Post on 22-May-2020
Modernizing Compliance via RegTech
Moderator: Walter Zebrowski, CPA, JD, Chairman, Regulatory Compliance Association Senior Fellow from Practice:
Danielle Ryea, Executive Director, Financial Services/Regulatory Compliance
Guest Lecturers:
C. Ryan Munson, Senior Manager, Financial Services/Regulatory Technology Lead
Matthew Taverni, Corporate Compliance Senior Manager at MFS Investment Management
Anuj Puri, Senior Manager, Regulatory Compliance
2 © RCA. 2000-2019. All rights reserved.
RCA Mission & Community
NORTH AMERICA
EUROPE
ASIA
AFRICA
SOUTH AMERICA
AUSTRALIA
Exclusive Global Authority for Continuing Compliance Education
(CCE®); Talent Assessment & Development; Professional Exams;
Executive Degree Programs.
RCA Global Metrics
Supporting over 80,000:
• Individuals in Career
Transition
Veterans
Single Parents
• Regulators
• Financial Execs
• Professionals
• Jobseekers
• Millennials
Recognized by over 30,000
senior level Regulators,
Lawyers, CPAs, Investors and
Financial Institution Executives
3 © RCA. 2000-2019. All rights reserved.
Core Verticals
Continuing
Compliance
Education
Professional
Exams &
Certifications
Executive Masters
Degree Programs Talent Assessment
& Development
Recognized & Used by
over 30,000 Regulators,
Institutional Investors,
Compliance Officers, Legal
& Operations Executives
Governing, Regulating &
Administrating the
Professional Examination
of Regulatory Counsel,
Regulatory Analysts &
Compliance Officers.
• Executive MS (Master of
Science) in Compliance
• Executive LLM (Master of
Law) in Regulation
Invest in Your Future…
Position Yourself for SuccessTM
• Certifying Regulators
• RTAC – Assessment of
Compliance Knowledge &
Skills
• RTADS - Talent
Assessment and
Development
RCA Mandate
4 © RCA. 2000-2019. All rights reserved.
Curriculum
Development
RCA’s CCE® (Continuing Compliance Education) Accreditation requires all course materials to satisfy graduate level
criteria within each phase of the academic process: Curriculum Development, Instructional Design & Peer Review.
Instructional
Design Peer Review Accreditation
• Course Materials (Textbook,
Instructional Aides, etc.)
• Lectures
• Examinations
• Syllabus and detailed outline
• Entire course offering
• Mandatory annual review and
accreditation of Course
Materials.
• CPE (Continuing Professional
Education).
• CLE (Continuing Legal
Education).
• CCE® (Continuing Compliance
Education®)
RCA CCE® Accreditation – Refined Over 20 Years
• Independent assessments of
course subject matter.
• Faculty drafted syllabus &
corresponding outline.
• Faculty prepared course
materials.
• Proprietary work product (forms,
policies/procedures, contractual
language, etc.)
RCA CCE® Accreditation
5 © RCA. 2000-2019. All rights reserved.
RCA for Employers Exclusive Global Authority for Continuing Compliance Education (CCE®);
Talent Assessment & Development; Professional Exams; Executive Degree
Programs.
Optimize Your Firm
RTAC™ – RCA’s Talent Assessment
Center
RTADS™ – RCA’s Talent Assessment
& Development System
REIS™ – RCA’s Regulatory Exam
Interview System
RTAC™ + RTADS™ + REIS™ = RCA
Validated Talent Optimization
6 © RCA. 2000-2019. All rights reserved.
RCA Talent Assessment Center (RTAC)
Fortify Your Firms Human Capital – Its Greatest AssetTM
7 © RCA. 2000-2019. All rights reserved.
RCA Talent Assessment and Development System (RTADS)
Law & Practice
Law
Practice
Operational Process
Cybersecurity
Due Dilligence
Risk Management
Fund Goverance
Valuation
Accounting
Taxation
FACTA
BEPS
Compliance
Process
Surveillance
Supervision
Analytics
Case Management
Risk Assessments
Forensic Testing
Reviews
Remediation
Reporting
Marketing
Disclosure Practices
Client/Customer/IR
Fiduciary Duty
AML
Social Media
Code of Ethics
Trading & Markets
Conflicts
Exams &
Enforcement
Inspections
Examinations
Enforcement
Civil Discovery
Civil Litigation
Investigatory Practice
Criminal Prosecution
Regulation 33 & 34 Act
IA Act 1940
IC Act of 1940
Crypto Currencies
Digital Assets
CTA Regulation
CPO Regulation
AIFMD
UCITS
MiFIDs
EMIR
DOL / ERISA
AML / KYC
Trading & Markets
Insider Trading
Market Manipulation
Systemic Risk
Political Contributions
Whistleblower
FCPA
Anti-Bribery
Sanctions
Anti Trust
HSR
High Level Briefing on Curriculum Coverage
8 © RCA. 2000-2019. All rights reserved.
Automated Regulatory Examination Interview System™ (REIS™)
SEC Examiners NOW interview your personnel to find deficiencies in their core
competencies and skill sets. RCA’s Examination Interview System (REIS) simulates the
interview process to identify and resolve knowledge gaps by assigning accredited, up-to-
date, relevant, targeted, talent development.
Design &
Deploy
Configures mock
exam interviews by
subject or topic for a
division,
department, group
or particular
employee.
The cloud-based system
simulates the interview
process with a database
of over 15,000 queries
spanning 4500 topics
using a “self-paced”
environment.
Automatically
identifies, assesses
and evaluates each
employee’s gaps in
core competencies
skill sets and
knowledge.
9 © RCA. 2000-2019. All rights reserved.
RCA for Career Advancement
Invest in Your Future… Position Yourself for SuccessTM
Professional
Exams and
Certifications
• CRC (Chartered
Regulatory Counsel)
• CRA (Chartered
Regulatory Analyst)
• Surpass JD & MBA
Graduates
RCA Symposia Executive Degree
Programs
Continuing
Compliance
Education
• Timely, Relevant
Commentary
• Comprehensive, Up-
to-Date, Practice
Guides
• Over 800 Topics
• Executive MS (Master
of Science) in
Compliance
• Executive LLM (Master
of Law) in Regulation
• Accredited,
Authoritative Faculty
• Network with
Industry Leaders &
Senior Regulators
10 © RCA. 2000-2019. All rights reserved.
Regulatory Leaders Endorse RCA
11
Regulatory Leaders Endorse RCA
12
Industry Leaders Endorse RCA
13 © RCA. 2000-2019. All rights reserved.
Introduction: Today’s Presenters
Danielle Ryea is an Executive Director in the
Advisory Services practice. She has over 18
years of direct regulatory experience. In her
role as a branch chief at the SEC, Danielle led
routine, cause and risk-targeted
examinations of registered investment
advisers, investment companies, and broker-
dealers to assess compliance with federal
securities laws and regulations.
Danielle focuses on Wealth & Asset
Management clients leading engagements to
optimize Compliance and Supervision
functions through operating model
enhancements and RegTech applications.
Danielle M. Ryea
Managing Director, Ernst & Young
Direct: +1 212 773 0160
Email: danielle.ryea@ey.com
Ryan currently co-leads EY’s Regulatory
Technology campaign supporting wealth and
asset managers in the selection, implementation
and use of RegTech solutions to enhance firms’
compliance and supervision programs.
Ryan is a Senior Manager in EY’s Advisory
Services practice. He has over 19 years of
experience as a management consultant within
the Financial Services Industry. Areas of
specialty include operational process
improvement, technology implementations, and
non-financial regulatory reporting. Ryan holds a
Master’s Degree in Management Information
Systems from Stevens.
C. Ryan Munson
Senior Manager, Ernst & Young
Direct: +1 215 448 5551
Email: cr.munson@ey.com
14 © RCA. 2000-2019. All rights reserved.
Introduction: Today’s Presenters
Matthew Taverni is an assistant vice
president at MFS Investment Management®
("MFS®"). He leads the compliance
governance programs team within the
Compliance Department and is responsible
for maintaining MFS' US compliance,
managing the regulatory compliance
aspects of MFS' committee governance
structure, and overseeing a team focusing
on data analytic activities to enhance
department-wide monitoring capabilities.
Matthew Taverni
Corporate Compliance Senior Manager
at MFS Investment Management
Email: mtaverni@mfs.com
Anuj Puri is a Senior Manager in the Financial
Services Advisory practice of Ernst & Young
LLP. He has 14 years of experience consulting
for financial institutions and information
technology firms in the Capital Markets domain.
Anuj is currently leading the Reg BI
implementation efforts at a large wealth
management client. He is responsible for
assessing the Reg BI impact on the client’s
engagement models and business activities,
defining the requirements for the process and
system changes and updates to the process
flows required to comply with Regulation Best
Interest.
Anuj Puri
Senior Manager, Ernst & Young
Direct: +1 201 551 6197
Email: Anuj.Puri@ey.com
15 © RCA. 2000-2019. All rights reserved.
Agenda
Introduction
Today’s Objective
Introduction to RegTech
Maturity Model
RegTech Capabilities
Enhancing Compliance Process through RegTech
RegTech Business Case
Maturing RegTech Challenges
1
2
3
4
5
6
7
8
16 © RCA. 2000-2019. All rights reserved.
Today’s Learning Objectives
Define RegTech within asset management compliance
Apply RegTech maturity model to an asset management compliance program
Define potential core and leading RegTech capabilities for an asset management
compliance program
Assess and prioritize opportunities to implement RegTech capabilities based on cost,
complexity, available resources, and return on investment/benefit
List critical elements of a business case supporting a RegTech proof-of-concept
investment/exercise
Recognize potential RegTech implementation challenges and identify methods to
overcome them
17 © RCA. 2000-2019. All rights reserved.
Introduction to RegTech
New technologies that facilitate the delivery of regulatory requirements more efficiently and effectively than existing
capabilities. This technology ranges from complementing existing compliance, audit, and risk workflows to replacing
and wholly automating them through leveraging cutting-edge technologies like artificial intelligence, machine
learning, and the blockchain.
Compliance and supervision leaders are facing real challenges of:
increasing oversight
reducing costs, and
utilizing existing infrastructure/technologies that cannot keep up with new regulations
As a result, firms are finding a need to assess the effectiveness of current regulatory compliance and
supervision technology applications and evaluate the emerging capabilities of RegTech.
Regulatory Technology, or RegTech, is drawing significant focus and investments from regulators,
technology providers, and financial institutions in the wealth and asset management industry. Given the
technology’s potential to disrupt and enhance compliance and supervision processes and systems,
both large and mid-size firms have recently started to explore RegTech solutions to achieve greater
agility, better productivity, and lower costs within the compliance and supervisions functions.
What is RegTech?
18 © RCA. 2000-2019. All rights reserved.
Introduction to RegTech: Key Characteristics and Common Applications Key Characteristics
Agility – cluttered and intertwined data sets can be decoupled and organized through ETL
(Extract, Transfer Load) technologies
Speed – reports can be configured and generated quickly
Integration – short timeframes to get solution up and running
Analytics – RegTech uses analytic tools to intelligently mine existing “big data” data sets and
unlock their true potential e.g. using the same data for multiple purposes.
Common Applications in Asset Management
• Legislation/Regulation gap analysis tools
• Regulatory Monitoring
• Policy Management
• Compliance universe tools
• Identity verification
• Management Information tools
• Transaction reporting tools
• Regulatory reporting tools
• Activity monitoring tools
• Training tools
• Risk data warehouses
• Case management tools
• Transaction monitoring
19 © RCA. 2000-2019. All rights reserved.
Introduction to RegTech: Regulatory History
2015: At a governmental level, the FCA was the first governmental body
to establish and promote the term RegTech, defining it as: "RegTech is a
sub-set of FinTech that focuses on technologies that may facilitate the
delivery of regulatory requirements more efficiently and effectively than
existing capabilities".
2010: Regulators began in earnest to explore and investment emerging analytical
capabilities and other newer surveillance technologies to enhance their own
oversight and examination programs
SEC -
NEAT (National Examination Automation Tool
MIDAS (Market Information Data Analytics System) : for analyzing equity
market data
2018 : Regulators around the globe are driving RegTech innovation by
supporting the development of advanced solutions in a controlled
environment, sometimes referred to as a ‘Regulatory Sandbox.’ Such facilities
allow regulators to get hands-on with new ideas, understand them, shape
them if appropriate, and generate insights to feed back into mainstream
regulatory activities.
20
Maturity Model
Where does your firm stand?
21 © RCA. 2000-2019. All rights reserved.
RegTech Maturity Model: Overview
The use of artificial intelligence, robotics and machine learning are
leading practices within regulatory compliance.
Many firms are at the beginning of that journey and will need to
strengthen their organizations’ regulatory compliance functions by
maturing their foundational technologies.
22 © RCA. 2000-2019. All rights reserved.
RegTech Maturity Model: Limited and Core
Most firms have Limited and Core RegTech capabilities utilizing standard business and
office suite software programs.
Limited
Characteristics
► Manual monitoring and testing processes
► Limited workflow/case management capabilities
► Issue-based reporting
Examples
► Pivot tables, filters, limited reporting
1 Core
Characteristics
► Disparate systems, lacking integration and communication capabilities
► On-demand management reporting
► Minimally efficient workflows
Examples
► Semi-automated processes and workflows, fragmented data analytics, siloed management reporting
.
2
23 © RCA. 2000-2019. All rights reserved.
RegTech Maturity Model: Enhanced and Leading
Fewer firms have Enhanced RegTech capabilities utilizing advanced analytics
and some automation for routine processes. Leading RegTech capabilities are
primarily roadmap items.
Enhanced
Characteristics
► Enterprise-based technologies that support both lines of business (LOB) and enterprise needs
► Standard reports for both LOB and enterprise purposes
► Streamlined processes
Examples
► Robotics, natural language processing, advanced analytics, continuous monitoring
3 Leading
Characteristics
► Integrated technology infrastructure
► Full automation of compliance processes
► Insightful management intelligence reporting
Examples
► Artificial intelligence, machine learning, predictive analytics
4
24 © RCA. 2000-2019. All rights reserved.
RegTech Maturity Model: Regulatory Expectations
As the next generation of regulatory
obligations and expectations
becomes more sophisticated, the
convergence of RegTech and the
associated capabilities to meet
regulatory demands creates the
necessity for firms to evaluate their
current technology solutions.
“… These RegTech tools have the
potential to fundamentally transform
how securities industry participants
perform their compliance
obligations.”
FINRA, “Technology Based Innovations for Regulatory Compliance
(“RegTech”) in the Securities Industry,” September 2018
Overall, regulators are likely looking for firms
to leverage RegTech capabilities where it
makes sense.
Key is to ‘right-size’
• Balance between technology spend and
compliance program / risk management
need
Factors that may influence what the ‘right-size’
is could be:
• AUM
• Strategy
• Size of firm (employees)
• Jurisdictional footprint
25
RegTech Capabilities How to incorporate RegTech for different-sized firms
26 © RCA. 2000-2019. All rights reserved.
RegTech Capabilities: Overview
CAPABILITIES BENEFITS MATURITY
► Utilizes diverse data to perform
complex analyses
► Assists in making decisions and
exploring new and emerging risks
► Identify patterns
► Allow employees to focus on
making complex decisions
► Unlocking insights from data through
intuitive reports that allows users to
explore and drill-down into the data
► Provide real-time insights
► Empower business stakeholders
► Automates certain activities (e.g.,
manipulating data)
► Runs unattended
► Reduce costs, errors & cycle time
► Increase economies of scale
► Extract insights and content from
digitized documents ► Facilitate digitization of processes
► Analyze, understand and derive
meaning from unstructured text data
► Enable automated review of
documents and other unstructured
text data
► Using machine learning to classify,
cluster and make recommendations
► Enable automation and signal
extraction
► Connect disparate data-sources
based on relationships and core
connections
► Increased efficiency for storing,
processing and querying data
► Execute tasks, communicate self-
learning and make sophisticated
recommendations
► Facilitate decision making and
provides higher accuracy for
automating more complex tasks
Data Analytics
Visualization & Self-Service
Analytics
Robotics Process
Automation
Transcription & Feature
Extraction
Natural Language
Processing
Fundamental Machine Learning
Knowledge Graphs
Deep Learning
Core
Enhanced
Leading
27 © RCA. 2000-2019. All rights reserved.
RegTech Capabilities: Core Maturity
Data Analytics
Capabilities
► Utilizes diverse data to perform complex analyses
► Assists in making decisions and exploring new and emerging risks
Benefits
► Identify patterns
► Allow employees to focus on making complex decisions
1
28 © RCA. 2000-2019. All rights reserved.
RegTech Capabilities: Enhanced Maturity
Transcription & Feature Extract
Capabilities
►Extract insights and content from digitized documents
Benefits
►Facilitate digitization of processes
1 Natural Language
Processing
Capabilities
►Analyze, understand and derive meaning from unstructured text data
Benefits
►Enable automated review of documents and other unstructured text data
2
29 © RCA. 2000-2019. All rights reserved.
RegTech Capabilities: Leading Maturity
Knowledge Graphs
Capabilities
►Connect disparate data-sources based on relationships and core connections
Benefits
►Increased efficiency for storing, processing and querying data
1 Deep Learning
Capabilities
►Execute tasks, communicate self-learning and make sophisticated recommendations
Benefits
►Facilitate decision making and provides higher accuracy for automating more complex tasks
2
30 © RCA. 2000-2019. All rights reserved.
Enhancing Compliance Process through RegTech: Illustrative Use Cases:
Analytics Enabler Value Provided to Compliance Process
Marketing and
Advertising Review
► NLP
► Machine Learning
► Enables marketing material review automation and significantly reduced manual effort in
review process
► Streamlines workflow processes and sophisticated routing based on complexity of
documents
Conflicts of Interest
Management
► Data Analytics
► Visualization & Self-
Service Analytics
► Automate oversight related to conduct risk areas (e.g., personal trading, gifts and
entertainment, outside business activities and political contributions)
► Ability to target key risk areas to identify training gaps
Expense Allocation
► Robotics Process
Automation
► Enables increased governance of expenses with the automated collection of
referential data (e.g., deal status, equity source) and by establishing a relationship between
deal codes in multiple reporting systems
► Provides increased accuracy in allocations with automated calculations
Email Surveillance
► NLP
► Robotics Process
Automation
► Utilizes contextual analysis to reduce false positives as compared to a traditional lexicon-
based approach
► Decreases email review time by automating standard review process for email alerts
► Utilizes graph analytics to detect relationships between words and individuals
► Leverages advanced analytics and models to pinpoint suspicious e-communications
Anti-Money
Laundering/
OFAC
► Robotics Process
Automation
► Machine Learning
► Automates OFAC screening searches of entries against an optimized set of government
watch lists for reduced false positives
► Alert optimization using machine learning techniques
31 © RCA. 2000-2019. All rights reserved.
Enhancing Compliance Process through RegTech: Buy vs. Build
Consider Buy vs. Build
Build: Design
• Document business and
functional requirements
needed to meet strategy
objectives
• Design and plan integration
with current infrastructure
and create a proof of
concept
• Develop to meet business
and functional requirements
Buy: Vendor Selection
• Document business and
functional requirements
needed to meet strategy
objectives
• Conduct RFP and due
diligence on vendor
technologies and solutions
factoring in ease of
implementation, integration
capabilities, and data
sourcing requirements
Disadvantage
Buy
Build
32
How to Get Started
33 © RCA. 2000-2019. All rights reserved.
Reg-Tech Business Case: Key Elements
Effort
Resources (FTEs and Consultants)
required to accomplish the task
Parties Involved
List of stakeholders across
Compliance, IT, Business,
Legal, Risk, Audit, Etc.
Timeframe
The overall timeframe of the RegTech
business case
Licensing Costs
Licensing costs associated with the
RegTech technology platform
Retail Costs
Retail costs associated
with the RegTech
business case
Output/Demo
Illustrative output of the
RegTech solution
Opportunity
The opportunity that
founded the RegTech
business case
Benefits Benefits from carrying out
the RegTech business case
34 © RCA. 2000-2019. All rights reserved.
RegTech Business Case: Opportunity Scan Assessment
# Compliance
Process Value
Risk
Profile Notes
1
Review of
prospectus
changes
Medium Medium Minimal records and applications
associated with test
2
Develop a self
service portal for
data queries
High Low Could leverage ServiceNow?
Minimal risk area
3
Create
compliance data
hub to normalize
data fit-for-
purpose
High Medium Data quality is critical
Wide-ranging impact
4
Employ AI tools
to comply with
CRD rules
Medium Medium High cost of implementation
5
Automate review
of marketing
materials
High High
Automate to reduce review time, greater
speed to market
High scrutiny by regulator
6
Create
Compliance
reporting and
dashboards
Medium Medium Improve management reporting
An opportunity scan assessment can be used to identify potential use cases with the highest efficiency gains. Throughout the
assessment, selected compliance processes are assessed for efficiency opportunities and risk factors. The output –
represented below - represents a graphical view of the assessment scores for each area, where the most ideal candidates will
be indicated with the highest efficiency gains and highest risk mitigation can be achieved.
Val
ue
Risk Factor
High Low
1
2
High
3 4
5
6
Recommendations
35 © RCA. 2000-2019. All rights reserved.
RegTech Business Case: Executing a Proof of Concept
• Understand what compliance desires to achieve or what pain points they are solving for
• Identify the expected value or ROI Prove the Need
• Brainstorm ways to solve pain points
• Evaluate each possible solution to determine how it stacks up in reference to cost, competition, timeline, technology challenges, etc.
Map Pain Points to Solutions and Get
Feedback
• Create a prototype that wraps your solution into a rudimentary product
• Once the prototype is built, test it with your interviewees for additional feedback
Prototype Your Solution and Test
• Create a roadmap that incorporate feedback and outlines a recommended step-by-step process for building the product
Design a Roadmap
36 © RCA. 2000-2019. All rights reserved.
Maturing RegTech Challenges
Change management: Replacement of legacy systems may disrupt operations, change business processes and necessitate a cultural change
2
Data: Fragmented and poor-quality data delays the implementation and severely impacts the effectiveness of Reg Tech platforms 5
Vendor risk management: Legacy controls, processes and oversight may not meet third- party risk management criteria
4
Talent: Existing resources may lack the skills to realize the full benefits of RegTech tools
3
Strategy: Without an overarching RegTech strategy, implementation dependencies and risks may not be identified
1
Thank You
38 © RCA. 2000-2019. All rights reserved.