The following article was written by ComplySci partner Gary S. Kaminsky, CEO of GSK Consulting, for HFM Technology. To learn more about Gary, click here.
RegTech is a term that has exploded into the asset management industry vernacular since the 2008 financial crisis. The term describes technological solutions designed to facilitate compliance with regulatory initiatives implemented in response to the crisis.
As a subset of FinTech, RegTech generally focuses on facilitating internal compliance and operations processes. Whereas FinTech solutions strive to be ‘software as service’ offerings, RegTech demands sophisticated and expert human interface to effectively implement and maintain, making it a ‘software with service’ offering. However, RegTech alone without the right expertise and deliberately planned implementation is like using a GPS that is not connected to a satellite.
The numerous challenges asset managers face while complying with the seemingly endless array of regulatory demands necessitates Regulatory Enterprise Risk Management (“Regulatory ERM”). Regulatory ERM is a disruptive perspective on approaching an organisation’s overall compliance, operations and infrastructure. Effective Regulatory ERM employs a multidisciplined approach incorporating regulatory, operational, finance and risk management expertise.
“Today’s global regulatory environment necessitates a compliance approach that covers all areas of your operation,” says Jim Casella, CEO of Compliance Solutions Strategies, a new RegTech platform. “Aligning data, technology, and risk management has never been more important.”
RegTech can facilitate this holistic approach, though identifying the optimal RegTech systems can be a challenge, in and of itself. There are many providers to choose from with a multitude of offerings. Some are independent firms offering software platforms designed specifically to address particular issues. Many are already an asset manager’s core service providers, including administrators, prime brokers, auditors and compliance consultants that have incorporated RegTech into their suite of products. Culling through these options requires knowledge of technology but more importantly, an appreciation for the individual firm’s, resources, operations and overall business.
Determining which RegTech solutions best serve your firm can be very timeconsuming and frustrating without a focused plan from the outset. Participating in WebEx/demos, reviewing power point decks and attending meetings with passionate sales professionals can be overwhelming. The reality is no one RegTech solution can ‘solve the problem’. However, RegTech can be an invaluable tool in a comprehensive Regulatory ERM system.
A holistic approach will not only minimize potential compliance lapses, but also can mitigate operational gaps that can lead to negative alpha events. Simply stated, a commitment to Regulatory ERM is good for business.
Notably, in a recent address at the G20 conference in Germany, a leading global regulator, Australian federal treasurer Scott Morrison, stressed the need for asset managers to embrace RegTech as a means to lower compliance costs and enhance business objectives.
“The concept of ‘compliance by design’ can drive down the overall cost of compliance, and improve the accuracy of risk assessments and commercial activities [a]dopting [RegTech] has flowon effects for the organisations themselves in helping to manage and understand their own operational, trading, credit, payment and reputational risk.”
The first step in determining which RegTech solutions to employ is to explore some of the key challenges asset managers face.
Personal trading policies and procedures
Rule 206(4)-7 of the Investment Advisers Act of 1940, requires asset managers to “adopt and implement written policies and procedures reasonably designed to prevent violations” of the federal securities laws. A code of ethics setting forth a firm’s expectations of its personnel and internal procedures for monitoring employee personal securities trading is a prerequisite for any such policy.
The SEC does not designate a specific type of policy or procedure. Rather, it is left to each firm to devise the process that is most appropriate for its business and personnel. Any reasonable policy should include, among other things, contemporaneous reviews of trading. Absent a RegTech solution, this process can be unnecessarily time consuming. Further, a manually executed policy is more likely to miss potential compliance issues.
“RegTech solutions enable a level of accuracy, completeness, and efficiency in personal trade monitoring that truly allows firms to stay ahead of the potential risk posed by employees’ personal trading activities,” says Jean-Marc Levy, CEO of ComplySci, a leading provider of strategic compliance software for global enterprises.
There are a number of RegTech solutions that facilitate this process. While most of these can substantially streamline the exercise, they all require some human input to be successful. The software needs be coded to a firm’s policies and procedures to ensure the system facilitates its compliance programme. Further, a person needs to review the output to determine whether follow up is appropriate.
Dodd Frank, AIFMD, Mifid II and related initiatives have created a cottage industry of solutions for regulatory reporting. Forms PF, CPOPQR, Annex IV and Emir, in particular, are arduous exercises requiring managers to aggregate, transform and report hundreds of complex datasets to global regulatory bodies.
Recent amendments to Form ADV and new reporting obligations have increased the challenge by requiring public disclosure of previously internal information. There are a plethora of RegTech solutions, but all require some manual interaction and expertise in regulation, operations and risk and data management.
As George Chrisafis, managing director of FinTech merchant bank SenaHill Partners, points out “a good deal of the data required for regulatory reporting still resides in multiple disparate databases in legacy systems and there is no good API to get that data”.
No one RegTech solution has surfaced to comprehensively normalise all the data and thereby eliminate the need for expert human resources. Coordinating the right technology with a comprehensive data management plan and dedicated team enables compliance and mitigates unnecessary inefficiencies and costs.
Trade review and risk management
Global regulators have greatly increased scrutiny of asset managers’ trading activities. Regulators employ their own RegTech solutions focused on identifying potential unlawful activity. The SEC conducts reviews of aberrational trades and data received from PF, ADV and other sources to identify higher risk managers for examination. Esma’s Market Abuse Regulation requires managers to conduct their own internal trade reviews and selfreport potentially violative conduct to their regulator.
Institutional investors have increased demands for transparency requiring regular data feeds, risk assessments and return attribution. As a result, the need to ensure consistency and alignment of data has expanded to include all data and risk measurements used throughout the entire organization from the front, middle, back offices and among third-party providers.
Portfolio managers, investors and regulators are all reviewing the same information requiring so firms must have a robust and efficient system to manage this data.
“It is essential that firm’s have the capability to ensure consistency. Risk analytics used by internal portfolio managers should be the same numbers which go into regulatory reports,” stresses Ethan Wishnick, executive director at Axioma Inc, a leading risk reporting provider.
While RegTech providers have developed a myriad of products to address some of these issues, what these solutions cannot do is completely analyse the data with a view towards making sense of the output.
To achieve this, protocols need to be coded into the systems tailored to the individual firm’s trading strategy and professionals with expertise in trading, risk and compliance matters should regularly review the output and make recommendations for any required remedial actions or adjustments in trading strategy.
Another focus area of RegTech has been the development of systems to govern, track, and audit the relevant internal workflows.
Appropriately implemented, RegTech can offer an essential process for workflow management, automated compliance, operations and risk procedures, exception identification, and audit trail resolution.
A fundamental goal of any RegTech system should be to facilitate synergies among internal systems and thirdparty providers.
“The SEC focus on cyber security and vendor risk management has resulted in managers building processes that leverage technology to facilitate compliance. A Vendor Risk Policy is difficult to properly implement and justify without a specific process and audit trail. A software-based solution can make this process simple,” says Jordan Schwartz, managing director, head of software division at Cordium.
All such solutions require some manual coordination with internal policies, procedures and goals to effectively promote the desired efficacies. Whether it is to drive operations, compliance processes or vendor risk management and cybersecurity, a robust technologically driven platform can be an invaluable tool to minimise Regulatory ERM lapses and promote compliance with regulatory mandates.
RegTech is a vernacular in which every asset manager should be conversant. Understanding the options available to facilitate a firm’s Regulatory ERM is a prerequisite to effectively operating an asset management firm in today’s highly scrutinized environment. RegTech should be utilised as “software with service” – a valuable tool to drive a firm’s holistic regulatory ERM infrastructure.
Like any highoctane engine, RegTech requires appropriate expertise and execution to drive it to maximum efficacy.
Gary S. Kaminsky has over 30 years of experience in the industry including SEC Enforcement, CCO of a leading proprietary trading firm, cofounder/ COO/CCO and GC of two hedge fund management companies and consultant to PE, hedge and registered investment company managers.