Should we be regulating RegTech?

Interest in the RegTech sector has shot up over the past couple of years. Since 2014, there has been a total of $18.2bn invested into the RegTech sector, of which, $13bn was deployed across just 2018 and 2019. This increase in capital is not just down to companies raising later and larger-stage deals. In 2018, there were a total of 164 transactions globally amounting to $4.5bn, whilst figures for 2019 are $8.5bn spread across 317 deals.

RegTechs are clearly cementing their presence in the market and financial institutions are seeing their worth in updating manual legacy compliance systems. The question is, are these technology solutions able to meet compliance they claim to?

muinmos founder and CEO Remonda Kirketerp-Møller said, “I do not think it is right that regulators are on the side lines when it comes to technology providers and I believe that in the next few years we will see more supervision and possibly a regulatory framework where RegTech firms like muinmos can get licensed by the financial regulator to provide its products and services.”

More regulations are hitting the market and enforcers are getting stricter with their fining, making it integral a financial institution has a robust system in place. If they cannot trust the solution they are using, it’s leaving room for potential error. Kirketerp-Møller added, “If we don’t have stricter governance, how can financial institutions be confident that they can rely on the RegTech sector?”

There has been a push to greater accountability in recent years. The UK recently saw the Senior Managers and Certification Regime (SM&CR) implemented, which is aiming to encourage a culture of staff taking personal responsibility for actions and companies being able to locate responsibilities of operations. The Treasury Committee also recently called for regulators to take tougher action against banks who have system failures, such as consumers unable to access their online banking features.

If we are moving into a world where everything is being held to account, surely, RegTech solutions should follow suit. A bank relies on these solutions and if they do not achieve what they claim, the financial institution could be hit with some serious fines.

Kirketerp-Møller said, “muinmos has been in the sector for many years and we firmly believe there should be a standard protocol. Currently, we have to comply with corporate law, GDPR and similar of course, but there is no other regulation which we need to adhere to for the financial services industry as a RegTech firm. There are standards such as ISO, but technology firms are not obligated to apply for these accreditations.”

By putting a seal of approval on RegTech solutions, it could ease worries of financial institutions as they can be certain they meet necessary standards. The Treasury Committee’s comments on IT failures in banks also brought up concerns of too many companies relying on the same third-party providers for their back-end processes. This could lead to potential concentration risk and one failure could impact multiple financial service providers.

Digital operations are intertwined so closely with many people’s lives that if a system fails a consumer could be left in a precarious situation. CSS director of cyber IT services Ej Yerzak said, “If AWS suffers an outage, as it did several years ago, these outages can be felt by large companies relying upon that provider. Contractual provisions in Service Level Agreements for guaranteed uptime are where this should be addressed. It is important for companies using a service provider to understand how that provider defines availability and uptime.”

Large technology providers are likely to be selected by a financial service organization due to the appearance they will offer more security or are simply better than anything else. This potentially makes it harder for smaller companies to be adopted by financial services and leads to instances where companies are all relying on the same vendor.

Kirketerp-Møller said, “If the financial regulator creates a set of standards for the RegTech firms whether large or small, enabling them to be licensed to offer their RegTech products and services, this will open the doors to many solid smaller RegTechs. It would offer a “rubber stamp” of approval that these RegTechs have passed certain relevant requirements, thresholds and standards, no different from a licensed financial institution, then there will be a more competitive environment and it’s less likely that large numbers of financial institutions will rely on the same third-party provider”

Setting up a regulatory framework would help to build a level playing ground for all sizes of RegTech companies. Kirketerp-Møller explained that his company has encountered times where a financial institution has seen its technology and service offering is equal or even better than other, larger providers. However, the organizations are hesitant in using the service as it does not have the same balance sheet as bigger competitors. If a framework was created though, regulators would need to ensure there is not the chance of a competitive advantage for large companies which can pass more checks, she stated.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button