The European Banking Authority (EBA) has issued recommendations to support ‘sound adoption and scale-up’ of the use of RegTech – the use of technology to improve regulatory compliance.
The recommendations are contained in a report issued this week in which the Paris-based regulator studied the current RegTech landscape across the 27-member European Union (EU) and assessed RegTech’s benefits but also related challenges faced by financial institutions and providers.
Among the proposals in the analysis is ‘further leveraging of the role and expertise’ of the European Forum for Innovation Facilitators (EFIF), as well as national regulatory sandboxes and innovation hubs, as a safe testing environment for RegTech solutions.
EFIF was launched by the European Commission and European Supervisory Authorities (ESAs) in April 2019 to boost co-operation and co-ordination in support of the application of new technological developments in the EU financial sector. Sandboxes, which are becoming increasingly common globally, allow start-ups and other innovators to conduct experiments in a controlled environment under regulatory supervision.
Other recommendations in the EBA report include ‘activities to deepen knowledge and address any skill gaps among regulators and supervisors on RegTech; support convergence of supervisory practices across the EU in the treatment of RegTech; and provide clarity on supervisory expectations’.
The EBA also suggests ‘further steps to harmonise the legal and regulatory requirements, where appropriate’.
Exploring five RegTech segments
In its ‘EBA analysis of RegTech in the EU financial sector’ report the EBA provides what it calls ‘deep dives’ into five RegTech segments: anti money‐laundering/countering the financing of terrorism (AML/CFT), fraud prevention, prudential reporting, ICT security, and creditworthiness assessment (CWA). These five sections seek to provide an insight into RegTech segment‐specific current uses, benefits, challenges and supervisory risks.
In the field of AML/CFT, where RegTech is most active in the market from both a supply and demand perspective, the study names the top three ‘highly relevant’ obstacles and operational challenges cited by RegTech financial institutions and providers in surveys and interviews conducted by the EBA for the report.
Financial institutions pointed to changes to national or international regulations; integration with legacy systems; and data quality issues. Providers, meanwhile, named security, data privacy and protection issues; lack of regulatory standards; and cost of user acquisition.
Banks using RegTech highlight enhanced risk management, better monitoring and sampling capabilities, and reduced human error as the technology’s main benefits. Meanwhile, RegTech providers emphasise the ability to increase efficiency, ‘quell’ the impact of ongoing regulatory change and improve effectiveness as key benefits associated with the use of their RegTech solutions.
The EBA’s study, published on 29 June, warns that RegTech may also create new risks for supervisory authorities. In particular, potential risks may arise when trying to assess the effectiveness and reliability of the tech solutions used by financial institutions. There might also be a potential lack of skills and tools needed to supervise the use of tech‐enabled RegTech solutions, ‘for example, when trying to audit the underlying algorithms’.
If not properly implemented, RegTech solutions may also create risks for the banks ‘that would need to be identified, monitored and managed’, the 81-page study says. As examples of such risks, the EBA lists dangers including compliance, concentration, business continuity, ICT and security, reputational, internal governance, conduct and consumer protection.
In terms of challenges for RegTech adoption, the EBA lists the main ones facing financial institutions and providers, concluding that most ‘seem to be internal factors’. Thus, ‘it would be primarily for these companies to take further actions’.
The study recommends such actions ‘should be aimed at removing barriers related to data (data quality, security, and privacy, etc.), interoperability and integration with the existing legacy systems, a lack of financial institution’s API [application programming interface] capabilities, costly and often lengthy and complex due diligence processes, and limited awareness of RegTech solutions.’
The analysis does, however, point to ‘limited clarity and guidance from supervisors on the potential acceptance of certain innovative RegTech solutions’ as a potential obstacle to financial institutions investing in RegTech.
RegTech’s emerging importance at a global level was highlighted at the start of the year when it was chosen alongside its sister discipline ‘SupTech’ (the use of innovative technology by supervisory agencies) as one of six priorities in the Bank for International Settlements’ (BIS) Innovation Hub’s 2021-2022 work programme.
The EBA plans to organise a public online webinar to present and discuss the report’s main findings in the fourth quarter of the year.
‘City of London weighs in behind RegTech‘ – our news story (18 April 2021) on the municipal authority for London’s Square Mile calling for ‘urgent action’ to encourage greater use of RegTech in a research report on the emerging sector
‘Lithuania eyes RegTech potential as fintech sector grows‘ – our news story (24 February 2021) on Lithuania’s central bank eyeing the potential of what it describes as a ‘revolutionary’ new regulatory technology tool
‘ECB eyes ‘cutting-edge’ tech as it launches first SupTech procurement‘ – Global Government Fintech revealed on 18 January that the Frankfurt-based European Central Bank (ECB) had launched its first ‘SupTech’-specific procurement with a planned spend of more than £200m
‘Hong Kong unveils two-year RegTech roadmap‘ – our news story (3 November 2020) on the Hong Kong Monetary Authority (HKMA) ramping up its support for ‘RegTech’ having published a two-year roadmap to drive adoption in banks