Leap over security compliance hurdles with regulatory technology

January 8, 20185 Minute Read

Select article text below to share directly to Twitter!


There are few terms that inspire yawns quicker than “regulation,” but believe it or not, regulatory technology—also known as regtech—is a hot category for innovation these days. In a recent report titled “regtech is the new fintech,” Deloitte describes fintech as regtech’s “bigger brother.”

That’s a lot of buzzwords packed into one title, but it boils down to how technology is being used to help IT decision-makers navigate the red tape of security compliance. Compliance is super important, but it can also be a pain to deal with, which is why regtech is getting businesses so excited—or, at least, keeping them awake.

Be aware of all the eyes watching you

Deloitte defines regtech as the “marriage of technology and regulation to address regulatory challenges.” The story starts with fintech, which experienced explosive growth over the past five years. According to Business Insider, global fintech funding hit $19 billion in 2015 and surpassed $15 billion by August 2016.

These figures are worrying the competition—88 percent of financial institutions believe they’re losing revenue to innovators, according to PwC. To keep up, traditional financial institutions are investing in new technology and partnerships. Statista projected that bank spending on new technologies in North America would reach $19.9 billion in 2017.

Amid all this change comes the need for regulations suited to these new fintech frontiers, which raise unique concerns around security compliance. New, strict regulations are proliferating, causing compliance requirements to rise. This fact is forcing businesses to dedicate more sources to tracking regulatory changes and maintaining standards. For instance, CitiBank has a compliance team of over 30,000 staff members, according to MarketWatch. MarketWatch calls this “the new normal for banks, as they grapple with a host of new regulations and capital requirements in the wake of the financial crisis.”

On the one hand, financial institutions need to adhere to the new rules and maintain security compliance. Failing to do so could prove disastrous, especially in the event of a data breach. IT pros are concerned that non-compliance carries personal liability in addition to organizational risk, and a data breach could end up costing anything from thousands to tens of millions of dollars in regulatory fees and cleanup.

On the other hand, businesses need to keep their operations running smoothly and continue to innovate on the security front. They can’t spend all their time bogged down in regulatory red tape, especially given how fast the threat landscape evolves. And this is where regtech comes to the rescue: It simplifies and automates compliance.

Achieve new levels of agility

The Deloitte report previously mentioned breaks down what makes regtech special into four pillars: agility, speed, integration, and analytics. Regtech decouples and organizes “cluttered and intertwined” data sets, quickly configures and generates reports, gets up and running swiftly, and uses analytic tools to mine existing big data sets and unlock their full potential.

“Regtech provides senior executives with an opportunity to introduce new capabilities that are designed to leverage existing systems and data to produce regulatory data and reporting in a cost-effective, flexible, and timely manner—without taking the risk of replacing or updating legacy systems,” Deloitte reports.

The agility component is huge. Traditional solutions tend to be inflexible and require a fair amount of configuring. Regtech, in contrast, leverages cognitive technologies and advanced analytics to learn on the fly, so it can keep up with the new and emerging regulations that never stop coming.

In addition, since most regtech solutions are cloud-based, businesses only need to pay for what they use, rather than invest a big lump sum. They are scalable, provide greater flexibility over controls, and are highly secure thanks to data encryption, too. By handling the nitty-gritty details of regulatory compliance, regtech frees up IT teams for more mission-critical tasks.

“In the short term, regtech will help firms automate the more mundane compliance tasks and reduce operational risks associated with meeting compliance and reporting obligations,” Sean Smith, a partner in Risk Advisory, tells Deloitte.

Don’t end up like Equifax

The shocking revelations of the Equifax data breach made it painfully clear just how unsafe data can be—and just how high the stakes are. Not every business holds information in such volume and of such sensitivity as Equifax, but that doesn’t mean compliance in the workplace is any less important. Fortunately, there are more technologies and services available to IT than ever before to ensure their data is secure and their organization remains compliant. The emergence of regtech will make life easier for companies of all sizes.

There are scores of great regtech companies out there today:

  • The London-based FundApps monitors and reacts to regulatory change to provide automated monitoring services that alert users to issues via an intuitive web interface.
  • Silverfinch is a regulatory data exchange that connects asset managers and insurers through a fund data utility in a secure and controlled environment.
  • TheMarketsTrust satisfies risk-management-related needs, including quantitative asset modeling, portfolio simulation, and regulatory compliance and reporting.

These are just a few of the options out there. Compliance doesn’t need to come at the expense of innovation, and it’s on IT pros to identify products and services that protect them from risk while minimizing bureaucratic busywork. This principle also holds true for physical devices. For example, network-connected printers are a commonly overlooked security vulnerability. Devices, like HP’s A3 Multifunction Printers, come with robust security capabilities baked in, helping users stay secure and compliant without adding to the IT workload.

Regulatory technology is a game changer for how businesses handle security compliance and protect their assets and their customers. These innovations bear the load of keeping up with regulations and compliance, so IT teams don’t have to.

  • Recommended for you
  • Recommended for You