An increasing number of financial service companies use external service providers to comply with their regulatory duties. Since it would be too costly for the banks to provide the necessary know-how themselves, they tend to outsource compliance, monitoring and reporting tasks to so-called RegTech companies, which process big amounts of customized data by means of digitalized and automatized processes. How do RegTech companies tackle these tasks and how is this development supervised by the supervisory authorities? These questions were raised at a Regulatory Technology Conference on 26 September at Goethe University Frankfurt, organized by SAFE and the Center for Financial Studies.
In his welcoming speech, Felix Hufeld, President of the Federal Financial Supervisory Authority (BaFin), explained to about 120 guests the emerging challenges to supervisory authorities caused by the outsourcing to RegTech companies. Hufeld greeted the improvement of quality and efficiency, promised by the new technologies. However, he made clear that the responsibility would stay with the financial service companies. “Banks have to explain credibly how they will meet their duties,” Hufeld stated.
How the supervisory authority will handle the new value chain is currently a matter under discussion at the BaFin. Oliver Fußwinkel, Head of the department at BaFin dealing with RegTech, introduced in his keynote the initiatives launched by the entity founded in June this year as a “hub for financial innovations” at the BaFin. It aims to build a pool of excellence in order to keep pace with the technological progress.
Matthias Memminger, Partner at the consulting company Bain & Company, pleaded in his speech for a standardization of compliance processes at banks. Currently, manual processing of data caused high expenses, Memminger said. However, he warned against unduly high expectations towards the RegTech providers: “There are certain areas which are already digitalized, like the evaluation of unstructured internet data,” – the “big solution”, however, had yet to be found. Memminger assumes that the market of RegTech companies will consolidate in the next years and 70 to 80 percent of the young businesses will disappear.
Hoping that they will be among the winners of this development, three RegTech entrepreneurs presented their business models afterwards. The company ComplyAdvantage offers banks data mining for their customers in order to prevent financial crime. Fenergo focuses on the management of customer and central counterparties data as well as tax and regulatory requirements. Lexcube dedicates itself to real time asset management and asset controlling.
The subsequent panel with Felix Hufeld, the entrepreneur Roman Koidl and Matthias Memminger, hosted by Andreas Hackethal, discussed the conflict between outsourcing and the control of your own data. Koidl, who founded a RegTech company himself, pointed out that, due to automatization and outsourcing of data processes, control over the own data often fall by the wayside. Moreover, systems are sensitive to manipulations and mistakes – with drastic consequences for the affected customers. “The technological evolution is proceeding so quickly that legislators lag behind. However, we have a regulatory responsibility,” Koidl warned. Hufeld conceded that the question of “how to deal with the control over your own data” has not yet been answered. “We need to develop rules which make sure that artificial intelligence maintains to be simply a tool and does not become independent. The BaFin already insists that banks who outsource services to RegTech companies agree by contract with the insourcer to allow the BaFin to supervise the outsourced services. Hufeld left the question open if the RegTech companies will be subject to supervision themselves.