Webinar: A Fresh Look at RegTech: How has RegTech changed in the last decade?
January 30, 2024
SPEAKERS
Kayvan Alikhani, Jason Boud, (Moderator) Ronjini Joshua
Introduction
Ronjini Joshua <Moderator>
Hello everybody, welcome. I’m Ronjini from the Compliance AI marketing team. We will start this Webinar in a few minutes- just letting some people file in. Sit back and get ready to enjoy our discussion today.
<PAUSE> *Speakers chatting-light conversation while waiting for attendees to enter:
Kayvan Alikhani <Kayvan>
That said, while we’re waiting, Jason, are you in any way following the NFL American football, or no?
Jason Boud <Jason>
At a great distance Kayvan. But please, please, please fill me in. It’s getting pretty interesting now.
Kayvan
Yes. Down to the Final Four and the championship game so…
Jason
and is one of them your team?
Kayvan
Yes, San Francisco 49ers is one of the four. Then Detroit, The Ravens, and the Kansas City Chiefs.
Jason
So, who did the 49ers play?
Kayvan
They’re going to play the Lions and then the winner will play the Ravens. Yeah. Wow. But if you don’t know enough about them, that wouldn’t be as fun.
Jason
Yeah. Sorry. Although there was quite an interesting story about a guy, who is a professional rugby player who has just joined the NFL and has been in the news in the UK. His earnings are going to go on a great trajectory, (a bit like your sales Kayvan), it’s just pure hockey stick salary over the next five years is what they predict. I think he’s going to be like a wide receiver.
Kayvan
Oh, wow. Okay.
Moderator
All right. With that, let’s get started here. Taking a different avenue, we’re going to be talking about a fresh look at RegTech, and how RegTech has changed over the last decade. A few housekeeping items before we get started:
If you have any questions during the webinar, please feel free to drop them into the Q&A section. Our panelists will take them as they come, or we might hold them until the end of the webinar (we will have a Q&A section for a few minutes at the end). So don’t be shy, please put your questions in there.
If you’re having any technical difficulties, feel free to go ahead and message me directly. (It says compliance.ai – I’m that person). So go ahead and you can direct message me if you’re having any issues or something funky happens.
So, at this time, I’ll leave it to Kayvan Alikhani, our co-founder and CSO to introduce our expert guest.
Kayvan
Thank you so much. Ronjini. Thank you so much, Jason, for agreeing to participate in this session. I’ve known Jason for a while and he’s not only a thought leader on all things RegTech, but also an investor and advising companies. I just heard today about the mentorship you provide for the FinTech international lab (would love to learn more about that throughout this). He’s an expert on all things RegTech and all RegTech’s tech. So, look forward to this discussion. Trying to look at what we’ve seen in terms of RegTech, how is it defined? How has the tech around it evolved over the years? Is there a clear definition that we can box RegTech in and has feature creep, in terms of that definition, helped or hurt the brand, the expectations that we’re seeing in the market in terms of interoperability, and some advice on best practices for adopting RegTech technologies? With that, we start with a poll asking what the impact of RegTech within your organization has been. Go ahead, Ronjini.
Moderator
It should be up.
Poll #1
What impact has RegTech made on your organization?
We use RegTech solutions every day to streamline our operations.
We are open to RegTech but haven’t found the right fit.
We are slow to integrate with tech but are interested in modernizing our approach.
We reject technology and prefer to do everything manually.
Kayvan
Oh, it is up. I saw the answer and I hope “D” gets zero results, but you never know.
Moderator
Don’t also be shy to fill in the poll we always like to hear and see the actual answer. I always I’m aching to get the full number of attendees in there. Oh, Kayvan, you lost that bet!
Kayvan
Is D the winner? Don’t tell me.
Moderator
No not the winner, but that we do have a D. We do have one. All right.
Kayvan
Should we close it? Or do you want to still wait?
Moderator
Yes, good, because it’s been a minute. (I like to keep it to a minute). So, all right. Here we go.
Kayvan
Pop up the results. There we go. So, we’re seeing a good healthy mix. But yeah, you’re right. I think I’d like to talk to that group and see what has been the reason for that. Beyond that, it seems like Jason, a slow start, right? Some adoption and then some great answers on the actual groups that have already made some strides. So, with that, let’s take a close look at “then versus now”. We’ve been tracking RegTech, I mentioned to Jason, when I met him in London a couple of months ago that things have changed since the seven years that compliance AI has been around and he reminded me that he’s been working in RegTech even further back from that. Looking at a 10-year window, what’s changed? Starting from a volume, velocity, and complexity direct part of RegTech (regulatory activity) a huge uptick over the past 10 years. The rapid and ongoing publication of various types of regulatory documents. We analyzed mid-sized regulated banks in the United States, you would expect probably 200 to 300 regulatory updates that you need to assess, review, and determine relevance on a weekly basis. That number is current and of course, enforcement actions becoming more and more stringent, more frequent, and leading to higher penalties, we track that. (A compliance study published both a weekly and a quarterly report that tracks that type of behavior). But you know, Jason, looking at this, what are you seeing in terms of the difference across, the globe, or maybe just comparing the UK/EU at large in the United States? What are you observing an event versus now? Analysis?
Jason
Yeah, great Kayvan and team. Thank you so much for inviting me, first of all, to join us. As Kayvan said, we’ve known each other a while and it’s great to chat through what’s happened in the industry over the last decade. I mean, the good news is I still come across people who mispronounce RegTech, and they call it “REJ” tech. And I say, look, come on, guys. You don’t have “rej-jewel-ation”, you have REGulation. So please call it RegTech. So first of all, we started off really well. I’ve known you for a while Kayvan, so I know you call it RegTech. On a serious note, if we date back to where the origins of RegTech came from (and looking at the poll), it’s no surprise that we’re still some “work in progress.” It’s pretty slow: the compliance and regulation industry, right? If we if we date back to when RegTech, the term, started to evolve about a decade ago. I invested in my first RegTech company in 2014. As you look at the peak of when a lot of companies were formed, it was in the mid-2000s and 2010s. And, you know, in the last decade, I can say that people still ask me, “What is RegTech?” What does this term mean? And it’s still good to explain and educate people. So, I’m not really surprised by the results from the poll, but what I’m also pleasantly surprised about is only one person voted on D, right? Because I think the thing that the global financial crisis taught (at least the banking industry) is that yes, you can throw people at a problem. And that will solve something for a short time. That was largely the reaction to the global financial crisis and the onslaught of regulations, but the technologies (like compliance AI) evolved over the last 7, 8, or 9 years and the improvements in those technologies mean can you look at yourself in the mirror and say, “I’m going to do this manually with my army of people?” I would pose the question that you can’t. I think the second thing, which is really about this volume, velocity, and complexity, is to look at the number of regulations. Okay, so maybe Trump will get in for another election. Maybe he’ll go and do another regulation-busting campaign. (Didn’t work too well last time around, right?) So, the volume of regulation is just increasing and increasing. A final point on this. I was looking and posting today on LinkedIn about the SEC disclosure rules around cyber breaches. Maybe if you’re in financial services, you might think about consumer protection. Market conduct rules. But actually, there’s a whole set of rules and regulations that didn’t exist around data privacy, (soon to be AI regulations). Things like cybersecurity breach disclosure. So, you know, this stuff’s not going away, it’s not getting less, and every regulation that comes in has a life of its own, right, it’ll have updates, it will have changes. So, I think the penalty stories tell their own story. (Final point, I promise.) We’ve also got this new asset class, right? In the crypto industry, where, as well as traditional finds, you’ve got the crypto industry asset class and the fines. I read somewhere recently, that the fines in 2023 surpass that of traditional finance in the crypto industry. So yeah, so much going on. You can’t do this without technology. That’s great news for us.
Kayvan
Yes, that’s on the reg side of things. During President Thompson from President Trump’s administration, we started a tracker, (a reg tracker, specifically) comparing the number of DEA regulations or regulations that are being suspended at a federal level, and then looking at the rise of the same at the state level. So, it’s almost like a mushroom effect of a game of Whack a Mole, kind of pressing them down at the federal level, and now have to deal with many CFPs. That was one of the results that we observed from a tracking perspective (that’s the reg side). How about the tech side of RegTech? What are we seeing in terms of what we were looking at from 2014, 2015, all the way to 2023? When we talk about RegTech, the technology side of it, what changes have you seen Jason?
Jason
Yeah, I mean, that’s a really good question. I think, if you date back to a decade ago, I think the average conversation (in a compliance professional) about how they track regulatory changes, an example would be Google and Excel. Right? That was the answer. That was the answer to pretty much everything. Having worked in a bank, I know, Excel runs a lot of things, but do you really trust Google and Excel to be the tools that you rely on to manage and track your regulatory change? Slowly but surely, the answer has been no, we don’t, right? So almost all the first wave of solutions were almost like automation solutions, the ones that would maybe put, all the changes in one place. So, you only have one place to view, and then give you some rudimentary ways of tracking and assigning them. But not much beneath that, right? But in the last six or seven years, the rise of technologies like natural language, and processing, the rise of different techniques to be able to not just track the regulations, but read the regulations, and understand the obligations that a type of financial institution has. I’ve just improved beyond recognition, right? These solutions are now so accurate that horizon scanning, (the art of finding the regulations) is almost a commodity in the industry. COVID? I think we can agree with that. Everyone has to have that. Now you’ve got that. What can you do with it? Can you read them? Can you understand them? Can you work out? Does my organization need to change anything? I think technology is just, you underpin them and make those solutions so much more reliable, so much more robust. For the buyers at a much better price point than things were 10 or so years ago.
Kayvan
Yeah, and then the level of sophistication, the conversations, I think, if 20, maybe 10, eight or even 11, if I’d walked into a regulator organization and offered a SaaS solution for anything that would have been a very short conversation, and I would have been escorted out of the building. Now we are hard-pressed to find a single RFP (or RFP that doesn’t include an option or a request for an option) of all SaaS. That’s a big change. I would say another part that we’ve seen happening right in front of our eyes is moving up the food chain. Specifically, if we go back to the poll – people answered one or two, going above and beyond. I want to be in the know about RegTech to be about regulatory changes and to be able to tell me more about how it impacts me. It’s kind of coming back into connecting the dots and the tech than following suit in terms of being able to do that. Large language models have become a focus and the type of conversations we have with some of the larger organizations is they’re very apprehensive about sharing or using any internet facing a language model for obvious reasons, but they do look forward to kind of boxed and private cloud models and look at that, from the perspective of ease of use and simplifying the type of inquiries with an asterisk next to it, they still demand the vendors to provide an assertion that they stand by what that Black was models are producing. And then, of course, nimble going more and more towards don’t give me monolithic solutions that have two years, three years to implement, give me something that I can get value from a lot faster tech is followed suit, and we see more and more of that more SAS based advantage of being able to get to that first users usage of the solution to value very, very quickly, I’m assuming you’re seeing some differences between what I just mentioned in the United States versus Europe. I mean, the UK, maybe slightly different. But is that the kind of perspective that I mentioned? Do you see the same across the pond? Or is it different?
Jason
Now? I think it’s the same. I mean, you’re absolutely right. One of my former bosses was at a big bank, you know, through 2000 to 2010s, (into early this decade) and I was talking to him about how he used to run a committee where they used to have to approve every use of cloud for the bank. Right. So, he ran this committee, and I bumped into him a few years ago. I said, “How’s that committee going?” He’s like, “Well, we scrapped it because everything is cloud for us now.” So, I don’t need a committee. It’s almost the other way around. I need a committee if you want to go and buy a piece of technology and put it in our data centers. So, it’s really amazing how that dynamic has flipped. I think the LLM stuff is really interesting. Who’s not going to use the large language models in their day-to-day role? The real challenge that you alluded to Kayvan is about corporate data. Right? So is the data that we have around the regulations, that’s public, is that private to a company? No, it’s not right. So, could that be, you know, in a public LLM yet? Yes, it could, right? But how does a bank or a regulated institution, interpret the regulations, how do I map them to my products, how do I work out what changes? I need to make my policies and controls, that’s pretty fundamental to the business model and the risk position of a bank. So absolutely, LLMs are going to get are going to be part of that puzzle. But as you say, it’s going to be LLM in some sort of securitized container, where the data that’s specific to the customer doesn’t go out into the public domain. And you mentioned right at the top, the FinTech Innovation Lab, which I’ve been mentoring for 10 years, I’ve been mentoring there and interviewing companies to come into the lab, quite a few companies providing that secure wrapper around MLMs. And a lot of the banks and financial services companies from the UK and across Europe are super interested in that model, whether they buy it, or whether they build it is a different matter. And I think the final thing on this point is there are many use cases around RegTech around compliance, where you can move some data into the cloud. And that can be a private cloud. And maybe you know, that’s acceptable from a data protection and risk management perspective. But I still think there are lots of use cases and lots of data that is inside the enterprise. So, in some cases, you’re going to have to bring your technology or integrate your technology into bank-owned data. I think that’s the emerging challenge that many RegTechs are still struggling with. Many technology providers are still struggling with that. Super interesting how you can take advantage of internal enterprise data, the sophistication of products like compliance AI, and the power that they have.
Kayvan
And what you just mentioned on the FinTech international app, do you see a different set of postures and levels of interest in participation, depending on which continent or country we’re in? Or do you see kind of like a global rise in terms of that type of adopting and being interested in that type of adoption?
Jason
I don’t think across the globe that things are equal, right? So, I mean, what is the illustrating point and I know we’re going to get into this a bit later. Cauvin is one of the areas of RegTech, not what you guys do. One of the areas of RegTech is identity verification and KYC. Hugely popular part of RegTech right now. In 2014 every Neo bank and FinTech that was opened needed an Identity and KYC platform. So, the financial crime and KYC part of the market really boomed in the UK, and in most of Europe, and I’m sure in the US in the mid-2000s and 2010s, with the rise of FinTechs, the rise of Neo banks. That’s not the same in some parts of the world and adoption waves are only really happening now. So, across the globe, I see a difference in adoption, but also a difference in the sort of evolution of solutions and the market opportunity for vendors as well.
Kayvan
Yeah it’s interesting, in certain jurisdictions that we’re adopting, expanding, and our technology being adopted to those environments, where they didn’t have the super messy, super complicated structure in terms of regulatory publications, digitization tracking, and they’re starting afresh. They are actually starting with defining highly machine-readable regulatory publications from the ground up something that, you know, is going to be a very, very tough, let’s call it process within the US, UK, Europe, and other countries where you have huge volumes of unstructured, disparate, distributed on similar dissimilar publications all over the place. And now you’re trying to bring it all into a highly structured machine-readable format. So, it’s interesting, that those who actually started a lot later in those creating those digitized publications are starting with a more structured view. And also, for our younger audience, including Ronjini. This is a three-and-a-half-inch floppy disk, we should have probably done a poll and see if you’re expected to identify this little device. But I guess this does show some sort of progression. Tech-wise and you mentioned on the definition side, I think that that’s been part of my challenges with RegTech, as a participant and as an organization really, in this ecosystem is, first of all, weird is the definition start and stop is the fact that multifactor authentication or the use of, an outsourced HR system to verify employment considered RegTech, or do we? Are we better off putting very stringent definitional barriers? And also, how’s the brand doing? Is it welcome? Is it very similar to the use of Blockchain for activities inside companies where it’s now kind of, maybe paused in some respects and others? How’s the brand doing? What’s your perspective on that?
Jason
Yeah, I mean, I’m probably someone to blame in the definition expansion of RegTech Kayvan. But I can see why it can cause problems. I mean, I remember. You know, a while ago, the FCA, the Financial Conduct Authority, one of the two people don’t know one of the two main regulators in the UK and regulates most of the markets with the exception of prudential regulation. They said RegTech is a subset of fintech. Now, we did I disagree with that. I still disagree with that today and say subsequently said, even though they’re the financial regulator, they sort of understand that actually, if you scope up reg tech to be about lots of different things like consumer protection, and, you know, prudential regulation, but there’s regulations in many, many other areas, right, sustainability, data, privacy, AI, cybersecurity, we’ve mentioned them, right. So the question is, do you exclude? First of all, do you exclude those things? There’s still regulation, it’s still technology to help you meet those regulations. Can you exclude them? Yeah, do you exclude them from RegTech? If you do, then maybe you can say RegTech is financial services. Right? From my perspective, regulation spans many companies. It’s like the SEC disclosures. Microsoft just filed a disclosure for a material breach in cyber, so I might, you know, Microsoft doing scope of regulation. So, you know, I’ve got two guiding principles. One is that RegTech applies technology to help firms meet their regulatory obligations. And then the second one is that can be cross-industry, right doesn’t have to be just financial services. Now, that’s probably not helpful sometimes. I appreciate that. Sometimes people want to brand themselves as financial crime tech compliance tech or the other label that I’m sure most of your listeners are familiar with his sub tech, which is technology used by regulators. Label it how you want right at the end of the day, things that make you as a compliance professional your job and your day easier to manage your regulatory obligations. For me, that’s what reg tech is pure and simple. I think the brand is not welcome everywhere. I think it’s on an upward trajectory will be my final point as well. I think. I think I’m starting to see the term. I’m starting to see more and more again; I think it had a bit of a dip. But yeah, I’m pretty bullish on the term. RegTech.
Kayvan
Yeah, I kind of asked people a lot of times, what they think it means. Or what do you mean, when you ask about RegTech I can synthesize the answer would be technology that uses automation, SaaS to make it easier for us to comply and stay compliant with regards to regulation, so the word financial is definitely dropped this broader than that, but I do see the use of tech for automation tick for and then a lot of times we see AI machine learning or new technologies, modern technology being used for that purpose, or at least that’s from the expectation side. And to the question of the brand, maybe we can take a poll and really ask, how does that resonate with you inside your organization? Is that something that as far as future decisions? Does it give you a lot of worries? You’ve implemented but didn’t do a good job of delivering the promise. Or were wondering what is RegTech?
Jason
Yeah, I think we should have had another poll at the end. Do you prefer reg or reg tech? You know, I’m happy to have to be proven wrong.
Kayvan
So, I’m assuming Ronjini. You’ve already started that one. She’s on mute. But yep, here we go. All right.
Moderator
Sorry, Yes, it’s up.
Kayvan
Yeah, I think this will go hand in hand. With that other poll that we did earlier, the third poll should identify the device and slide seven. Yes.
Poll #2
How does the term “RegTech” resonate with you and your organization?
Adoption of RegTech is the future.
I break out in hives: It’s got a bad wrap.
RegTech has yet to deliver the promise we had hoped it would.
I’ve never heard of it.
Jason
I think one of the points you made while we get the final few votes on the poll, COVID is about. Did it deliver on what we promised? I think, you know, we’re now in that phase where if reg tech solutions don’t deliver the ROI that they promised, the reputation is going to go, right? Because they are there to create better outcomes for regulated entities, consumers, etc. But they have to deliver on their promise, right? There’s no reason why they can’t deliver the ROI and the value they promised.
Kayvan
I think there’s no choice for it to deliver, I find that the agile percentage volume, velocity, and complexity that we’re dealing with, here we go, is so high that the alternatives are too costly, too error-prone, too time-consuming. And it seems alright, I’m glad that item B got a zero. That’s good. Yeah.
Jason
I’m not surprised that it’s yet to deliver the promise. I think I’m not surprised with those eight people that voted for that, I think that’s what creates loyalty and stickiness to a customer’s brand, right? If you make the promise, you’re going to deliver value, and you deliver the value that customers are right. You know, as long as you keep your product and your technology up to date with latest trends and technology, you’ve got a sticky customer.
Kayvan
Absolutely. Let’s move on to basic best practices. So now we have a backdrop of what RegTech could be. We have an analysis of the rec side and the tech side and how it’s moved. You know, what are we looking at as a company that’s trying to adopt this we were talking about earlier about the definition, I think Deloitte has done a really great job breaking this out in terms of the realms of rec Tech’s impact from a regulatory reporting to transaction monitoring. And we will provide this link of course, in this on-demand presentation that will be made available after the session. Ultimately, it starts exactly where Jason mentioned looking for ROI, or am I getting quantified quantifiable results before and after we’ve done white papers? Anonymized header less tokenized analysis of before and after saying this would be the profile the organization had they not be using technology to rec tech, specifically tech in order to achieve automation and streamlining their activities? And this is what that volume looks like? Have we reduced the noise? Have we increased the speed of making decisions? Have we made it easier to report on that activity and be able to quantify it? By the way, it costs significantly less than it was before, but what are your thoughts on the ROI side?
Jason
Yeah, listen, I think it’s perfectly reasonable. One of my favorite RegTechs, I won’t name them, but part of their engagement process is about managing, and almost doing a time and motion study, right? So what’s the “before” state of implementation of our solution? And what’s the after-state, and they do a pre-implementation assessment, and we’ll contractually commit to the improvements that they can make, right? So I think if I was a buyer sitting inside, you probably hate me for this case. But if I was a buyer, sitting inside an organization, and I was looking at the different types of companies out there to help me solve my problem, I’d want to get the contractual thumbscrews out and say “You’ve promised me this in your material in your RFP response, okay. Let’s pay you on your promises, let’s pay you on your delivery.” One of my beliefs in life is don’t pay people on the promise, pay people on the delivery. So, you know, that’s, that’s ROI. Right. And as a buyer, that’s, that’s one of the things I would do on the don’t boil the ocean, I think, you know, when you’re implementing perhaps a regulatory change or regulatory change management solution, it’s not insignificant, you’ve got to change the process, you’ve got to change the way people work. Technology shouldn’t be replacing people; it should allow them to focus on the things that humans are really good at. Humans aren’t necessarily good at googling for 50,000 regulatory alerts, right? But they’re really good at understanding and interpreting, which ones should we be paying attention to? Which controls should we put in place that address this risk? So, for me, it’s about automating the really easy things to automate, getting the efficiencies out of technology, working out where you can redeploy people where they add value.
Kayvan
Yeah, and the second one we’ve observed over the years (and don’t boil the ocean) starts very specifically with a use case: evaluate the results. In fact, in many cases, we’ve seen organizations continue to run the, let’s call it status quo before implementing RegTech in parallel for up to six months, to make sure that they’re not losing anything, they’re not missing anything. That in fact, the ROI is gone. I mean, not everybody can afford to do that. But at least running in parallel for a certain period. And implementing in phases has been one I would tell you, we’re seeing more and more of increasingly demanding, nimble, specific best-of-breed solutions, as opposed to letting me get a solution that has, Microsoft notepad in it. Whereas I’m really looking for Microsoft Word functionality. But I’m getting everything from this vendor because it has everything under one roof, we’re seeing more and more of the ladder, breaking it down into smaller pieces, not into 5000 pieces, but at a manageable number of pieces, and simply demanding interoperability and cross-compatibility between the components. Are you seeing the same thing? Are you seeing something different?
Jason
No, absolutely. So, seeing the same thing. I think there are some initiatives underway where institutions are using almost like orchestration platforms, to help take data from one RegTech system that’s good at doing one piece and feeding data into another system. I think that certainly deals with risks, right? And when we think about things like technical debt within organizations and the cost of running your technology, it’s not always easy. I mean, there’s quite a good question from Dan. And I know, Dan, pretty well, we should talk about it because I think Dan’s question is about financial crime. So maybe we’ll come to that in a minute. However, I think there are significant challenges in implementing RegTech. One of the challenges is legacy technology. So the integration of old tech into new tech in new and innovative ways, I think, is part of the answer there.
Kayvan
To his question, I’ll just read it. During hours, NASDAQ quoted $3.1 trillion of illicit funds moving through international banks in 2023 wonder if we’re going to see RegTech start to reduce the ramp and fin Chrome. So, I guess, putting you on the spot to see if you got to take a crack at that.
Jason
No, I’m kidding. Yeah, I mean, that’s a really complex space. As you know, Dan, and I’m sure you know Kayvan. So, in companies there’s lots of financial crime AML cancerous financing, finance regulations, and lots of organizations are forcing more Let’s have transactions to do KYC to do onboarding checks, right? But actually, for all the technology that the regulated institutions have, the criminals have the technology and they have it first, right? So we are, it’s an overused term, but we are in a technology arms race. And I’ve got to say, you know, we’re being out, you know, the good guys are being outgunned and outplayed by the criminals, they get to use the technology first, they’re faster at implementing it. So, every attack vector on the planet is first before the compliance controls can catch up. So, I think it’s a really difficult problem. There are lots of innovative ways that people are trying to solve it, I was talking to a founder today, his company is Swedish-based. They’re doing a reusable KYC project in the UAE with 10 banks signed up. So basically, if you’re banking in the UAE, one of those 10 banks, you get your identity check done, you get your KYC check done once. And you know, you’re good for financial services across those 10 organizations. Now, that’s not an insignificant trust barrier to overcome. But more and more of those things were a lot, we can make it better for the consumer. But hopefully, we can implement technology faster to prevent criminals from being part of the solution. I wish that I had that 100% answer to your question, but that’s the best I can do, I’m afraid. Yeah.
Kayvan
There’s also the promise that we saw a couple of years back with blockchain and transparency and knowing the start, middle, and end of financial transactions and the ability to audit that significantly more transparency, and much more readily. Now that requires that kind of adoption that we talked about. That’s a kind of a big overhaul, which I think would be reducing ML money laundering, and machine learning activities and provide a huge amount of transparency. If the activities of illicit fund transfers were a result of knowledge, workers performing or workers performing that task, the transparency and the monitoring and availability of those types of reports, when they’re happening at that point in time, are tools and solutions that are available today, both on transaction monitoring and on, as you mentioned, identity control said who was performing this, when did they perform it? Did it meet a specific threshold? And then, of course, the organization and the use of the term that you hear over and over from regulators now globally, the culture of compliance within organizations do they care? Did they know about it as one side of it? Did? They use tech to identify it as one side of it, but do they care that they take action? Am I in the know, am I tracking it, monitoring it? Am I taking action? Am I reporting it? And now I have a transparent system? I think the tech is there already. I probably would argue that strongly. Now, it’s a matter of adoption and maybe 2020. It is not that far out of date that you predicted earlier.
Jason
I mean, you’re absolutely right, as well. I mean, one of the things I spent most of my career in tech, one of the things that I realized after a few years in tech is that it’s not the only answer. Right? Absolutely. Culture. Absolutely. You know, for people that can’t abide by culture, and the technology can’t catch them. You know, there’s got to be implications for your actions. And, and, you know, if you look at talking, touching briefly on the blockchain, coincidentally, the company I was talking about earlier, won’t name them, but their solutions are based upon a DLT solution where the KYC credentials and the validation of the identity check are on the blockchain. But if you look at the other major industry that you know, Blockchain underpins, is the crypto industry. And the transparency. You know, if you talk to any person using, you know, a virtual asset service provider or anybody using in the crypto ecosystem, you’ve got way, way more transparency, right in that industry because of the availability of the public data on the blockchain. So, you know, I think you’re right, the technology building blocks are there, right? It’s now down to us humans.
Kayvan
Yeah, paper Fiat making way for digital tracking and a full-on audit trail of what ended up transpiring, good or bad that’s going to on theory, and that’s been part of the promise to reduce that, but I think you’re right, you know, the look is to say, Okay, well, tech, is tech available. We’re one of those technologies being added for 2017. Yeah, make that six, seven years, providing a series of services and solutions but it’s interesting if I were to look at this over 10 years, you see the move from, of course, you need to have regulatory intelligence, it’s no longer a question that I need to automate, and have a steady stream of changes that come my way. So I’m, I’m in the know, and the composition is kind of moved to that second. And I would say more to the third block to say, tell me how that exactly impacts me in my role in the organization, not just the organization, but I’m part of the human resources department or within the AML. Department, specifically within the United States cross border, how these rules impact my financial activities across the border. And so we’re seeing more and more of that more sophisticated conversation versus what is this? Why should I even care? And then, of course, all the while, I want to know how serious these regulators are. So I want to know about enforcement actions. And we’re finding more and more recent webinars, one of our esteemed advisors commented that kind of surprised me saying that many mid-sized or lower to medium-sized organizations are using enforcement actions as a source of reading the consent letter, to understand exactly what the intention of the regulator was, and now they start making adjustments, because the regulations are not as specific. Lee worded so there’s not enough transparency or specificity in the regulation. So enforcement and action tracking have become that much more important. And last, but not least, back to that culture of compliance. Can you define done, I’m tracking it, I’m acting on it, and I have a system of record. And I know when things are done. So not only do I know what the case is, so I need to hire more people resource management, but also, I can also provide reports to the rest of the organization transparency in terms of what’s important, and then of course, be able to talk to auditors using the same language. Any comments on these pillars? What do you think? Are you seeing also a shift in terms of if we were showing this slide 10 years ago versus today? Do you see the same shift towards more of a tell me about my organization versus the status of regulations?
Jason
No, I think this is a good slide. I think the point about organizations using enforcement actions, and I guess, the write-up to the enforcement actions, to understand. And I mean, essentially, to understand the interpretation of the regulation, like how the regulator’s thinking about applying this rule, of course, I mean, one of the differences is, you know, across the world, many jurisdictions have more principle-based regulation, rather than rule-based regulation, that just makes it a whole lot more complicated. So actually, using enforcement actions, you know, makes a lot of sense, right? I mean, I didn’t realize I probably over the last decade become quite a regulatory nerd. But you know, actually seeing, seeing things like regulator speeches and regulator business plans, and then how that forms into things like consultation papers, how that then flows down into regulations and standards, and then out of the other side, at some stage supervision or enforcement. I mean, I think, you know, he’s, for me, quite fascinating. I think the one, you know, one of the differences again, again, around the world is, you know, perhaps the regulatory approach in some jurisdictions is a bit less litigation based and enforcement find the base. So you’ll see certain jurisdictions it will be, you know, in the UK, there’s something called the dear CEO letter, right? So you’ll get a dear CEO letter, which gives you a good signpost, that, they’re looking very closely at this area. So, you know, I think having those things in a technology platform all tied together, you know, makes complete sense for me, I hope it does for the people listening. Yeah,
Kayvan
You know, you were talking about the different roles. You know, I’m interested in speeches and news items. If I’m in regulatory affairs, and I want to be participating, I want to be interested in the legislative process rulemaking process if I’m part of the commenting and Response Team, but I’m also interested in the responses from my, you know, ecosystem partners and competition. And then I’m interested in the laws of the land, and what’s the current law if I’m in compliance or risk, so it also, it’s not just topical and thematic mapping of, you know, business and operational activities, but it’s also what part of the regulatory, let’s call it lifecycle is important to you and your role in the organization that’s become quite important to us, or tech can be very effective and help with that. With that. I want to thank Jason also opening it up to any questions we may have. We have answered a couple during the call, but opening it up so Ronjini a few Have you opened anything? Otherwise, you know, we have this recording, and we’d be happy to answer the questions offline as well.
Moderator
Yeah, we just have that one question. I think you guys kind of touched on it. I don’t know if you have any more to say about that. Question from Dan. Jason, about when? Oh, well, look, can we go? We have a second question. What’s your view of regulators’ use of RegTech and whether industries are keeping pace with their progress and or vice versa?
Kayvan
That’s a really good question. Do you think it’s not just regulated? It’s also the regulator? Are you creating rules and laws in a vacuum? Or are you aware of rules and laws that are already in place or in flight across other jurisdictions that are very much mapped to the same area of the law that you’re enacting? Do you have a way of comparing and contrasting your rulemaking across different jurisdictions? Are you aware of the fines? I think the answer is: Probably not. So, I think that it is quite important to also provide that type of adoption. That’s an initiative we are working on, we also find that not all regulators are created equal. We see some regulators, very tech-friendly, were very forward-leaning, and others still producing, publishing and interacting in the 1980s. So, Jason, go ahead and open it up to you.
Jason
Yeah, I liked that answer. Well, I think I’ve got a couple of other perspectives on the regulator’s use of RegTech. And as I mentioned earlier, there’s been this use of the word sub-tech supervisory technology, right? So, if we say, “How do regulators use technology?” A couple of data points: I’m on the FCA, (the Financial Conduct Authority) innovation advisory board, and we get to talk about how technology is used to help them regulate the 50 or 1000 firms they regulate. And the answer is, it’s used a lot. As an example: data science. Supervised and unsupervised machine learning models are used to analyze a lot of the data on the reporting that comes in, and more and more regulators are getting more and more data again, (sorry to go back to the cyber example). It’s only because it’s top of mind for me (because I was a geek) that I am sadly reading the SEC declared disclosure around cyber, but they require organizations to submit their disclosures and some information about how they run their process through an X BRL feed, (a bit technical) but basically through a digital feed into the regulators are getting more and more data. Some of that makes some people feel uncomfortable, but they’re getting more and more data. So, they can use more and more technology to really identify patterns of use market misconduct and understand where some companies are falling behind in corporate governance or risk management. So you know, I say bring it on. One final example on the regulator’s spaces one of my favorite examples is the French regulator, find a couple of organizations in France. They were running machine learning models on transaction-reported data discovered market misconduct through that and found the companies. So that traditionally may not have been found because it would have been based upon supervisory visits. Now it’s based on technology. I’m sure it’s more complex than that. But you know, I think there are lots of examples of where regulators are using RegTech and technology wider.
Kayvan
We are actively responding to RFPs and RFPs by RFIs, and RFPs by a couple of regulators, global regulators that are looking to revamp how they publish and communicate regulatory updates with their constituents, and taxpayer dollars great at work in the United States. The Fed has a phenomenal way of communicating change to the register. I think that tech is evolving very nicely. So, there are some (as I said) that are further along than others, but we’re also seeing very modern adoption of that as well. Yeah, and then we have another question. What is RegTech? What are the typical RegTech tools used by asset managers with an E comm code of ethics, etc.? Jason, do you have tech that you would advise specifically? We know we would advise but we would recommend that you go ahead what typical wreck tools have you seen used by asset managers?
Jason
Yeah, I think asset managers in the buy side of the industry are probably later adopters, in my opinion of regulatory technology. Of course, they still have to solve the problem of regulatory change. So, Compliance AI should be on their list to look at. But I think how they communicate with their customers, whether their retail customers, whether institutional customers, I think anything that’s monitoring, and surveillance of communication is the question that the asker is alluding to in the E-commerce side. We’ve seen that a lot in capital markets. Capital markets require capital markets firms to record deep, but when you think about protecting consumers, it’s as much about ensuring that you describe your products correctly to the buyer. So, product governance is really important, I think a code of ethics and training is across the board, not just for asset management. On the buy side, sometimes some of the businesses (like the ones in the reg tech space) are the ones that do things you think are pretty simple, really well. So I’m going to name-drop a company called Skillcast. They do training, and they’ve got amazing trade training programs that their clients will customize for their workforce education and training. Important as well are things like a code of ethics. So, I think there’s a lot out there, although one of the challenges is, if I’m an asset manager and I want to find out the asset management RegTechs, how do I find it out from that little black diagram at the bottom of this screen here? I think that’s one of the challenges that still the industry needs to overcome: helping people buy the right technology for them.
Kayvan
It sounds like a marketplace catalog would be something like that. That’s the reason I went to this slide, kind of showing maybe a more vertically aligned version of what the looks put together. Seems like would be a fantastic idea to put together. Yeah. 100%.
Jason
Yeah. Some good questions. I have some latecomers in the questions, but they had some really good questions. Thank you.
Kayvan
Very good. Ronjini, I think that does it. Thank you so much, Jason. That was amazing. I learned a ton.
<to Moderator>
Do you want to tell people how they can get access to this after the meeting?
Moderator
Absolutely.
It was a pretty thorough discussion. This is being recorded so it will be available on demand. Our team will be sending it out to everybody who’s registered. Feel free to invite new people to come and watch this video as well. It should also be available and accessible on our blog early next week. So yeah, this will be emailed out to everybody who registered and then also will be available early next week and shared on LinkedIn and social media. So, if you’re interested, check that out. Also, if you’re interested in a demo, please feel free to email us at marketing@compliance.ai. We are happy to customize a demo for you. We also have a quick request for a demo form on our website. So, you can go to www.compliance.ai/request-demo if you want to grab that demo there and get a little bit more in tune with today’s reg tech solutions. Thank you. All right. Thanks, guys. Thanks, everybody.
<End of Webinar>
Asif Alam
CEO & Board Member
Asif Alam is the Chief Executive Officer at Compliance.ai. A leader in shaping disruptive technology, his experience includes building products using AI and natural language processing for GRC, payments, lending, risk, trading, and new solutions, from Fortune 500 companies to startups.
In his most recent role, he served as the Chief Strategy Officer of ThoughtTrace, unlocking new revenue streams and markets, and reignite portfolio growth. ThoughTrace was then acquired by Thomson Reuters in 2021.
He brings more than 20 years of management and business experience; increasing profitability, unlocking new revenue streams and markets, and reignite portfolio growth for companies like Thomson Reuters, Crux Informatics, and Finastra. Asif is a forward-thinking expert driving engagement via client forums, public presentations, and white papers.
Cesar Lee is a Principal at WRV, a venture capital fund focused on early-stage investments in hardware, semiconductor, and other technology-related companies. Previously, he was an investment professional at Riverwood Capital, a technology-focused, late-stage venture capital, and private equity fund. He began his career at RBC Capital Markets, where he was part of the Mergers & Acquisitions group for two years and the Equity-linked & Derivatives group for one year. While at RBC, Cesar spent a majority of his time working on M&A advisory transactions for technology companies.
Cesar’s investment experience includes buyouts, later stage, early stage and seed rounds. Cesar has completed transaction in the U.S., Latin America, and Asia, and in technology sectors including data centers, software, semiconductors, consumer electronics, robotics, big data, and internet.
Maria Devassy is a RegTech, Content, and Technology leader with over 20 years of experience helping companies bridge the gap between technology, product, and business. Maria has held leadership positions with MetricStream, KPMG, Oracle Corporation, and other technology companies. She has launched several successful RegTech products, business partnerships, and advised Fortune 100 clients on risk management, audit, advisory, and compliance business across Industries.
Hugh Cadden is a recognized expert in derivative financial and trading markets including futures, options, and swaps. Hugh is currently a senior consultant and expert with OnPoint Analytics, Inc. an economic, finance and statistical consultancy specializing in expert testimony for complex litigation. He has been specializing in the organization, operation, and regulation of financial and trading markets for over 40 years. Hugh’s experience includes both the public and private sectors and he has held senior level positions with the U.S. Commodity Futures Trading Commission including serving as Director of the Division of Trading and Markets and Deputy Director of Enforcement. He has been qualified as an expert on financial and trading market matters before the Commodity Futures Trading Commission, the Securities and Exchange Commission, the U.S. Tax Court, Financial Industry Regulatory Authority, National Futures Association, American Arbitration Association and federal courts.
Drake Ross is a former bank regulator who specialized in compliance with consumer protection regulations while at the OCC, FDIC, and OTS. While at these agencies, he provided extensive training and guidance and developed materials to ensure full comprehension and proper application of rules, laws, policies, and guidance, and served as a Subject Matter Expert in numerous areas. Because of his expertise, he often presented at agency and industry events. He also played a significant role in successful windup of the 2008 IndyMac Bank failure, where because of his extensive knowledge of the FDIC deposit insurance regulations, he was called upon to administer highly-complex insurance determinations.
Carliss Chatman is an Assistant Professor of Law teaching Contracts, Agency and Unincorporated Entities, Corporations, and Transactional Skills. Her work is influenced by over two decades of service on non-profit boards and involvement with community organizations. Through leadership positions, she has developed expertise in corporate governance and non-profit regulation. She has also been instrumental in strategic planning and fundraising efforts. Prior to law teaching, Professor Chatman was a commercial litigation attorney in Houston, Texas. In practice, she focused on trial law, appeals and arbitration in pharmaceutical, health care, mass torts, product liability, as well as oil, gas, and mineral law. In addition to negotiating settlements and obtaining successful verdicts, Professor Chatman has also analyzed and drafted position statements regarding the constitutionality of statutes and the impact of statutory revisions for presentation to the Texas Legislature.
Sign me up for all regulatory updates
Get access to EITL Forum recordings
Mariam is an Operating Principal at Cota Capital. Mariam has experience providing guidance on strategic and operational planning to Venture and Growth stage companies. Prior to Cota Capital, Mariam spent her career in management consulting as a Director at KPMG. She has experience leading global transformation programs and developing innovative service offerings for Fortune 500 companies in the Technology sector. Mariam has an MBA from UCLA’s Anderson school of management with an emphasis in Finance and Entrepreneurship. She has a Bachelors in Science in Finance and a Bachelors in Science in Economics from Santa Clara University.
Chris Callison-Burch is an Associate Professor in Computer and Information Science Department at the University of Pennsylvania. His research interests include natural language understanding and crowdsourcing. He has served the Association for Computational Linguistics as the General Chair for the ACL 2017 conference, as an action editor for the Transactions of the ACL, as an editorial board member for the Computational Linguistics journal, and an officer for NAACL (the North American chapter of the ACL) and for SIGDAT (the special interest group for linguistic data and corpus-based approaches to natural language processing)
Tom Ladt is an experienced executive and investor. Tom has lead and served on the boards of several public and private companies serving highly regulated industries such as technology, healthcare, real estate, and food processing. Tom has also served in key governmental roles and on numerous community boards.
Jeroen Plink is a global executive with a proven track record of developing and growing businesses, teams, and technologies with innovation and passion. Jeroen was CEO of Practical Law US during its acquisition by Thomson Reuters. He now serves on numerous boards and acts as a strategic consultants for start-ups.
Global Legal and Compliance executive with 15+ years of success in the SaaS technology and financial services industries. Partner to the CEO and executive team in corporate transactions, business development, product expansion, and regulatory navigation during periods of intense growth and organizational change. An advocate of effective risk management that starts with sound business practices and putting the customer first.
Richard Dupree has held multiple Risk, Compliance and Operations positions at regional, national, and global financial services firms including Wells Fargo, Silicon Valley Bank, Bank of the West and BNP Paribas. Rick currently advises FinTechs and RegTechs and sits on industry panels, contributes to industry whitepapers, thought leadership efforts, and speaks at industry seminars on Risk and Compliance challenges faced by banks and FinTechs.
Brian advises clients on legal and regulatory compliance in the financial, tech, and procurement sectors. His passion is helping businesses succeed in heavily regulated environments. As counsel and trusted advisor to businesses of all sizes, and as a former regulator, policymaker, and federal official, Brian acutely understands the unintended burdens that even well-intentioned government requirements can put on innovation and business growth, as well as how to create policies that strike the right balance.
Brian served as National Ombudsman in the Obama Administration, leading the federal Office of Regulatory Enforcement Fairness in assisting hundreds of startups, entrepreneurs, and small business owners in every industry and every state.
Dr. Marsha Ershaghi Hames is Managing Director of Strategy & Development at LRN, a leader in advising and educating organizations about ethics and regulatory compliance, as well as corporate culture, governance and leadership. With the focus of inspired behavior versus required behavior, LRN is a leading voice in the industry for companies to build ethical cultures instead of “check-the-box” compliance approaches. She’s advised Department of Justice corporate monitors on successful program transformation under CIAs (Corporate Integrity Agreements. With over 20 years of experience in leading multinational ethics and compliance strategies, Marsha has become a highly sought-after thought leader on leading Corporate Compliance and Ethics practices.
Carla Carriveau is currently the Senior Managing Counsel at Wealthfront, an automatic investment service firm in Redwood City, California. Carla was previously Senior Counsel, Division of Trading and Markets, at the United States Securities and Exchange Commission. As a former regulator with over 15 years of experience in helping small businesses navigate legal and regulatory needs in the financial services sector, Carla advises Compliance.ai on financial services regulation, the regulatory landscape and industry practices.