Over the past years, many companies have partnered with fintech start-ups on various issues, mainly concerning customer-facing areas such as personal finance, payment systems, open banking and investments.
However, financial institutions have now started devoting attention to back-end aspects of their activities which may also benefit from fintech’s disruptions, with particular regards to legal and regulatory compliance activities summed in the so-called Regulatory Technology (regtech).
According to a recent PWC report, the global investment trend in regtech has surpassed one billion US dollars in 2017 and is expected to grow even more in the future, especially thanks to rise of new and more sophisticated technologies such as Artificial Intelligence (AI), predictive analytics and the blockchain.
What are italian regulators saying about AI and regtech?
At the moment only the Commissione Nazionale per le Società e la Borsa (the Italian financial conduct authority or CONSOB) plainly spoke about regtech in a recent report, by saying that its effects could be beneficial not only for the Italian market in general but also for regulators.
Also, according to a recent statement of one of CONSOB’s high commissioners it is likely that the authority will lead the creation of ‘ regtech innovation lab’ by next year in order to promote the development of the regtech market in Italy.
This attempt follows the wake of the UK Financial Conduct Authority and that of other regulators around the world, aimed at creating regulatory sandboxes where regtech firms can ‘experiment’ their product on real data and, as a consequence, accelerate their research, development and marketability.
Meanwhile, also the AI front is burning. After the EU’s future plans for the Digital Single Market also the Italian Government promised in its draft budget law a fifteen millions fund specifically dedicated to the development of new technologies such as AI and the blockchain. Who knows whether part of this will end up into regtech ventures.
So how is regtech supposed to streamline regulatory compliance for good?
Regtech tools aims at facilitating compliance management and minimise regulatory risks through seamless ways which can help meeting and updating regulatory requirements, without overhauling existing risk corporate governance models.
This can lead to many advantages, such as: reducing the time needed for client onboarding, identifying the frauds faster and more effectively, adapting to new regulations on time, improve data collection and analytics and reduce the overall cost of regulatory compliance workforce.
The enablers of regtech shift change are mainly based on SaaS or API solutions through which organizations can better interpret and put in practice global regulations and interpret the huge amount of data lying at the back of regulatory compliance analysis activities.
This is helpful and straight-forward, as regtech ultimate goal should be to support human decision-making powers and not acting as an independent agent.
However, the scenario above is going to be disrupted soon by the rise of AI-powered regtech technologies based on predictive analytics and deep learning. In fact, the regtech market is not exempt from the influx of AI’s worldwide boom - expected to grow by 35% per year until 2022.
What are the main legal challenges connected to the use of AI-powered regtech tools?
Nowadays, human-machine interaction is becoming essential to almost every business decision. However, automated choices connected to compliance needs may deeply affect individuals.
For instance, EU data protection laws prohibit invasive automated processing operations without prior consent. Also, the obligation to report someone to the authorities for money-laundering shall be based on reasonable grounds and the grant of loan or a lease after KYC processes is still subject to a human employee’s last call.
But for how long? This is not clear yet, although the global spread of AI-powered regulatory compliance services is and will definitely become an important stress test to this scenario.
In addition to the above, regtech providers usually bear no (or very limited) responsibilities concerning the actual use of their products and the possible consequences of the relevant automated-decisions affecting their clients’ customers.
However, they may be responsible where it emerges that such automated-decisions are based on an originally biased AI algorithm which, for instance, influenced someone’s credit scoring, loan application, risk level calculation or KYC process.
Also, regtech providers’ possibility to re-use the collected data for their own research and development purposes is another key factor. As fintech firms’ success is also based on open banking and access to data previously held only by financial institutions, so regtech companies could benefit of a similar process from their clients’ compliance data.
Since data is the new oil, the possibility to exploit data effectively represents a new source of economic power. Therefore, also anonymous data could matter in this context, as they are in all senses a business’ intangible asset which can create value.
Finally, with regards to the protection of IP rights connected to AI-powered regtech tools, the following should be noted: on the one hand, we have the debated issue of whether AI-related works can be better protected by copyright or they are eligible for patent; on the other, there is the need to layer IP rights so to shield different aspects of the various innovations connected to AI technologies.
How can regtech companies face all this challenges and yet remain competitive on the market? The road ahead is long and complex but worth a walk to see where regtech could lead.