Regulation in financial services is, of course, a fact of life. The period since the financial crisis has seen governments, central banks and regulators heap unprecedented attention upon the financial sector with the intention to make markets safer, more transparent and more competitive. This has resulted in swathes of regulation. A recent survey estimates that 4% of a financial firm’s total revenue is spent on compliance with this increasing up to 10% by 2022.

The problems of cost and complexity are not only applying very large costs on the financial industry, they are also inhibiting innovation. The small armies of compliance officers that a financial services firm now requires and the hoops that a new entrant needs to jump through to gain regulatory approval mean that barriers to entry are raised and innovation and competition is reduced.

Few are suggesting that regulation should be scaled back significantly. Whatever the rights or wrongs of doing so, the macro consequences of the crisis are still too recent a memory. Furthermore, with higher capital ratios, increased visibility of OTC products and still more oversight being forced on the industry, through, for example, the Securities Financing Transactions Regulation shining light on shadow banking, it’s difficult to argue that the industry is not significantly safer than it was.

The dilemma remains, however. Financial services are a fundamental part of an advanced market economy, so how does the industry as a whole balance the need for safety with the need to promote financial dynamism and innovation? How can the regulatory monster be tamed?

Technology, which has already transformed many areas of financial services, provides some solutions. Whether one looks at the process of trading, to how retail clients interact with their bank, to personalised investment products, technology’s influence has been very significant, but these benefits have not yet extended to regulation. Yes, technology is used to support the implementation of regulatory initiatives. For example, the real-time reporting requirements of MiFID II would be unthinkable without technology, but it’s not fundamental to it. In short, regulation is not, as yet, a digital process.

Here are two areas where technology can make a positive contribution.

Firstly, firms need to stop taking a tactical, deadline driven approach to compliance. Currently the process runs something like this: a team applies for budget for its project, which is simple because compliance is mandatory. Once that budget is allocated, the requirements of the regulation will be examined, and a system will be built that has the right data and produces the right type of report at the right frequency. The challenge of identifying and integrating the data required will be difficult and expensive, but, usually, there’s no reuse of what has just been built to meet other deadlines in the near future. Consequently, the result is an expensive new, siloed system that needs ongoing maintenance and is inadequate for ensuring compliance with future legislation.

Firms need to stop doing this. They should move away from this piecemeal approach and think more strategically about how they go about responding to new and evolving regulation so that technology and data assets can be reused. Some attempts have already been made to reuse data assets with, for example, the creation of data lakes, but these are often expensive, difficult to govern and much of the functionality around things like data provenance must be built from scratch. Data hubs, an emerging category of data architecture, can provide an answer. These provide the data integration, security, governance and data provenance that a modern data-driven regulatory approach needs and, crucially, can evolve progressively as requirements change or new regulation, needing access to the same data sets, is introduced.

In summary, changing a firm’s approach to the way they manage their data is a key part of making regulation a digital process. And it’s one that can be done today.

Looking to the future of regulatory reporting, new possibilities are emerging particularly in the area of what is being termed digital regulatory reporting or quantitative regulation. This is a response to the lack of digitization in the regulatory process. A typical workflow today would involve the submission of a regulation comprising, often, hundreds of clauses to a firm. This would then be translated by humans into an understanding of what parts of the firm were affected and relevant reporting requirements. Next, it would be translated to ensure an understanding of what data would be required. And so on. This is a highly manual process, which is time consuming and prone to error.

Digital regulatory reporting (we’ll use that term assuming it is synonymous with quantitative regulation) is a vision of introducing the high degree of automation that one finds in, say, trading processes, to regulation. This could take the form of a regulator expressing regulation in a machine-readable form, which is then automatically processed by a firm that can translate that into data and reporting requirements. In this scenario, ad-hoc regulatory requests could be submitted, and a response given immediately, with no human interaction.

Today, this is just a vision, but there is work going on to realise it. Regulators such as the CFTC and FCA are consulting with stakeholders in the industry about it and are supporting pilot projects to understand its economic and technical viability. Cross industry bodies, such as the RegTech Council, that includes regulators, vendors and financial firms, are also working to understand how such a data driven approach can be modelled and best implemented.

Dealing with financial regulation today is unwieldy, expensive and human centric. Its ever-increasing costs and complexity are untenable. For the industry to advance, firms must now take a more strategic, data-driven approach to their regulatory initiatives to reduce this burden and to effect reuse. And they must also start contributing to the debate and early pilots on how regulation can be transformed into a wholly digital process.