Step Aside, Fintech; Here Comes Regtech

It’s virtually impossible these days to have a discussion about credit unions without the conversation turning to fintech and its exhilarating, albeit sometimes unsettling, disruptiveness. But amid the din of all the fintech chatter, another strain of technological disruption is quietly materializing in the back office: Regtech.

By most accounts, regtech (the word is a mash-up of regulatory technology) is fintech’s little sister – the same basic genetic material, but different a size, look and function. Instead of focusing on the member experience, as much of fintech tends to do, regtech focuses on streamlining and even automating a litany of regulatory tasks that credit unions have often done manually and with human brains.

Credit unions spend at least $6.1 billion a year on complying with regulations, according to CUNA, which is one reason experts say regtech could be huge for the industry. Newness, cost and other factors have many credit unions understandably hesitant to get involved, but two industry pros said that knowing how to budget for regtech and knowing how to think about the options could soon coax many off the sidelines.

What Exactly Is Regtech?

According to a study published earlier this year by the Madison, Wis.-based industry think tank Filene Research Institute, regtech capitalizes on a lot of what fintech has already brought to the table – things such as algorithms, machine learning, predictive analytics, cloud computing, blockchain, application program interfaces and more. But instead of using that technology to enhance the connection between credit unions and members, as is the case for fintech, regtech’s end goal is to organize the mushrooming amounts of data that credit unions have at their disposal, use that data to satisfy regulators and capitalize on any insights along the way.

Onker Basu, a senior director at bank and credit union consulting firm Cornerstone Advisors, said detecting and gathering data about money laundering and suspicious activities are prime examples of where regtech tools can help credit unions.

“You have an opportunity at the front end to look at the transactions-logging patterns in a more sophisticated way, with more algorithms than you had before,” he explained.

The timing is fantastic, added Nicole Bowen, who is vice president of compliance, IT and facilities at the Fairfax, Va.-based Fairfax County Federal Credit Union, which has $414 million in assets and about 17,000 members. Bowen, who said she is a “future predictor” and “cautious watcher” of regtech, said credit unions’ legacy processes aren’t keeping up with increasing regulatory requirements.

“A big burden forever for compliance professionals is [Bank Secrecy Act] and money laundering, so there’s analysis of that data. There’s identity theft prevention. There’s fraud. Our data stats are expanding, so it isn’t just traditional structured data,” she said. “In the traditional model, you have a human or a team of humans who are tasked with analyzing all of this data and finding patterns in it. As that data set grows, I think that we become less effective to the point where potentially we wouldn’t be effective at all.”

Paying For It

It’s not unreasonable for a credit union to carve out 20% or 25% of its IT budget for regtech investments, Basu said. But he and Bowen said credit unions need to consider five things when setting their regtech budget:

1. Productivity. Measuring the ROI on regtech often involves determining how much time and attention a credit union’s employees would give to regulatory tasks and reporting before and after implementation, Basu said.

2. Turnover. Turnover changes are another factor in ROI measurement, Bowen added. “Credit unions are going to want to attract and retain the brightest compliance talent. It isn’t really exciting to know that you’re basically going to be working with outdated methods and it’s going to be a very boring job. I think deploying technology to modernize and revolutionize how we’re handling that side will help us acquire better talent.”

3. History. Adding up regulatory fines that could have been avoided with regtech is another element of measuring ROI, Basu said.

4. Integration. The older a credit union’s existing systems are, the more expensive it will likely be to incorporate a regtech system, Basu warned. “On the flip side, if you’ve been proactive in getting some of those core platforms upgraded and more current, your investment tends to be less on the platform itself,” he said.

5. Size. Large credit unions may seem like natural candidates for early regtech adoption, but Filene’s study suggested that small credit unions could actually benefit more. That’s because relatively speaking, their regulatory costs are much higher – in some cases, more than three times higher than those of large credit unions. Small credit unions could partner with each other to ease the burden, Bowen added. “You have the opportunity to jointly work together, spread cost and spread risk, but develop something that really does solve problems on the broad scale,” she said.

Making It Work

Cost aside, Bowen and Basu said credit unions need to think about five other things when they’re hunting for the right regtech systems:

1. The interface with regulators’ systems. Regtech can help credit unions refocus their top talent on strategic work rather than routine tasks. It’s an attractive proposition for many credit unions, but one that’s quickly stymied if outdated government portals can’t accept data in certain forms, Filene’s study noted.

2. Regulatory interpretations. Watch out: Regtech programs provide data outputs based on their own interpretations of various regulations, Filene noted. “Credit unions should be aware that those decisions on the creation end of regtech are then built into how a credit union complies with regulations, to the extent that the credit union relies on the software,” it warned.

3. Vendor due diligence. “What you want to keep your eye on is sort of this idea of, what’s the quality of the vendor and the leadership? And how long have they been in business? What’s their track record? That sometimes becomes a harder animal, because obviously the smaller you are, the less degree of freedom you have around taking chances there,” Basu said. “Do the due diligence in a very sound way.”

4. The right expectations. “If an institution is looking to a turnkey solution and you’re basically outsourcing every piece of hassle about something, I think you’re putting yourself in a dangerous situation,” Bowen added. “Hiring a company to do something for you doesn’t absolve you in your responsibility for understanding what it’s doing. That’s where that collaboration and the internal analysis piece is important.”

5. The future. It’s often hard to tell what examiners will do or what legislators will decide, which can make credit unions even more anxious about investing in a regtech regime. It’s understandable, Bowen said, but anxiety won’t freeze time.

“If it’s some type of analytics model and you are going to be making important business decisions based upon it, then sometimes maybe the regulator isn’t going to take too kindly to that because it seems unproven. It’s hard to trust, and they have a role in protecting the shared insurance fund and they need to make sure that the information we’re using to make decisions is sound and valid. I get that,” she said. “But I think that now is the time for us to be working more collaboratively, because we would all win in this. I think they’d be better off. We’d be better off. Consumers and members would be better off. We’d be great all around.”