Banks need to take more risks and be prepared to implement something that might fail, according to a panel at the Global RegTech Summit 2018.
Compliance officers and banks need to combat risk as soon as possible, but sometimes implementing solutions can take too long once all testing of solutions has been completed. The panel at the Global RegTech Summit which included, senior staff from Theta Lake, OakNorth Bank, Santander, HSBC Digital Bank and Willis Towers, discussed the current trends in the RegTech market and how they keep ahead of innovation in risk management.
One of the key challenges that banks need to overcome is to try and fail more often, in order to keep up with the market. HSBC Digital Bank head of risk and pleasant policy Diana Carrasco said, “There’s this fear for big banks to implement something that might actually fail. We have had the tendency for many, many years to never launch anything, not even as a proof of concept until it’s completely tested and that is a failure by itself in this instant. By the time you’re ready to launch something that’s completed tested, it’s too late. It’s been done before and you cannot offer anything new to customers.”
The other key challenge that Carrasco has noticed is that banks are not focusing on themselves and what they need to do in order to improve the customers experience. You cannot compare banks with FinTechs as they are different types of businesses, and these groups should look for collaboration rather than competing, she told the audience at the Summit. “It’s very important for banks when they think of digitising their services, is to think about what the customers really need, rather than just what competitors are saying or doing, or what the new incumbents, the new FinTech’s are doing.” While banks do compete with one another, they typically have a different customer base so the priority needs to be put on solving their own needs, rather than innovating just because others are.
The idea FinTech companies are going to replace the traditional financial services has slowly disappeared and has been replaced with a push for collaboration between banks and RegTech solutions. Santander RegTech director Ceri Godwin said, “I think we’ve got to do more and more experimentation and testing elements of the technology, as well as testing it end-to-end, and I think it requires quite a lot of collaboration and taking a fresh approach to solutions.”
Financial institutions have traditionally looked towards single-point solutions for a range of challenges facing them. However, collaborating and testing solutions with various RegTechs offers a way to implement a series of different protocols rather than just one solution to do it all. This offers a better level of compliance but also an alternative way of facing challenges.
She added, “Big banks used to deal with big vendors, so you kind of have to break all your rules down and recreate them. So, I think you’ve got to go into it with a very open mind and you’ve got to do a lot of internal collaboration to bring people with you because you will bend to the absolute limit, every process you’ve got, because you need to think differently.”
The burden of social media
Social media has changed the way people interact not only between friends but also with work colleagues. Users are not as formal through these communication platforms and there is limited monitoring of its use by businesses. This has caused concern for compliance managers, with it offering a potential new avenue for risk. Compliance officers need to understand the ways that their customers and staff use these platforms, and implement necessary precautions.
Willis Towers compliance director Jagdev Kenth said, “We often tell our guys in the middle of a regulatory investigation to not communicate or send emails about this matter, and so on. People always say, yeah, no problem, no email has ever been sent and they’ll go off, and they’ll WhatsApp their friends and they say this is different. It’s not. The use of that is going to create, has created, and will continue to create some very unusual and novel new risks.”
Panel moderator Devin Redmond, Theta Lake CEO and co-founder, said that he had previously been in discussions with clients and regulators where they believed they had made mistakes with early regulation within social media. The issue they had was by being too specific over what can and can’t be discussed, and over what platforms. This led to people using different channels that are not included in the regulations.
Redmond said, “You have to manage each new protocol, each new app, each new thing that comes out. If you’re doing business there, then you need to be able to retain and monitor and do supervision appropriately on that. Not acknowledging that or saying, well, a regulator didn’t say, WhatsApp, they said twitter, therefore I don’t have to worry about WhatsApp. When somebody runs outside and does that, or they jump onto a video call and do all their communication on video call, but then don’t do it over email. Not because they know email’s being monitored, but they know the video chat isn’t being monitored at that time.”
OakNorth Bank chief risk officer James Cashmore added, “This is going to be a later stage of our development, but certainly the control of social media, is going to be key. How we formalise the controls and methodologies around those new channels is going to be key, but it’s in the future for us at the moment.”
Cybersecurity and having sufficient backups of data is the current main concern for challenger bank OakNorth. Ensuring that the platform has got enough protections to counter any attacks, but also to if the system goes down or fails, that all the data is not lost and is still available are its key priorities, ahead of other risks like social media.
Copyright © 2018 RegTech Analyst
Copyright © 2018 RegTech Analyst