In many financial services firms, managing regulatory change is a time-consuming, manual process. Rarely is there a centrally managed, single point of entry for all regulatory changes.
Into the business and there's no guarantee that regulation is being captured effectively at the point in time in which it is published. Typically, even high-value employees end up working on time consuming, repetitive mapping and updating tasks. And despite all the work that goes into developing decks, aggregating information, and gathering spreadsheets, executives struggle to gain a single dashboard view of the impact of regulatory change on the organization at any given time.
As we explained in Part II of this blog series, a largely manual approach to regulatory change management increases costs, inefficiency, duplication of effort, and the risk of missing key regulatory changes. AI and automation technology is already helping firms take a new approach, but how does it all sit together?
Chaining AI for Regulatory Change success
The idea is to chain together some of the technologies we examined in the last blog post to drive maximum value in regulatory change management.
- This should begin with the capturing of regulatory changes. The good news is that there's tried-and-tested technology on the market: specially written scripts designed to crawl publicly available regulatory content on websites to ensure any changes are picked up automatically and pushed into a pipeline for further analysis.
- Next, this info must be processed in a uniform way, whether the content is a PDF, Excel spreadsheet, scanned image or even a speech recording. This requires document parsing technology to give structure and hierarchy to all content.
- Then this information needs to be stored in an appropriate database: NoSQL, and graph databases are essential here, legacy database technology is no longer fit-for-purpose in this context.
- Next up is a crucial stage, where the magic happens: we want to enrich this information with semantics, ontologies and Natural Language Processing (NLP). This provides a level of tagging and linkage to ensure regulatory information is appropriately classified according to the themes, topics and products we can derive from financial services legislation – cybersecurity, AML, data privacy, for example.
- Once that is done, workflow and automated impact assessments form the front-end, user-facing part of the process to enable tasks like control mapping, organizational alignment and policy linkage from a specific regulation.
- Then it's down to the compliance professionals to remediate, provide oversight, and make decisions based on this insight.
A single version of the truth
The result? A single version of the truth, in the form of a unified view of regulatory change; and a standardized and centralized way to process regulatory content from whatever its original format. Compliance professionals ultimately get a more targeted and relevant set of information so they can understand the deep impact of any regulatory change across their enterprise, while automated impact assessments reduce risk and costs. Your high-cost compliance workers are free to move away from labor-intensive processes to work on higher value tasks implementing regulatory change in the business.
That's the ultimate goal, anyway. The good news is that RegTech innovators like CUBE are already chaining together many of the technologies highlighted earlier to drive real value for clients. Although enterprise-scale, end-to-end adoption of AI and RegTech is in its infancy, the gauntlet has very much been thrown down, and the technology to make this possible across all compliance areas now exists. It is up to the industry to keep advancing in order to solve the challenges of financial services firms everywhere.
For customer organizations themselves, there's also a requirement for cultural change if such projects are to be a success. RegTech, including AI and automation, is a major factor, but you need buy-in from the top-down to drive truly transformational improvements in regulatory change management.