By Tom Harwood, Chief Product Officer and Co-Founder at Aeriandi

The aftermath of the 2008 financial crisis resulted in significant new financial services regulation. With it came a much higher compliance burden for companies operating in the industry.  Regulators aimed to ensure the mistakes of the past would not blight the financial landscape of the future by placing more controls on risk, capital management and transparency.

Regulatory Tech – or RegTech as it’s more commonly known – is a term created by the Financial Conduct Authority. It is a sub-set of FinTech that, “focuses on technologies that may facilitate the delivery of regulatory requirements more efficiently and effectively than existing capabilities”.As the regulatory focus on data, reporting and oversight continues to increase, RegTech is evolving as an area specifically geared towards the compliance, security and regulation aspects of FinTech.   Essentially it’s about developing technology that can help financial firms to better comply with regulations in an agile, comprehensive and cost-effective way.

So far in 2017, the FCA has issued fines for compliance breaches totalling more than £225m.  With so much at stake, companies are investing heavily in RegTech to help them achieve compliance.  Investors are pouring millions into the innovative startups leading the industry.  London-based DueDil has raised around £20m since its inception in 2011 and has become one of the most well recognised RegTech superstars.  DueDil’s platform pulls together data from thousands of sources including company websites, financial filings, news reports and registry data to form a comprehensive database offering detailed insight to support due diligence.

RegTech in practice

As the compliance landscape increases in complexity, RegTechis taking centre stage.  Often RegTech systems use existing data, but in a way that offers new and timely insight into regulatory processes, automating compliance and risk management tasks by pooling and aggregating data from a range of sources.  Often this data is too complex, too varied, too expensive, or just plain impossible to review manually.

Innovative RegTech companies are automating these complex processes to significantly reduce the cost of achieving compliance.  They are helping financial services companies meet regulatory obligations by, for example, providing aggregated global credit and anti-money laundering (AML) risk data, providing on-boarding, screening and monitoring tools for due diligence and know your customer (KYC) processes, and the recording, storage and analytics of regulated telephone conversations.

New year, new rules

In 2018, we will see RegTechplay an even more important role in the industry.  Massive changes are afoot in the financial sector.   The Markets in Financial Instruments Directive II (MiFID II) and the EU General Data Protection Regulation (GDPR) will come into force in the first half of the year.  Both have serious teeth in terms of the changes that organisations need to make, and the financial penalties that they risk should they fail to comply.

One of the most discussed aspects of GDPR is its explicit mentioning of fines. Whereas the Data Protection Directive simply stated sanctions had to be defined by the Member States, GDPR exactly details what administrative fines can be incurred for violations.  Under GDPR, companies can be fined up to 4% of their global turnover for a breach.  With such a significant overhaul of the data protection landscape, regulators will want to make examples of companies failing to achieve the new standards.

Who will win in RegTech?

For most financial services companies, the issue will be the scope of the new regulations.  Compliance will not be straightforward and some regulations even contradict each other.  When one regulation insists that all records of a transaction are kept for five years whilst another provides rights to remove this data, which one prevails?

The winners in the RegTech sector will be those that can answer questions like this with practical solutions.  And that means companies will require skilled workers, not just those with a good working knowledge of the new regulations, but a practical mind able to interpret these initiatives for various sectors.  They will need to come up with new business processes and systems that meet the regulations efficiently.  This is non-trivial, especially in legacy system-heavy environments like banks.

A great example of where RegTech is already helping address compliance challenges is in the voice space.  Just imagine how much personal data is held within call recordings.  These are ubiquitous.Many companies across a range of sectors store call data.  With GDPR offering customers new rights to access, view and delete this data, how can companies ensure they can offer this capability?  How will they even know what data they hold?  A technology approach to the problem is the only way many organisations will be able to address these challenges effectively.

A positive outlook

No business wants to damage its reputation or bottom line by falling foul of the regulators.  For most, non-compliance is not an option.  This simple fact means RegTech is poised for growth, as companies look to technology solutions that support compliance with rules and regulations that are in place now, as well as those that will be implemented in the future.

According to FinTech Global the outlook for RegTech in London in particular, is very positive.  As financial institutions continue to face ever-increasing regulations, accompanied by spiralling costs and complexity, they become even more receptive to innovative companies that can offer technology-based solutions.  That’s why, for me, RegTechis a sure bet in 2018 – and beyond.