Cover story: Who watches the watchmen?


Photo: Anthony Scriffignano, SVP and chief data scientist at Dun & Bradstreet

When regulation outpaces the ability of humans to stay on top of it, there’s an opening for technology to assist

As snowballing pressures on financial institutions to fight illicit money flows drive the uptake of artificial intelligence and big data to conduct deeper background checks on customers, so the risk of breaking privacy laws also increases. To help mitigate those risks, investment in regulatory technology – or “regtech” – is expected to boom.

In times of rapid digital development, privacy has become a floating definition. Financial technology solutions have gone mobile-first, cloud-first and cross-border at a remarkable rate. At the same time, evolution in technology and data science has preceded regulations. As technology progresses, regulations always appear to play catch-up.

In few other sectors is this truer than in finance. A decade after the global financial crisis, the complexity of KYC – or “know your customer” – regulations continues to bite banks. To comply with new regulations, financial institutions must implement robust KYC procedures – digging into databases in all relevant jurisdictions to ensure they understand the reputational and legal risks posed by doing business with a potential client – but also rigorous data privacy and protection routines. This creates a dilemma as the requirements to conduct background checks in one jurisdiction may break privacy rules in another.

Dr. Anthony Scriffignano, chief data scientist at data and analytics firm Dun & Bradstreet, warns that the rapid expansion of artificial intelligence and big data gathering and equally rapidly changing regulations across the world’s markets makes it “very easy to innovate yourself into breaking the law.”

“You can’t use your AI today the same way as yesterday,” he said during a panel debate at AmCham’s conference, U.S. & China – Shaping the Future of Innovation & Technology, in September at the Shangri-La Hotel in Admiralty.

Scriffignano speaking on a panel at AmCham’s China Conference in September

With hundreds of regulatory updates every day, companies are left with with huge burdens to do the right thing. Financial technology is extremely nimble and adapts quickly to changes, so regulatory technology needs to function in the same way.

Keeping pace with regulations is a growing headache for companies. According to a financial counterparty KYC survey, conducted by regtech firm Accuity, and covering 100 financial institutions around the world, 75 percent of banks say that compliance issues are becoming more complicated. Of those surveyed, 67 percent said the priority is avoiding regulatory fines. At the same time, 81 percent are struggling to adapt to the regulatory system, where banks cannot keep pace with the rate of change.

In a way, this is good news for the regtech players. Another study from Juniper Research found that spending on regtech platforms will exceed US$115 billion by 2023, up from an estimated US$18 billion in 2018. That’s the equivalent of an average 45 percent annual increase. The research found increased regulatory pressures, as demonstrated by the European Union’s recent GDPR (General Data Protection Regulation) implementation, are driving businesses towards regtech to meet greater compliance challenges. Any heavily regulated business sector not prioritizing regtech adoption would risk damaging fines from failing to keep pace with regulatory changes, the report warned.

“There’s a very important phenomenon going on here in convergence,” Scriffignano told the conference. “We can become experts in AI or big data or in regtech or fintech and see the world from that lens. But if we don’t see the convergence of these various changing roads that we are working in, it’s very easy to innovate yourself into breaking the law.”

During the conference Scriffignano also stressed the importance for all companies, not just in financial, to get up to speed with big data and regulations.

“The cost of doing nothing, is not nothing,” he said.

In short, regtech was created to address regulatory challenges in financial services through innovative technology. The reliance on consumer data to produce digital products has led to concerns among regulatory bodies calling for more laws on data privacy, usage and distribution. The regtech sector consists of companies that use cloud computing technology through software-as-a-service (SaaS) to help businesses comply with regulations efficiently and less expensively.

The issue also highlights how an increasingly connected and globalized world sometimes clashes with local regulations and tendencies towards isolation. In Dun & Bradstreet 2017 Economic Outlook for CFOs Scriffignano explains that globalization isn’t really going away – at least in the digital sense.

“It’s like trying to prevent oxygen from crossing the borders,” Scriffignano said.