When it comes to compliance, will regtech do what Congress won’t?
This story is the latest installment in Credit Union Journal’s ongoing special report on fintech, which will run throughout the month of August.
Legislative gridlock could spur technology firms to help financial institutions overcome the regulatory burden.
“I don’t expect to see a lot of meaningful reform coming from the legislative branch,” suggested Walt Mix, managing director & financial services practice group leader at Berkeley Research. “I would expect to see it come via innovation with technology and working with the regulators on innovative approaches to manage risk.”
Regtech, a term combining the words regulatory and technology, is a burgeoning framework that brings technology to the regulatory monitoring, reporting and compliance space. While financial institutions most commonly consider it for anti-money laundering purposes, some argue the technology also holds the capacity to help innovate around risk management.
Not surprisingly, it appeals to both sides of the industry – regulators and the regulated. For credit unions and banks, this technology could help better meet regulators’ demands. For supervisory agencies, including the National Credit Union Administration, regtech is thought to assist with monitoring and enforcing regulatory requirements for the institutions they oversee.
With that in mind, NCUA last month joined four other banking regulators to issue a joint statement focused on managing BSA/AML risk and monitoring compliance. The agency aims to collaborate with its counterparts to issue clear guidance for credit unions.
“New and innovative approaches including regtech innovations will significantly improve the precision, speed, and efficiency of the current BSA/AML regime,” said John Fairbanks, an NCUA spokesman.
Still, for all its intentions, the technology may not be there yet, even if the need is.
Data shows the BSA/AML process needs to be improved. Credit unions and the wider financial services industry continue to struggle with rising compliance costs – a burden made even more difficult at the smaller end of the asset spectrum. A 2017 report from the Credit Union National Association claimed regulatory burdens threaten the ability for small CUs “to remain viable in the marketplace,” and research from the Heritage Foundation revealed the current AML landscape costs financial institutions between $4.8 and 8 billion each year but results in fewer than 700 annual convictions – roughly $7 million per conviction.
Financial institutions, said Charles Delingpole, CEO and founder of the regtech company ComplyAdvantage, “don’t have a mechanism to distinguish between good and bad payments. A huge part of their cost base and risk is tied up with compliance.”
The firm works with a variety of Visa and other payments providers, as well as financial institutions, including credit unions, though Delingpole declined to say how many CUs currently make up its client base.
Among the project ComplyAdvantage is working on is an attempt at creating a global database that indexes individuals and companies. A search query would pull up a profile with details that delve into any reported suspicious financial activity. This could help financial institutions vet out prospective clientele while also monitoring the risk profiles of those consumers they currently work with.
Delingpole said the company essentially recreated a human analyst with its technology, but he admitted that the firm is roughly a full decade out from completing the database.
Not ready for prime time?
More immediately, regtech firms are focused on perfecting artificial intelligence and machine learning that can occasionally be error-prone. And that, said one analyst, may be one of the biggest hurdles to wider adoption in the AML space.
“I think the philosophy behind AML regulation does not lend well to the use of automated software and machine learning,” said Diego Zuluaga, a policy analyst at the Cato Institute’s Center for Monetary and Financial Alternatives.
AML reporting agencies, he continued, want zero error and therefore encourage over-reporting in order to catch bad actors. As a result, error is introduced, dinging consumers for nefarious behavior when in fact, there is none. Software, cautioned Zulaga, is still prone to error and is designed to maximize the bang for the end-user’s buck.
“I don’t know to what extent [the Financial Crimes Enforcement Network] would actually be happy with the software that has a 96 or 97 percent success rate,” Zuluaga said. “Aspirationally regtech is good, but we are far away from seeing actual use cases of this.”
And credit unions considering implementing these technologies need to be aware of the associated risks, sources said.
Ensuring vendors are fully compliant with regulatory requirements should be the No. 1 item on a credit union’s list when assessing vendor relationships in the regtech arena, advised Mix. Other areas of concern include protecting member data and data privacy, along with system upkeep and data validation.
“Many times, we find companies have antiquated systems and silos that need to be addressed before undertaking artificial intelligence or machine learning or other regtech approaches, so there’s cleanup to do along with education,” Mix said.
For now, credit unions still have time to prepare.
The Senate released a draft of a bipartisan BSA/AML reform bill in June and talks are expected to resume when Congress returns from its August recess. Key components of the legislation include the creation of a beneficial ownership clause and creating a financial expert investigators division at Fincen to work alongside federal agencies investigating AML and terrorism-financing issues.
But should credit unions expect any new AML-related legislation to actually pass before the end of the year?
“I doubt it,” said Zuluaga, adding that pretty much everything could be on hold until after the presidential election.