#regulation #compliance #regulatoryreporting #regtech #fintech #fca #drr #sandbox #gfin #complianceasaservice #cet1 #lti #bcbs239
Regulators across the globe are increasingly creating "safe" environments in which fintech's are able to test innovative products sometimes with real world consumer impact. Generally, these are run by individual regulators with a few market participants and start-ups however, we are now seeing a lot more cross-border collaboration such as the GFIN (Global Financial Innovation Network) initiative which plans to bring together 11 financial regulators and other related organisations. In the context of products that directly impact consumers this can be concerning (as discussed by Jemima Kelly from the FT). Yet, from a regtech perspective, the focus is about strengthening the manner in which institutes report compliance to their supervisors which does not have a direct impact on consumers and therefore, is more focused around creating a robust and safe financial services ecosystem.
Earlier in March, the FCA (Financial Conduct Authority) published their report on Phase 1 of the DRR (Digital Regulatory Reporting) sandbox initiative.
"The pilot was set up to explore how regulators and firms could use technology to make regulatory reporting more accurate, efficient and consistent. In particular, the pilot would explore how to make reporting rules and instructions less reliant on human interpretation and implementation, and so improve the quality of regulatory data. "
The pilot had two primary use cases: The Loan to Income (LTI) and Capital Equity Tier 1 (CET1) Ratio compliance checks. Key outcomes of the pilot included digitising the regulation, converting this into machine executable code to then source data directly from bank systems and then using Distributed Ledger Technology (DLT) to submit this granular data to the regulator. The report provides excellent insight into the current viability of doing this.
It recognises that "there is no obvious answer to what is the most efficient process to generate code from natural language regulation". It also sees the benefit of "creating a standardised format to describe financial data would unlock efficiency gains in regulatory reporting. However, it may make the DRR solution unsuitable for some regulatory reporting use cases".
As we know, text-analytics can be employed to digitise regulation however, going one step further to generate machine executable rules that can be run across a bank's network in standardised way would be extremely difficult considering the various technologies involved. Even before this however, is the admission that regulatory text in itself needs be expressed better in order for easier conversion to code. The implications of this are vast (i.e. rewriting of wholes swathes of regulation).
"The technology and processes used to build and run the prototype DRR system could not be deployed as a live, fully functioning DRR system without further development. Using a DRR system for live regulatory reporting would also require firms and regulators to make a number of non‑technical changes, as well as changes to the rules for regulatory reporting. "
The challenge is one of implementation and scale. The level of telemetry required to capture granular data from bank systems which are typically quite complex given the mix of technologies and architectures. Banks have been on the journey to harmonise infrastructure (in part driven by BCBS 239 principles) for some time now. Its not easy, it will take time and come at significant cost.
Using DLT to secure and issue data is a novel idea however, those who claim that that this technology is simply a solution trying to find a problem may be right in this case. There are existing, traditional database technologies out there which satisfy these requirements already and arguably, in a more robust and scaleable way.
From a regulatory reporting standpoint, a number of positive takeaways emerge from this report including:
efficiencies gained from centralising processes that firms currently carry out locally;
reduction in the time and expense of regulatory reporting change brought about by real time regulatory reporting; and
reduction in duplicate data storage and data security risks through reducing data transfers between firms and regulators.
We at CaaS, like most other regtech companies, are keen observers of all initiatives that seek to bring regulators and financial institutions (FIs) closer together. It's beneficial for the start-up/established vendor community in that it provides insight into future supervisory practices. Ultimately, it becomes a great store of use cases and product features that can be offered to the industry. This particular report provides a frank view on what went right vs. what went wrong. It was a bold attempt to step into the future of regulatory reporting.
To understand how CaaS will leverage these insights to further enhance its service and product offerings, contact us here.