Recent regulatory changes may have assisted the growth of RegTech, but is separating it from FinTech really necessary - or wise?
RegTech is an industry based on the use of new technologies to help companies meet regulatory requirements in an optimised, streamlined or simply more effective way. First coined by the Financial Conduct Authority in 2015, RegTech has since grown to become the jewel of FinTech’s crown, with global investment surpassing $1bn in 2017.
But what does it look like? RegTech can come in many forms, from automated approaches to combating anti-money laundering (AML) and counter-terrorist financing (CTF), to using social media to carry out enhanced KYC checks. Behavioural analytics software even exists aimed at detecting suspicious behaviour amongst employees working at financial institutions.
Sound impressive? That’s because it is, and quite frankly, in 2018 it needs to be. We are living in a time when the way in which data is held, possessed and shared is being heavily scrutinised and regulated. You would be forgiven for thinking that this scrutiny has come off the back of the data hacks and leaks which have dominated the news in recent months, especially relating to Cambridge Analytica. Alternatively you may think that RegTech was created due to the recent major regulation changes, with GDPR, PSD2 and MLD5 being the most notable examples.
However, Wired claims that RegTech’s origins go further back. “In the wake of the 2008 financial crisis, financial regulators wanted to ensure the industry would not face the same problems again.” Regulatory demands have therefore grown in the past decade and it is that, combined with technological advancements, that has allowed RegTech to blossom.
But at Paybase, we don’t think that celebrating the growth of RegTech goes far enough. The problem is this: increased regulation has created more hurdles for companies attempting to get to market. The current solution? This new breed of RegTech firms is helping companies meet this level of regulation in the most efficient manner, but as a result of RegTech establishing its own identity, new companies are having even more suppliers to deal with. We believe that regulation and financial services are two sides of the same coin.
We built our platform in the knowledge that creating a business that facilitates payments between multiple parties - for instance a marketplace - involves partnering with many providers, suppliers and specialists, each with their own way of working. This can put huge pressure on the business, as it has to bend to fit with so many others. Because of this we wanted to provide a solution that covered everything, offering our clients the chance to work with just one, end-to-end partner. Not only does this simplify things for the business, but the tight integration between compliance services and payments allows for innovative new features that would be otherwise impossible.
One of our most important features, our Logic Engine, is an example of this. It allows companies to set risk management rules that are appropriate for their business. If you are a marketplace, you may want to flag a transaction over £200 on an account created in the past 24 hours, but allow a £500 transaction for a more established account, for example. Transactions could be blocked on accounts that have added more than X amount of cards, or accounts that have changed address X number of times. These rules can be also applied to P2P transfers and withdrawals, covering all parts of the payment journey and ensuring that AML, CTF and Risk Management requirements are met in the most efficient way possible.
But separating this type of compliance and risk management tool from payments would completely restrict what can be inferred from each account. It is only through having extensive customer data and payment processing within the same system that rules can be truly dynamic. This is why it does not make sense to isolate RegTech from payments.
We have also incorporated RegTech within our Customer Due Diligence (CDD) procedure with our Automatic CDD Processor. Using the marketplace example again, if a merchant wishes to become listed on the marketplace their details as a merchant will be automatically searched and verified through Companies House (and other sources). Directors of companies can be verified through various credit agencies and more information is collected as the risk of an individual increases. This ensures that your business is not welcoming fraudulent users, but does not create poor UX for merchants selling on a smaller scale.
Furthermore, Paybase models and tracks interconnected data to detect suspicious activity. Each unique piece of information has its own place on our Graph. This applies across the Paybase client base. If certain details have been flagged as suspicious with a given client, they are flagged across the client-base for review, with real-time risk predictions available. Features like this give our clients targetted insight when investigating and preventing suspicious activity.
As for more recent requirements, PSD2 (which came into effect this year) requires marketplaces and platform businesses to partner with a financial institution in order to process transactions between both buyers and sellers. Partnering with Paybase ensures your business is covered for this regulatory change.
Paybase recognises the utility of RegTech, especially in this current period of regulatory change. However, there should be caution over referring to it as ‘the new FinTech’ or separating it from FinTech - RegTech is, or at least should be, a part of FinTech. New suppliers only add complexity to business operations. Aside from simplicity, keeping RegTech and payments together drastically improves what can be done with both. At Paybase, we’re showing how that can be done.