RegTech & Regulatory Change Management: how technology enables compliance by design

Regulatory change is a hot topic, a trend, but above all: it is necessary. The financial sector has to handle more than 80,000 regulatory changes each year, an average of almost 220 changes per day. It is essential for financial institutions to be able to identify these changes, interpret what those mean for their organization, implement the required changes, while at the same time keeping track of progress and compliance.

In the effort to create a better understanding of these processes, ACE+ Company has developed the Regulatory Change Lifecycle which consists of 7 steps:

  1. Identify regulation(s)
  2. Assess requirements & integrated impact
  3. Set regulatory roadmap
  4. Assure fit-for-purpose solution, data, and architecture
  5. Setup program plan(s)
  6. Deliver capabilities
  7. Monitor and prove compliance

Regulatory Technology (RegTech) should be an integral part of these steps, to not only facilitate the implementation of these steps but also enable the evidencing of compliance.

In the following paragraphs we will go into detail for each of the 7 steps of the Regulatory Change Lifecycle, and how RegTech can provide added value within that area.

Step 1: Identify regulation(s)

This first step encompasses all the activities and process within an organisation used to identify and capture new regulations or regulatory changes. These activities involve staying up-to-date with all the publications of relevant authorities, on an international and local level, and are traditionally performed by a Legal team. The result should be an overview of upcoming regulations and changes with key compliance dates. These activities can also be referred to as “Horizon Scanning” (HS), although the scope of HS is sometimes a bit wider.

RegTech supports this step by automating the identification process, utilising technology to effectively scrape all of the publications of authorities. These solutions can usually filter the laws and regulations based on applicability or relevance for your business, and are updated on a daily basis. After collating key dates these tools provide you with a clear “radar” overview of the upcoming legislation.

For more details on Horizon Scanning tools, you can read our other blog here

Step 2: Assess requirements & integrated impact

Step two of the Regulatory Change Lifecycle involves translating the relevant legislation and regulatory changes into an impact assessment for the company in terms of data, processes, organisation, and systems. This is one of the key steps in the lifecycle, as it becomes clear what the new or changed regulations actually entail for the organisation in the future.

Technology can be used to visualise the time-phased impact of regulatory change across the organisation on data, processes, organisation, and systems in a data-driven manner. Although still fairly immature, there is a small subsection of RegTech companies that focuses on translating regulations to requirements on data attribute level, which helps to speed up impact assessment.

Step 3: Set regulatory roadmap

After determining the impact on the organisation, the necessary changes need to be incorporated in the overall regulatory roadmap. Ideally they are also linked to existing delivery programmes to provide an overarching view of the change portfolio.

Regulatory Technology, specifically data science, should be used to join existing delivery programme data to the regulatory roadmap. This ensures bi-directional traceability and a drill-through from the roadmap to delivery level, while leveraging existing data and systems.

Step 4: Assure fit-for-purpose solution, data, and architecture

Once the regulatory roadmap is clearly defined, it is essential to devise a solution that is fit-for-purpose in terms of data and architecture. Making a clear distinction between which solutions need to be structural from the start and which solutions are sufficient tactically in the short- or medium term

Using data-driven visualisations to map the target architectural blueprint (with drill-throughs for technical and business perspectives) to the regulatory roadmap, RegTech enables clear visibility and tracing of critical compliance dependencies between systems.

If you want to know how we envision a visualization of the architecture across time, see our Kineograph showcase here.

Step 5: Set up program plan(s)

When the impact, roadmap and solution are clearly defined, the implementation activities need to be organized in the form of a project or program. These should be cross-referenced with existing activities for other regulations to avoid a double effort.

RegTech can help in establishing and visualising a clear program baseline for pragmatic portfolio monitoring (set it up right from the start). Ideally this information is powered by data-driven links to existing work tracking systems, always ensuring an up-to-date overview of the work portfolio.

Step 6: Deliver capabilities

After the project or program is set-up, the delivery phase starts. In this phase it is important to keep on top of new developments and issues that emerge. A key element here is to have an up-to-date view on current progress and impediments so decision-makers can act accordingly and in a timely manner.

Utilising selective data point analysis from performance tracking data, combined with data storytelling techniques, RegTech can bring key insights to decision makers based on empirical data and not subjective narratives. This enables faster decision-making, with a reduced impact on the delivery teams who traditionally provide such insights.

Step 7: Monitor & prove compliance

In the last step of the Lifecycle we look back at the previous steps and try to map them to the original regulatory requirements or legal obligations. The goal is to create insight into the current compliance status and how well the organisation is progressing across the various obligations. This insight can also be used towards a regulator to indicate compliance status and what is being worked on.

Utilising tooling and business intelligence, RegTech can link the compliance deliverables to the original legal obligations to close the loop, and provide an accurate and data-driven overview of compliance status and activities.

You can find our view on the future of regulatory reporting here.

How ACT can help

The RegTech market can be difficult to navigate, especially for Regulatory Change Management. There are numerous vendors in many different niches, and they all have their own focus and version of a product. With experience in the Financial sector and knowledge of the RegTech market, we can help you navigate the complexity of this landscape and provide a tailored view that is in line with your business needs.

Back to News & Events