The Thomson Reuters Cost of Compliance 2018 report co-authored Susannah Hammond and Stacey English shows that industry engagement with RegTech and Fintech is increasing.
However, legacy systems from larger organisations still present a challenge.
Of the 800 different compliance professionals across the global financial industry participated in the report, 41 indicated that they expect to spend more time assessing RegTech and Fintech over the next year, which is an eight percent jump from last year’s 33 per cent.
The report continued that it is 55 per cent for globally systemically important financial institutions (G-SIFI), However, the engagement with technology solutions and technology in general also raises questions of cyber resilience and data privacy. This is significant in the wake of the General Data Protection Regulation (GDPR) is a difference between last year’s report and this year’s report.
In a brief interview on Reuters about the report, Stacey English said:
A lot of these firms are living with outdated IT infrastructure and legacy systems, all of which are going to need upgrading, are expensive and are going to need to be fixed.
With the open acknowledgment of the benefit of the RegTech start-ups to industry the, this is a good time for RegTech’s to adopt compliance solutions according to Anthony Quinn, CEO of Arctic Intelligence and member of the Regtech Association.
However, despite this increased cooperation, there are still barriers to this engagement.
“Industry needs to feel that they are not going to be penalised for trying new ways of working – regulatory pushes for innovation help this,” Quinn said. “Regulators need to create a safe-environment and bring in new parties to the eco-system, not just regulators but vendors, professional services, and academics.”
He continued “Industry needs to see the value, understand the benefits - and then have the courage to try and engage with an open mind. RegTech needs to ‘collaborate’ and bring (holistic solutions) and/or articulate the problem in the value chain that they are solving.”
Julian Fenwick, Managing Director of GRC solutions another active member of the Regtech Association said that legacy systems as a response as not to engage with RegTech is a bit of an excuse on the part of the Australian banks.
“That said I think legacy systems may help drive internally developed RegTech,” Fenwick added. For him, using the cloud is presenting other issues for organisations.
“What I do see as a huge barrier for Australian banks is the fear of using cloud due to the APRA refs on outsourcing, the CPS 231. APRA wants regulated entities to seek approval when data is being hosted in the cloud and this creates a huge burden and potential cost in rolling out proof of concept projects in Australian banks.”
He continued another challenge is what he defined as ‘cumbersome procurement processes’. However, this challenge is an international one, and he explained that banks can take six to nine months to onboard a new vendor.
“One I am dealing with here in Singapore is at 18 months and still no light at the end of the tunnel.” Fenwick said “ING has developed a streamlined vendor onboarding process for smaller, start-ups and scale-ups. Australian banks should do something similar.”