Maria Philips says fintech firms need to invest more in both risk and compliance technology and in the right risk management staff.
Though banks have invested heavily in fintech over the past couple of decades, most are still some way off being technology companies.
Many still operate legacy technology that has been patched with newer applications. That provides a shiny front end. But, the deeper into the essential functions of some banks you go, the more ancient systems become.
For risk and compliance in particular, manual processes are ‘normal’ and technology is seen as providing data rather than information.
Fintechs need the right risk controls
Many fintech startups get to market in a short period of time because they subscribe to fully operational, transaction-processing software.
Decentralised finance (‘defi’) and crypto-asset platforms are also using subscription-based transactional and account technology to get to market faster.
Those ‘out of the box’ products are sought after because:
- they drive customer engagement and revenue, and
- automation brings lower costs and greater innovation.
But what about innovation in areas that customers don’t see, that don’t generate revenue?
Banks exist to manage risk and they have to comply with a lot of fast-changing regulation. In the short-term, for example, regulators will want to know what banks are doing to ensure their assets are green.
Investing in the right technology
Banks and insurers should prioritise investing in technology that can provide all the data that regulators require.
Bank need risk management and compliance systems that can quickly meet regulatory demands
The cost of compliance is high. A says that big financial firms in the UK are each spending around £300m a year on anti-money laundering compliance alone. The new crop of fintechs, defi and crypto-asset platforms have much better margins than traditional financial services firms because they can avoid those high compliance costs.
Deploying the right regtech will be the difference between winning or losing for newer entrants to the market – and potentially not just for them.
Invest in risk and compliance technology
But which compliance and risk management technologies are actually installed at newer platforms?
The transaction area – the first line of defence – is almost entirely technology-enabled.
However, the second line of defence – the back office – usually has a highly manual, costly, inefficient and siloed approach.
But if the first line of defence can be fully tech-enabled, why use manual and siloed processes in the second?
A rude awakening is on the way for the fintechs that have failed to invest in the back office. By doing that, they’ve put their business model at risk. They might not be able to meet the regulator’s demands and doing so will be expensive.
The right culture for compliance
Why have some fintechs failed to invest in the right risk and compliance technology?
I suspect that bringing executives from established financial firms, both banks and insurers, may also have brought along old habits. Some staff could have recreated the technology issues that bedevil the incumbents they used to work for.
So, what needs to be done?
- Acknowledge the changes needed and assess whether you have the right people to make them happen.
- Identify what good looks like and create a strategy to put it in place – that will require executives to be responsible for the real execution of change.
- Earmark the funding for the right back-office technology.
The UK’s regulatory sandbox has already shown what’s possible. Now it’s up to the industry to move forward.
Maria Philips is a regulatory technologist and multi-disciplinary chief executive officer with expertise in delivering strategy, building complex frameworks and developing and leading high-performing teams. She also advises on regtech and fintech partnerships.
See our Centre for Governance, Risk and Regulation
Find out about our Banking qualifications