An Australian Securities and Investments Commission (ASIC) round table on RegTech assembled more than 120 industry and regulator representatives for the first time in Sydney and Melbourne.
It led to a fascinating tour d’horizon of the opportunities and challenges in applying technology to effectively and efficiently deliver risk management and compliance outcomes (RegTech). New emerging technologies such as cloud, big data, APIs, AI and others is making policy-makers rethink the governance, risk management, and compliance (GRC) field from ticking the box and policing to driving culture, encourage behaviour and preventing misconduct.
The field is nascent and investment embryonic. But the growth potential is huge given that compliance costs have and continue to rise dramatically. We were told that each of the big Australian banks spends between $350 million and $450 million on regulation and compliance each year and that 50 per cent of patents registered by the big US banks have been in RegTech.
Delivering new financial services through technology (FinTech) has created huge excitement and attracted huge investment, because it provides consumers and businesses with a better user experience on more attractive terms. At the same time, users rightly expect to be safe and this is where RegTech becomes a critical factor of the revolution in banking and financial services.
Imagine if the risk management and compliance space were to open up, so that innovators could have a go, data across institutions would become available and digital identity data could be shared. I was electrified to hear that a regulator in another jurisdiction has actually put together and is driving an industry collaboration project spanning large financial institutions and start-ups to specify and deploy an industry Know Your Customer (KYC) infrastructure.
In Australia, FinTech start-ups cannot scale up and Australian consumers are unable to get better financial products because innovation and competition is stifled. Innovators and new market entrants cannot overcome the switching inertia of customers, who cannot be bothered to go through the KYC bureaucracy when they want to use a financial product of a financial provider competitor.
Imagine again, if a Regulator was forcing industry collaboration in delivering a shared KYC infrastructure. It takes the four major retail banks to be mandated to join. When the Reserve Bank of Australia required the banks to deliver cooperatively an online payment infrastructure (MAMBO) it failed. When the RBA mandated more recently a near-real-time interbank settlement system, the so-called New Payments Platform (NPP), it worked.
The NPP is encouraging. With a similar approach a shared KYC infrastructure could be delivered and a wave of FinTech scale-ups would be unleashed leapfrogging global competition. Under the Regulator mandate, the oligopoly would for once have been an advantage in the sense of providing a critical piece of public infrastructure. The banks could even charge for it, demonstrating that RegTech is a new revenue line.