June 7, 2018
Being the greatest opportunity in FinTech, the RegTech ecosystem has grown to meet the demand for effective technological solutions in areas of regulatory reporting, governance, eKYC/AML/CFT, data management, fraud monitoring & control, digital identity, risk management, and more.
A recent study of 38 banks around the world analyzed their third-party RegTech implementations – where the solutions were offered by RegTech startups and large GRC providers – found that RegTech solutions in the space of eKYC/real-time AML screening, AI/ML-based fraud prevention, and real-time compliance monitoring had the highest level of adoption by banks. More than 15 banks had implemented eKYC/advanced AML and sanction screening solutions. Solutions in the space of real-time compliance monitoring and AI/ML-based fraud detection were implemented by eight banks each.
With a promise to deliver a 634% in ROI realizable over a three-year period, end-to-end RegTech implementations are not far in the future, with a large number of banks at the moment using a patching approach with focused solutions.
As we have looked across case studies in Europe, let’s look at some of the interesting examples of how banks are leveraging RegTech solutions in the APAC region.
ICICI Bank, one of India’s large private sector banks with global operations, had a requirement for an end-to-end integrated Enterprise Technology Solution for Risk & Audit Management.
The audit department at ICICI Bank used manual processes and spreadsheets in executing audits and maintaining audit results. Spreadsheets provide flexibility of use but are susceptible to issues relating to security and access making them often highly unreliable for storing audit results. It also creates complexities in relation to managing versions of the spreadsheets. The requirement at ICICI Bank was to Implement an enterprise-wide solution for managing audit and risk reviews, providing the audit team an effective system to plan prioritize, execute audits and reviews, perform knowledge management, work paper management, issue tracking, reporting, and providing various dashboards to the management on the audit and risk review results.
By implementing Pentana Audit Works System (PAWS), the bank increased the efficiency and effectiveness in Risk-Based Internal Audits and Assessments, boosted the productivity of auditors by 30%, and achieved significant cost savings. The bank also was able to eliminate gaps and 40% duplication in coverage, among other things.
Another institution in India, Bank of India, prevented revenue leakage due to inadvertent data migration errors. India’s leading public sector bank consolidated its business by upgrading the operations to Finacle from their in-house developed legacy application used for more than a decade. The migration of 2200+ branches took place in stages by establishing reasonable verification process within the bank. However, during the process and after the branches resuming the operations on the new platform, the data purity challenges were felt. The tons of data verification on proprietary applications were a huge challenge without disrupting the business and with least intervention of the IT department or application vendor.
The bank used AUDITime for data migration verification and data migration audit involving multiple platforms, which was able to independently verify 100% critical data in record time at the centralized place closer to their data center. The entire 2200 branches were verified to provide detailed insight on data values that required immediate attention.
OCBC Bank used a cybersecurity and big data analytics company called ThetaRay to implement AI and AML in its efforts to root out suspicious activities, specifically money laundering and other financial crimes. As the Compliance Week reported, on any typical workday, an OCBC Bank AML compliance analyst would log into the bank’s transaction monitoring system and find up to hundreds of potentially suspicious transactions they had to review. These transactions are flagged for having fulfilled one of several rules, such as a sudden large transfer into or out of an account, that the system had been programmed to recognize. This rule-based approach, however, meant that, with the multiple alerts, AML analysts had to manually trawl a slew of false positives and dead ends as they went on the hunt for viable evidence of a financial crime. It was a time-consuming process that could take days, even weeks, for complex transactions.
OCBC Bank’s transaction monitoring team and its FinTech unit, The Open Vault at OCBC, conducted a PoC with ThetaRay, moving into a pre-implementation phase with advanced testing of additional test data. OCBC Bank was able to further verify the efficacy, security, and robustness of the solution while gaining a more comprehensive understanding of its workings and capabilities.
State Bank of India’s (SBI) Paris signed up for Wolters Kluwer Financial Services’ Regulatory Reporting services. The French branch of India’s largest commercial bank is using the OneSumX Regulatory Reporting solution to ensure regulatory compliance for its activities in the country.
Other interesting cases include the Federal Bank (India), which uses RegTech for data migration, verification, and audit (data management); Dena Bank (India) – data migration, verification, and audit; Westpac and NAB have implemented Fenergo’s solution for AML, CFT, eKYC, and customer onboarding.