Last week, technology and software investment firm KRM22 announced the launch of its Enterprise Risk Cockpit, a real-time enterprise risk management application for capital markets firms. RegTech Insight followed up with CEO Keith Todd to learn more about why the company is so committed to making a difference in capital markets compliance.
Having been involved in FinTech for over two decades now, Todd is well aware of how complex legacy systems can be for brokers, for asset managers – indeed for all participants. Built up over a long period of time, updating or replacing them can be both costly and complicated.
“Risk management essentially falls into four underlying domains: with enterprise risk as the over-arching domain under which falls market risk, regulatory risk, technology risk and operations risk,” he explains. “To address these, a massive number of individual systems have to be either built internally or acquired by third parties, and this can be extremely expensive. The financial crash of 2008 followed by massive regulatory pressure on firms to address wide-ranging issues have left some really big gaps that can be a challenge to fill.”
To solve this problem of cost and complexity, KRM22 believes that software-as-a-service (SaaS) is the answer. Notably, Todd was the CEO of FFastFill, a SaaS provider of derivatives trading products bought by ION Group for around £106 million back in 2013. Based on this experience, he subsequently launched KRM22 (a combination of Keiretsu Risk Management, the Japanese embrace of supply chain concept, and SAS regiment 22 signifying elite service and ‘best of the best’) in a bid to combat the increasingly siloed nature of risk management, with the goal of building a global risk platform on which all relative business functionality could be made available to customers from one platform.
“I asked practitioners two questions,” says Todd. “First, how many systems do you have involved in managing risk, and the answer was that they didn’t know. Second, how much do they cost? And the answer, unsurprisingly, was ‘too much’. Why? Because all the information is buried in budgets, spreadsheets and segmented legacy systems. So, we decided to build a SaaS-based one-stop-shop for risk tools.”
After a year of preparation, and a £10.3 million initial funding round, the firm was listed on London’s AIM on April 30, 2018. Since then, it has barely slowed down – with the acquisition of three additional companies (including market surveillance specialist Irisium, an expert enterprise software team and associated assets run by Andrew Smart, and Chicago-based Prime Analytics and its post-trade portfolio risk management product, ProOpticus) along with a series of new partnership, including machine learning/AI regulatory compliance application Ascent Regtech and a VaR engine to deliver complimentary functionality to ProOpticus, and a strong pipeline of further partnerships and acquisitions planned for 2019. The firm currently has £3.4 million of recurring revenues, 27 customers and 80 staff – not bad for a firm that is not even one year old.
“To make this work, all we need is market data, trading/business rules, and reference data,” explains Todd. “A single database eradicates the need for downstream post-trade reconciliations. The point is, that you need to simplify data architecture and create a golden source that can handle multiple regulatory requirements. We are working towards an agnostic ecosystem based on a core set of capabilities augmented by optional third-party services, underpinned by a standard data model.”
The firm’s first native product, the Enterprise Risk Cockpit, went live this month and Todd has been surprised by the initial response.
“I have to say that I expected a bigger challenge in the marketplace to get people to understand what we were proposing, but I’ve been overwhelmed by how quickly people understand the idea and its benefit,” he told RTI. “Our concept of a single location for all your regulatory and risk management applications has been dramatically easier to promote than I thought.”
With the dramatic recent changes in regulatory regimes across global jurisdictions, and the growing trend for established personal responsibility for senior executives, firms are under enormous pressure to ensure their compliance systems are up to date – yet the complexity of their legacy systems can result in breaches or fines simply because their infrastructure is not providing them with the right information at the right time.
“It’s simple maths,” says Todd. “Costs have increased due to compliance, which has depressed return on capital below the thresholds that most firms want to be making. Firms are in the business to make money and that is what shareholders want to see. So they have to take action to address this – and our solution offers them exactly that.”
Going forward, KRM22 plans to build out its component functionality to offer a fuller array of solutions across the regulatory space: with target areas including AML, KYC, regulatory reporting. Whether through partnerships or acquisitions, the end goal is to act as a one-stop-shop for all risk control tools.
“The key is to be able to get data into a single data lake, and normalise it in a way that is translatable into useful information,” stresses Todd. “Data is hugely valuable, but it can be a burden rather than a benefit if it is not processed correctly. Now is the time to address the handcuffs of history, throw off the shackles and move into a new generation of risk management tools that can actually generate alpha.”