance issues more quickly, cheaply and effectively can ultimately only be a good thing for all concerned.