A-Team Insight Blogs

Q&A: RegTech Firms Should Be Regulated by the FCA, Says Jane Jee

Share article

Jane Jee, CEO at Kompli-Global, has some strong views on the current challenges facing the RegTech industry, and what the regulators themselves could do to fix them. Here, she speaks candidly to RegTech Insight about her views on building a robust RegTech industry in a post-4MLD/5MLD (EU Money Laundering Directive) world.

What do you consider to be the current key challenges in the AML space that RegTech needs to solve for firms?

In terms of key challenges, reducing compliance costs is my number one. But having said that, in the short term, RegTech is going to increase compliance costs because it needs to be tested, and because firms probably need to change or review, significantly review, the processes they use if they’re going to enable technology to function properly.

Another key challenge is where do firms find the relevant adverse information to check people, both individual customers and beneficial owners. Firms need to not breach data protection, so how much information is too much, and can there ever be too much if the AML team do a really thorough search. If the objective is to prevent financial crime, then arguably, the way to do that is to do consistently thorough searches.

Number three is managing cross-border and multi-jurisdictional AML compliance. We don’t have a global regulator, so how do firms make sure that if they are both, they manage all the cross-border, multi-jurisdictional requirements which aren’t necessarily consistent with each other and vary from country to country? Regulatory change has been accelerating since the global financial crash. It’s not slowed down. This lack of global hard and fast rules is a real challenge – there is the Financial Action Task Force (FATF), but you don’t have any global enforcement and you’ve got very little global consistency between the regulators. And there has been increased regulatory activity. There’s been more fines and sanctions, some of which have been stopping a business altogether from functioning.

Next, how do firms identify beneficial ownership both initially and on an ongoing basis? That’s quite a significant task for compliance teams. There is a lack of skilled personnel. So, even if a bank wants to adopt a RegTech solution, they do find it hard to recruit the staff with the right knowledge and skills. Getting staff with an in-depth knowledge of AML can be very expense. So, high on-boarding timelines and costs and attrition are other factors that hopefully RegTech solutions can help resolve.

What types of emerging RegTech approaches appear to be the most promising for meeting these challenges?

The trouble is that artificial intelligence is the generic term which really embraces lots of subcategories like data analytics, machine learning, and blockchain. All these RegTech approaches could solve some of those challenges.

One of the things we’ve seen is the emergence of end to end onboarding platforms. And I think that’s something that will be adopted increasingly. But I’d like to draw your attention to a report the FATF produced last year which was about the challenges in beneficial ownership and the fact that many companies conceal their beneficial owners. An extract from that report says that there’s lots of third-party service providers who will give firms identity verification and CDD, but they’re not thorough enough and the banks have pointed that out. FATF wondered whether the information stored by certain parties is sometimes deficient. They weren’t quite sure why. They said it’s not up to date and it’s not complete and whilst the advent of virtual identities could improve that, there may be opportunities for this information resource to be improved now.

Are there current challenges on which RegTech has yet to make a real impact?

I think that the actual level of RegTech adoption is actually quite low. I’m a lawyer by training and I’ve been very disappointed, although I absolutely understand why, the UK Financial Conduct Authority (FCA) have continually said that they support RegTech but they can’t endorse any particular solution because they’ve got the competitive mandate, which means they have to promote competition. If they were to adopt any particular company or any particular solution, that would be directly against one of their three key objectives. But the RegTech industry could do with more detailed guidance on some issues and it could do with better enforcement.

I actually think the FCA has very poor AML expertise. They’ve got really good RegTech, they’re really excited about technology, they love it, they have sandboxes, tech sprints, it’s all good PR. But actually, does it deliver less financial crime would be my question, and I’m not sure that it does.

Also, the fact that RegTech isn’t regulated is the biggest issue. If there were standards, if there were some sort of framework which RegTech companies had to operate to, it would make everybody’s life that much easier.

How will AML regulation and programs need to evolve to continue the battle against financial crime within the ecosystems that these new technologies create?

I wish that would enforce the guidance we have got, quite a lot of Joint Money Laundering Steering Group (JMLSG) guidance is not enforced. If you were a bank and you use an AML information provider, I think that the FCA just tick a box, so the irony is that they’re telling banks they can’t tick boxes themselves. They can’t tick boxes but the FCA do tick boxes. That’s because they don’t have a great sense of what could we do rather than just using these conventional providers. What should a bank be doing?

So, in some cases, more explicit guidance is needed. They need to go a bit further. It’s all very well saying this is based on risk, but if I don’t ask them enough questions, if I don’t get the right information of the right quality, then I’m going to let people in that I shouldn’t let in.

In what ways do you anticipate RegTech around AML evolving to meet the challenges of this new ecosystem?

I think that Cloud-based real time software as a service (SaaS) will become the norm. And there will be a framework for its use. So, we’ll have responsibility and liability being defined. I think the banks are terrified of adopting this at the moment because they have no guidance. If they do use technology, they’re still liable. They can have contractual lability falling back on the supplier but that’s not going to help them vis-a-vis the regulator.

In that vein, I think RegTech companies will become certified or regulated and that will enable them to gain wider acceptance. I think that’s an important development which we have yet to see. I think Innovate Finance has a group that’s putting forward some sort of certification system.

All of this can seem overwhelming – in what ways should an MLRO and their AML team think about all of this in a risk-based way?

Documenting risk is key because they’ve got to document, they’ve got to look at the national risk assessment. They’ve got to have a risk assessment of their client. I think it’s really important that this process is a team effort, not delegated to one or two people. People in the team have to understand how that framework is arrived at and if I were a money laundering reporting officer (MLRO), I would make sure that my board signed that off too.

Firms also need to determine how risk is going to be implied and ensure that the tech they’re going to use matches their risk appetite. Firms can’t build in their risk appetite because, as I’ve said, they’ve got to have human judgment at the end, but they can make sure that the technology is consistent with the way in which they’ve built up that risk approach. And I’ve said, firms need to do a skills analysis of their team, hire some staff with some strong computer skills because the banks haven’t got enough people with the right skills.

The above interview was based on a recently co-authored by Jane Jee within “The REGTECH Book: The Financial Technology Handbook for Investors, Entrepreneurs and Visionaries in Regulation.”

Leave a comment

Your email address will not be published. Required fields are marked *

*

Related content

WEBINAR

Recorded Webinar: Client onboarding – how developments in tech and automation can help optimise entity data management and improve KYC

Financial services providers spend billions of dollars a year on Know Your Customer (KYC), client onboarding and due diligence. Yet even with vast investment, these processes rarely run smoothly. They also fall short of delivering a good client experience and fail to cut down on financial crime. At the heart of the problem–and solution–is data....

BLOG

SEC Updates Regulatory Disclosure Requirements

The US Securities and Exchange Commission (SEC) has voted to propose rule amendments to modernize the description of business, legal proceedings, and risk factor disclosures that registrants are required to make to ‘Regulation S-K’ – a US regulation that lays out reporting requirements for public companies. The proposed amendments are intended to update the rules...

EVENT

Breakfast Briefing: FRTB London

The FRTB Breakfast Briefing will examine key focus areas and priorities for banks in 2020 and offer guidance, advice and expertise for tackling the challenges and pain points around implementing the FRTB regulation.

GUIDE

Regulatory Data Handbook 2019/2020 – Seventh Edition

Welcome to A-Team Group’s best read handbook, the Regulatory Data Handbook, which is now in its seventh edition and continues to grow in terms of the number of regulations covered, the detail of each regulation and the impact that all the rules and regulations will have on data and data management at your institution. This...