The dangerous risk of interactions with regulation

Now is the time to challenge convention

Our interactions with regulation play a ubiquitous and increasing role in the world economy. Individuals and organizations interact with regulation to ensure compliance and safeguard actions within firms, between firms and all the way through markets to the end consumer. Given the pervasive nature of interactions with regulation, it is hardly surprising that they are extremely important contributing factors as to how organisations and industries are structured and how workers and customers behave.

In the face of a massive growth in the global regulatory landscape, combined with the advances of digital capabilities, many of our traditional assumptions about how we interact with regulation will fall rapidly by the wayside. This is an urgent issue and requires a closer examination of conventions that are inefficient and prone to latent risks that will materialise unexpectedly.

The pace of regulatory complexity and change is increasing exponentially

The number of regulatory changes worldwide increased by a factor of 6.5X over a 10-year period, reaching a total of 56,321 in 2017. The sheer volume of regulation continues to expand, accelerated by major disruptions such as global trade conflicts, the Covid-19 pandemic and Brexit. It is generally accepted that regulation volume and its rate of change is overwhelmingly problematic. This has led to a tipping point, as the way we interact with the complexity of regulation rules is no longer practical, efficient or sustainable.

Determining all possible permutations of interactions with regulation is impossible as the rules are nonlinear and highly fragmented. The sheer size of this permutation complexity demands answers to fundamental questions, about the codification of regulatory rules and the way they affect interactions, transparency, traceability and measurements.

Today’s latent risks, become tomorrow’s unexpected problems

Looking through the lens of volume, the rate of change and complexity, it is not a surprise that the interactions with regulation is difficult to understand, predict and control. Not surprisingly, profound and unintended consequences dominate, resulting in much disconcertion of those who are responsible and affected.

Inevitably, as the permutation of regulation rules increase, problems cascade causing unexpected consequences forcing an unforeseen potentially hazardous response, which may compound the issue. These issues could be so serious they have a significantly negative impact upon reputation and balance sheet. The convention of training to overcome these types of issues is dangerously flawed.

Systemic weaknesses are everywhere as silos prevail

The way regulations are written demonstrate they are not suitable to be production ready. Consequently, the convention is that every organisation is required to identify and codify the relevant regulatory rules for deployment in practice. Such an inefficient practice has started to be addressed by specialists providing niche digital solutions, but little headway has been achieved to penetrate the vastness of the regulatory landscape. Even those firms that have invested in RegTech solutions, will still not have coverage for most of their policies and procedures. Nevertheless, the notion that each company is required to encode the regulatory rules is cultivating inconsistencies everywhere. Impairing nation state productivity and trade with other nations.  

Documents are now an extremely poor medium for interactions with regulation

At a more granular level, every organisation codifies the relevant regulation into documents using a blended approach of procedures, checklists, questionnaires and forms. To make matters worse, the document or equivalent is a poor medium for interactions with regulation as it is unsuitable to:

1. Encode rules - resulting in weak algorithms
2. Navigate rules - as it is time consuming to read and slow to contextually synthesise
3. Provide any means of audit trails and measurement of decision journeys.  

There is too much complexity for human memory

There is a common belief that professionally based training compensates for these inherent weaknesses. This belief system assumes that training enables regulatory rules to be successfully encoded into human memory, regardless of the volume, rate of change and complexity. The reliance upon human memory to accurately recall and apply accurately the appropriate pathway through the rules is simply untenable. Even, if it were feasible, which it is not, how would you untrain and retrain human memory at scale whenever the rules change. This over reliance upon fallible human memory extends beyond the worker, to the role of supervisors, compliance officers, subject matter experts, professional advisors and auditors.

Lack of transparency can be professionally fatal  

The risks of non-compliance are dangerous at any granularity of interactions with regulation. The reliance upon the frailties of documents and human memory create invisible problems today that will surface unexpectedly in the future. This means senior managers and supervisors are seriously exposed and risk being blindsided by non-compliance at any time. Inevitably this could lead to catastrophic failure.

Bias and misunderstandings prevail

Organisations are becoming extremely vulnerable, as even small decisions made during interactions with regulation are often based on incomplete rules. Leading to misunderstandings, bias and distortions going unchecked, potentially causing a negative impact. The traditional reliance upon weak algorithms within documents and the struggle of human memory to cope with complexity means convention is no longer sustainable.  

Digitalisation of interactions with regulation is necessary and now possible  

There is a clear and pressing need to digitise interactions with regulation, underpinned by better algorithms for simplified and streamlined decision pathways, that automate compliance and provide continuous intelligence. This is not the time for every organisation to worry about understanding and disclosing deep systemic weaknesses, but more about the demand for a nation state utility service. Such a capability would enable organisations to instantly switch to a more intelligent way to interact with regulations. This is not a technology challenge. Leadership is now needed to deliver new managed services as interactions with regulation is a national, strategic imperative.