Since the 2008 financial crash, financial services have developed their compliance systems at pace. From tools that analyse trades and behavioural anomalies, to those that track and map changing financial regulation – manual, error-prone systems are fast becoming a thing of the past. CUBE’s Elliot Burgess reflects on the journey of automation so far, and sets out his predictions for the future.

The journey to automation

One area that has seen significant innovation since the 2008 crisis is regulatory change management. Historically, tracking, analysing and mapping regulatory change was a manual process managed by teams of people working from innumerable spreadsheets. The task was laborious; constant scanning of regulatory databases for changes, hours spent establishing whether that change would impact business functions and, finally, manually mapping that regulatory change to existing policies, processes and controls. Highly skilled and valuable compliance team members would spend hours on administrative regulatory tracking.

Fast forward a few years and, mercifully, manual systems have fallen out of favour (though a recent survey by EY found that some financial institutions are still using Microsoft Excel to manage regulatory change). Regulatory change management started to evolve, bolstered by the application of technology.  Gone were the hours of manual trawling and tracking; the industry started to see a new wave of regulatory technology (RegTech) designed to capture regulatory information and store it in a digitised library. Often the libraries were filled with high-level regulatory data lacking granularity or any form of standardisation – but it was an improvement, nonetheless.

Regulatory change today

As we head towards the tail end of 2020, regulatory technology is at a precipice. Regulatory change management programmes are primed for automation, spurred on by sophisticated technologies including Robotic Process Automation (RPA), Machine Learning (ML) and Deep Learning (DL) techniques, semantic web, big data analytics and Natural Language Processing (NLP), to name but a few. A recent report by CUBE, in association with Burnmark entitled ‘RegTech for Regulatory Change’, found that a number of noteworthy financial institutions, including Deutsche Bank, HSBC and Lloyds Bank are all using AI within their compliance functions.[1]

RPA now extracts regulatory data and maps it to business taxonomy and organisation structures with the help of semantic technologies. AI technologies such as NLP, ML and DL do the task of analysing and extracting insights from the regulatory legislation and identifying the impact on relevant businesses. The regulatory intelligence process monitors the remediation journey end to end, from requirement identification to compliance changes, with minimal input from the compliance team. Does this mark the end of the compliance team? Absolutely not. These highly skilled employees are no longer spending hours on low-level administrative tasks and are able to instead focus on implementing regulations and remaining compliance.

Where do we go from here?

But what is the future for automated change management and other regulatory technology? As we mentioned above, some financial institutions are still using manual processes, so of course there will be – or should be – a further shift to AI and other smart tech. These systems are no longer simply cataloguing the seemingly endless stream of regulatory data, they are employing regulatory intelligence to streamline the process, making it faster, smarter and more efficient. It begs the question; how far can it go?

One prediction for the future is that there may, one day, be a regulatory landscape in which regulators publish regulations through automated systems, which then notify compliance teams automatically. Perhaps all it will take is the press of a button and policy changes will implement themselves. I recently considered this point in the afore mentioned RegTech for Regulatory Change report, in which I noted that regulators are working on discreet projects to improve their delivery of rules or improve the ability to comply and may well, in particular areas of regulation, start with ‘push of the button’ trials. After all, it’s already happening with readable regulation use cases. However, I can’t foresee that such advanced automation will become mainstream practice until an international standardised operating model is agreed.

In the near term, regulatory technology will grow smarter. Automated systems are only ever as good as the data that feeds them. As the data improves, the AI will be fine tuned allowing for precision and error reduction. Change management systems will inevitably be automated, allowing for consistent, fast results and increased, watertight compliance. Regulatory expectation will, in turn, become stricter: those that fail to automate will undoubtedly catch the attention of global financial regulators. Such attention could be costly.