Waters Wrap: Regtech hype evolves—for better and worse

As best as I can tell—meaning the results of my Google search—the term “regtech” was coined by the UK Financial Conduct Authority (FCA) in 2015. The not-so-clever portmanteau was defined as “a subset of fintech that focuses on technologies that may facilitate the delivery of regulatory requirements more efficiently and effectively than existing capabilities.”

Obviously, these types of tools had existed long before the advent of the word, but regulatory technology can be thought of as important but boring, so to make it sound more exciting, marketing gurus attach it to other buzzwords, like, say, fintech or blockchain. I don’t think it’s a coincidence that during the period of peak blockchain hype (2015–2018 … RIP), the FCA pushed the term to both connect to distributed-ledger technology (DLT) and to help drive its regulatory agenda of increased oversight and transparency via the mechanisms of more financial reporting and heftier fines. In the US, the Securities and Exchange Commission (SEC) has obviously followed suit.

This is hardly scientific or proof of anything—maybe we just dropped the ball—but here’s a breakdown of the number of stories published on WatersTechnology between 2016 and 2023 that had the term “regtech” in their headlines:

2016: 11

2017: 13

2018: 5

2019: 2

2020: 2

2021: 1

2022: 0

2023: 1

And while there are more than 125 stories on WatersTechnology that have the tag “regtech”—meaning that regtech may not be in the headline but is a mentioned topic in the article—eight were from 2021, three were from 2022, and there’s been only one thus far in 2023. But that one story from this year is a particularly interesting one, and I’d like to delve into it, because I think it shows where the regtech industry should head.

If you’re a regular reader of this column, you likely know my disdain for blockchain/DLT, at least as it pertains to the wholesale capital markets. Blockchain was a stroke of brilliance … for the development of Bitcoin. Blockchain’s DLT brethren are well suited for the various other tokens and what not. But when it comes to solving the settlement of traditional markets (or for industry-wide trading and regulatory needs), it’s proven to be a hammer looking for a nail.

The regtech field has very specific and well-defined parameters—KYC/AML, insider trading, spoofing, market manipulation, forms PF/ADV, and so on. In some cases, regulatory/compliance requirements are highly manual, and bodies are thrown at problems, which is another problem on its own. And in other cases, as markets have become more electronic, the human eye can only spot and surveil so much terrain—machines simply do it better and (usually) cheaper, cutting regulatory and compliance costs.

The problem, as I see it, is that regtech includes too wide a range of functions. Additionally, much like how anti-doping agencies are always a step behind the steroid cheats, tech providers are continually having to develop new ways to deal with new threats and regulations. There’s no getting ahead of the curve.

Regtech X.0

For those that don’t know, we have a new reporter working out of our London office named Eliot Raman Jones. He recently graduated from some school in Wales, is quite tall, and seems bright—if a bit sarcastic (that part is probably why I hired him, as I have an affinity for sarcasm and snark). A few months ago, he pitched me a story on compliance tech—I had my misgivings, but I wanted to see what he could do.

The result is this story, which I think shows how the regtech vendor community is trying to evolve—both from a technological standpoint and from a marketing perspective.

I asked two chief compliance officers what they thought of the term “regtech.” One said, “You have to come up with some term just so you can keep up with all the startups in the space”—the old innovation discovery problem. The other said, “There are very good vendors that we use for compliance—I just don’t know that they call themselves ‘regtechs’ anymore.”

As Eliot’s story notes, the fines around regulatory compliance violations are rising. It’s a reputational risk, and it’s becoming a fatter financial risk. The story also notes a survey conducted by regtech vendor SteelEye, which revealed that 76% of financial services firms have increased compliance expenditure over the past year (though that includes increased staffing, and not just tech), while 38% of firms surveyed stated that they have invested in tech to help reduce manual and analog workloads.

“I think an increase in spend in regtech is going to lead to a decrease in spend in compliance as a whole,” said SteelEye CEO Matt Smith. And I’m sure that is what he and other vendors in the space are hoping for—stop spending so much on people to throw at the problem and let newer, cutting-edge tech solve your regulatory surveillance and reporting needs. (It should be noted that the vendors have not been on the hook for hefty SEC/FCA fines. … The end responsibility for compliance rests solely on the shoulders of the banks and asset managers.)

So, with fines spiking and with the increased number of regulations hitting the books, there’s still green field for regtechs. Throwing bodies at the problem is a stopgap. But here’s where I think the problem arises. … Stay with me as I try and pull this together.

As we write (seemingly ad nauseam), interoperability and the ability to communicate across systems is becoming exponentially more important. At the same time, trading firms are embracing APIs to deliver information and software, more services are moving to the cloud, and more end-users are participating in the open-source community.

To me, it’s about creating a tight-knit ecosystem, rather than walled-off gardens—or at least teaming up for mutually beneficial projects and then creating your own special interior gardens later. The world of regtech, though, by its nature, can feel siloed and walled off: “I do KYC. You cover spoofing. They do Form PF. Those guys are all about hacking,” and so on.

The other problem—as I understand it, anyway—is that while spending on compliance is growing (again, with an emphasis on human capital), it’s easier to open the purse strings for a new analytics platform or dataset that can deliver alpha, rather than it is for a defense system. Everyone thinks their compliance systems and processes are adequate … until that regulatory hammer comes crashing down and you’re on the front page of The Wall Street Journal.

This all logically leads to the question: With so many little problems, what’s the big answer? I’m not a technologist nor regulatory expert, but here’s how I see it—regtech, at its core, is good and necessary. Throwing bodies at a problem is not worthy of the technological world that we live in when cloud is nearly ubiquitous, open-source tools are plentiful, machine learning has become increasingly democratized, and there are truly excellent startups out there addressing end users’ compliance needs. The regulators lit the fire through new rules and fines to make end users take compliance more seriously, and there are tools at their disposal.

Thus, the onus has to be on end users to define what the next generation of regtech will look like. To me, that means interoperability and open-source, but maybe (likely) someone has a better vision. But the regtech vendor community needs to do a better job of partnering and finding new ways to be complimentary. Put the knives back in the sheaths, essentially.

I think there’s a Braveheart reference to make here about the Scottish tribes coming together, but honestly, I’m on an Amtrak train in my own private room (not-so-humble-brag), and I might’ve lost the plot. Feel free to let me know where I’m off base and where we can improve our regtech—or just plain regulatory technology—coverage: anthony.malakian@infopro-digital.com.

The image accompanying this column is “Reynard the Fox: The Lion’s Court” by Allart van Everdingen, courtesy of the Cleveland Museum of Art’s open-access program.