RegTech’s growing influence: Scaling and compliance challenges

RegTech's growing influence: Scaling and compliance challenges

As the RegTech sector continues to grow at a rapid rate, leaders from the RegTech sector have discussed how companies can scale in the current market.

Four industry experts came together earlier this week at an event co-hosted by Scotland Development International and FinTech Global. The event, ‘Scotland: the perfect blend of RegTech, scale-ups, data and whisky’, was an invitation-only event that explored how RegTech companies are overcoming challenges with scaling and why Scotland is the perfect place to grow.

The panel was moderated by Lucy Heavens – vice president of marketing at B2B BNPL solution Hokodo and co-founder of RegTech Women. The rest of the panel included Rachel Greaves, co-founder and CEO of information governance, risk and compliance solution provider Castlepoint Systems, Christopher Ansara, founder and CEO of digital signature and document distribution company docStribute, and James Varga, CEO of the credit & risk platform DirectID. Over the course of the hour, they discussed the current RegTech trends and how companies can scale in the current market.

Kicking off the talk, the panel discussed the current growth rate of the RegTech sector. Research predicts that the RegTech market will grow from $5.46bn in 2019 to reach $28.33bn by 2027. On top of this, RegTech is expected to account for 50% of global compliance budgets by 2026.

A cause of this huge market opportunity is simply because the criminals are also ramping up their efforts, forcing companies to bolster their own defences. Increased threats are coming from foreign state actors, organised crime, hacktivists, and many others that are financially motivated to steal data. The panel added that criminals have more financial motivation for these attacks than those protecting the systems. This is increasing the pressure on firms to bring in technology that can safeguard them.

One area of compliance the panel emphasised was data protection. Data privacy has become a major challenge with the growth of the digital world, which has been largely caused by firms keeping hold of information for too long and in unsecure locations.

Statistics around data breaches are all quite alarming, for example, a report from Fugue found that 36% of 300 cloud engineering and security professionals said their organisation suffered a serious breach in the past year.  Elsewhere, Gemalto claims that 68 data records are lost or stolen every second, and a survey from Australian National University found that 6.4 million Australians had their personal data stolen in just one year. The scale of data loss is a major challenge faced by everyone.

A cause of this is firms holding their data for too long. The panel likened data to uranium – while it is powerful, it is also very dangerous especially when held onto for too long. This is why RegTech solutions are needed to help companies implement better protections on their data and ensure leaks are not happening.

Greaves said, “Information is like uranium – it has huge potential value, but, as it decays, it becomes very dangerous. We have been hoarding all our data since the start of the digital records era over 30 years ago, and the decay is catching up to us. We need to minimise the impact of any breach by protecting, and destroying, high-risk information; transparent, ethical AI can help to do that, and keep organisations defensible in the event of a spill.”

Scaling challenges

Having expressed a huge opportunity for RegTech solution providers, the panellists discussed the challenges they have seen with scaling and offered some advice to those looking to grow their client base.

A challenge they noted was finding the best way to approach a client call. One panellist stated that initially they would go into these meetings showing off the bells and whistles of the technology. However, it soon became apparent that prospective clients were more interested in hearing the benefits they could expect from using the solution, with a primary focus on the cost savings they could make.

Another challenge mentioned during the talk was just finding the best way to get adopted. They highlighted that while working with a large firm is great, they can have long procurement times, especially if your solution will be targeting a specific challenge, rather than a holistic solution. A better route for companies looking to deploy within large firms could be to work with technology providers through partnership.


Following this, the discussion moved on to the talk of Scotland. The panel all emphasised the country was a perfect spot for RegTechs looking to scale, with each of them having a strong base in the country.

What makes the country an appealing market is its strong financial institution heritage, with it being the home of many major banks. On top of this, many banks base the operations teams in the country, making it a great location for RegTechs to operate.

Aside from this, Scotland is also home to a huge talent pool of technology experts, particularly around AI. In 2021, the Scotland AI Alliance launched with the aim of establishing the country as a leading force in AI. The group was formed through a partnership between the Scottish Government and The Data Lab and is focused on opening dialogue, collaboration and action.

Generative AI

With the current hype around generative AI solutions, like ChatGPT, it was no surprise the panel explored the role of the technology within RegTech.

While companies have been eagerly embracing the technology and seeing how they can transform their operations, the panel all agreed it is not yet suited for compliance. The reason for this is simply due to mistakes. Much to many people’s disappointment, AI is not infallible. This means companies need to have a human-in-the-loop to check what is happening and to make the final decisions.

Relying on technology to make important decisions is dangerous and can ruin the lives of individuals and companies. An example of this can be seen with Australia’s Robodebt scheme. Back in 2015, the Australian government implemented an automated debt assessment and recovery system. The system made an error and wrongly accused 400,000 welfare recipients of owing thousands of dollars. Those affected were reportedly harassed by debt collectors and put into difficult financial situations. In 2021, a settlement of $1.8bn was agreed for those impacted.

This incident shows the high risk that comes from blindly trusting an algorithm. It is also why the panel was sceptical of generative AI’s use in compliance over the coming year. The technology is just not trustable for decisions that can have major knock-on effects.

While generative AI is not suitable for compliance teams, AI in general is also going to make their lives harder. The rapid advancement of tools like deepfakes is going to make it harder for companies to verify identities online, forcing a shift in how current processes work.

One thing the panel agreed with is that whether or not AI can currently transform compliance, it will soon become essential. All companies will be leveraging AI in some form or risk being left behind.

Final thoughts

The panel ended with a bleak prediction of the future with the prospect of a post privacy world. They explained that as more data is stolen, including information such as government identifiers and biometrics, it is going to become harder for people to interact and verify themselves when interacting online. But with this, technology will need to work around new solutions that can ensure people are protected and not the victims of crime.

Keep up with all the latest FinTech news here

Copyright © 2023 FinTech Global

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst


The following investor(s) were tagged in this article.