Stifled by legacy infrastructure and bureaucratic processes, firms are turning to regtech solutions that leverage software & automation to close compliance gaps and address other regulatory challenges.
The regulatory landscape has expanded significantly in recent years, creating more opportunity for compliance gaps to emerge across industries — including financial services. Regulators are issuing record levels in non-compliance fines, and pending financial regulations like GDPR, PSD2, and MiFIDII/MIFIR have firms scrambling to build compliant solutions.
As a result, we see financial firms increasingly turning to new regulatory technology (regtech) to fill compliance gaps, save on the costs of compliance, get ahead of requirements before deadlines, and detect enterprise risk before the regulators do.
In Part I of this two-part explainer on regtech, we explain how we define regtech and outlined some of the macro-economic drivers that have enabled its rise. In Part II, we use CB Insights data to break down the four phases of regtech to better frame how the technology has evolved, and highlight a few of the software and technology companies working within each phase.
Regtech 101 refresher
Less than 17% of firms have implemented a regtech solution. Broadly, this can be explained by legacy infrastructure, strained resources, and a changing regulatory landscape. But regtech companies that can help firms navigate through compliance-related pain points are gaining traction, and have raised over $6.2B across approximately 680 equity investments since 2013.
We define regtech broadly to include any technology and/or software created to address regulatory challenges and help companies understand regulatory requirements and stay compliant. The technology ranges from software to automate workflow to advanced technology like machine learning, natural language processing (NLP), and blockchain to replace old policies and procedures.
FOUR PHASES OF REGTECH
Below, we dive into the 4 phases of regtech — Manual, Workflow Automation, Continuous Monitoring, and Predictive Analytics — and spotlight a few companies operating in each phase. We analyze how some companies are using technology to solve existing compliance issues, while others are using technology to predict tomorrow’s risks before they occur. Each successive phase represents a higher level of automation.
Phase 1: Manual
The first phase — what we call manual — is the starting point for most regulatory and compliance teams, and is defined by manual data capture tools. These tools help firms manage content and data centrally and provide a basic audit trail.
Microsoft Excel is one of the earliest software’s used by compliance teams to build manual data capture tools. The benefits have helped streamline auditing, reporting, and reduce the risk of manual human error.
Many firms are still stuck with dated manual processes and excel is still an integral tool used today to support risk and compliance functions.
Phase 2: Workflow Automation
As software started to be purpose-built for the regulatory and compliance workflows, we entered the second phase of regtech — workflow automation.
In this phase, banks started leveraging software for regulatory reporting, maintaining audit trails, and more. This has helped firms automate the more mundane compliance tasks and reduce operational risks associated with meeting compliance and reporting obligations.
One the earliest companies developing automation software is MetricStream, which was founded in 1999. MetricStream’s latest round of funding was a $25M Series G-II in Q3’17 that included Goldman Sachs, Clearlake Capital Group, EDBI, and Sageview Capital.
While Metricstream is still the weapon of choice for many firms today, there have been a few new entrants including Workfusion and Ripcord. These companies are leveraging cloud storage and are easier to customize versus MetricStream, which was first built for local storage and is a legacy out-of-the-box solution.
Ripcord uses robotic digitization software to automate and replace the current paper processing and regulatory reporting. Ripcord’s technology uses natural language processing (NLP) to search records, certify they are compliant, and creates a digital audit trail for compliance professionals and for regulators to securely access data. Ripcord raised $40M in debt and equity funding from Icon Ventures, Kleiner Perkins Caufield & Byers, Lux Capital, and Silicon Valley Bank in Q3’17.
Phase 3: Continuous Monitoring
In recent years, banks have shifted again to adopting tools in the third phase of regtech — continuous monitoring. Traditional monitoring and revalidation of compliance controls for most firms are executed on cyclical or ad hoc basis. This method surfaces existing inconsistencies and gaps that, depending on the cycle time of the review, could have been lingering for years.
Taking a continuous monitoring approach can shift the approach to resolve the incident from reactive to proactive. Firms that adopt this approach are better positioned to address incidents in real-time instead of leaving the firm exposed to undue risk. Continuous monitoring technology companies apply data science to automate back-office workflows and cut across different enterprise risk concerns. This includes enterprise security, fraud prevention, and ensuring information security standards (ISO) are met.
One of the earliest software providers working on continuous monitoring is AcadiaSoft. The firm was founded in 2009 by a consortium of financial institutions and market utilities to meet the newly implemented International Swaps and Derivatives Association (ISDA) collateral requirements.
Acadiasoft has continued to grow past its initial mandate to meet the ISDA collateral requirements and has become integral for both banks and market utilities. Many joined in the company’s last round of funding — a $30M investment in late Q3’15.
Newer tools include NetGuardians, which leverages data analytics to correlate and analyze behaviors to predict and prevent fraud. NetGuardians raised a $8.72M Series C in Q2’17 that included Freemont Management and Swisscom Ventures. In Q3’17 NetGuardians announced a partnership with investor Swisscom, one of Switzerland’s leading telecommunications and IT providers, to implement anti-fraud technology to protect Swisscom’s customers.
This phase also includes software for monitoring exposure credit, market, systemic, and liquidity risk for stress testing and reporting requirements. Regtech startups include OpenGamma, a cloud-based, open platform for analytics and trade risk management for derivatives trading. The company raised a $1M corporate minority round from Japan Exchange Group (JPX) in Q1’17. JPX previously parctitipated in OpenGamma’s $13.3M Series D and has been working with JPX to investigate the potential of blockchain technologies for derivatives.