Welcome back to FinTech Law’s 2022 regtech series. In my first post, I discussed how regtech adoption in financial services has lagged the adoption of other forms of fintech, although recent statistics suggest regtech adoption may be on the rise. In my second post, I talked about the regtech funding market, which has favored a few large regtech companies. In my third post, I shifted focus to the legal industry. I considered why financial services lawyers need to stay current on regtech developments. I also explained the benefits of regtech collaboration across the regulatory ecosystem, where lawyers and other industry participants play a key role.
In this post, I consider the strengths and weaknesses of regtech. Let’s dive in.
The Strengths of Regtech: Why Adopt It Now?
Three major strengths of regtech adoption immediately come to mind.
Regtech can help automate repeatable processes that, quite frankly, most people don't want to do.
Regtech can scale those processes to handle a high volume of transactions.
3. Cost Efficiency
Along with scalability comes cost efficiency. A scalable technology product will incur much lower marginal costs than labor costs as a firm grows in volume.
Another benefit of adopting regtech that isn't often discussed is it can provide a better user experience. As consumers, we’re used to—and implicitly expect—great user experiences with our products and software. A sleek user interface isn’t something we typically associate with regtech. Like other business apps, regtech is behind the curve established by popular consumer electronics, which we enjoy for their usability, smoothness, and functionality.
But as regtech matures and provides a better user experience, increased adoption will follow. More and more employees will want to use it. A well-designed regtech product can help increase regulatory compliance by making it easier for employees to meet their compliance obligations. Better adoption means a stronger culture of compliance.
the Weaknesses of Regtech: Why Wait to Adopt It?
A few weaknesses come to mind when considering the drawbacks to adopting regtech.
1. Lack of Industry Standards for Evaluating Regtech
In the United States, there are currently no industry standards for evaluating regtech products. If regtech is going to get off the ground, the industry needs to implement some benchmarks and expectations for vendor due diligence, key performance indicators, and more.
Vendor due diligence is essential to the adoption process. For example, multinational banks and other large corporations will require vendors to undergo a SOC 2 audit. For SMBs and other small to midsize entities, vendor due diligence requirements are lower but still need to be addressed.
Vendors should help establish these standards by being transparent about their capabilities, tech stack, and performance metrics. Vendors need to help educate the industry on underlying technology as well as acceptable performance and error metrics.
2. Reluctance of Industry Participants to Codevelop Regtech
Firms need to have some metrics in place for assessing the performance of the technology they adopt. When firms decide to build rather than buy regtech products, they also need to be able to build them in a way that ensures effectiveness. Both building and buying require participation by the end users of the regtech products. No technology is going to do what it sets out to do until it gets through training and test data and into at least some level of production that involves a live data feed. This is where industry participants play a critical role. Registered entities need to develop some comfort level by participating in the development of regtech before these products can start gaining traction.
Unfortunately, most end users expect highly polished, fully functioning products that provide a broad range of tools. In other words, they want everything—and at a low cost too. The reality is that software takes time to build, test, improve, and reiterate. The regtech industry has not reached a point where a few dominant platforms provide all the tools a user wants. Rather, the landscape is dotted with smaller products that are good at one, two, or a few things. If end users want an ideal state, they need to contribute to its development by working with today’s products.
3. Undeveloped Integration
As noted above, regtech products tend to focus on doing just one or two tasks very well. This puts firms into the position of having to adopt multiple products and manage multiple vendors. No firm—whether enterprise-level or SMB—wants to deal with multiple regtech vendors to automate a handful of tasks. Doing initial due diligence and ongoing due diligence on multiple vendors is time-consuming and burdensome for any size firm. A regtech platform that integrates several distinct products across the regulatory spectrum would appeal to a wide range of firms and increase adoption overall.
The regtech industry is already moving in this direction. A few fintech firms are starting to acquire other regtech companies and integrate them into a complete platform. Most of these acquiring firms are backed by private equity or other institutional investors. The result will be consolidated platforms that can offer products at scale, but there are costs to this consolidation. End users will have fewer choices and less pricing power—but that is the cost of convenience.
4. Uncertainty around Product Liability
Adopting regtech software, especially enterprise-level software, carries the weight of product liability. For this reason, innovative companies need to take on some responsibility for their products. This liability should be mitigated by internal controls to ensure that the vendor is using commercially reasonable practices in its data management and software development. While the vendor may not accept the risk of product failure, it should have a strong risk management framework and rigorous internal controls, and it should be transparent about the product and its limitations.
On the flip side, users need to understand that software is a tool and, like most tools, experiences errors and deficiencies. Further, the performance of many tools depends on whether they are used properly. Therefore, end users need their own internal controls and processes in place when deploying a product to ensure its proper adoption—and the prompt reporting of any issues. At all market levels, product liability standards are needed to legitimize regtech offerings.
5. Lack of Industry Standards around Data Privacy
This lack of standards means that the same regtech products U.S. firms use may not meet E.U. data privacy requirements, creating a limited expansion or limited market for those products. As data privacy standards emerge not only in the United States but also globally, this weakness will disappear.
The Path Forward
Regtech, like many industries before it, is starting to mature as an industry, which means it will soon start to face some of the challenges or weaknesses that characterize the industry. Over time, regtech will follow the path of the broader fintech industry as adoption, execution, and regulatory and legal issues are addressed, and as more firms adopt technology into their normal operating processes.
In our next blog post, I’ll offer more in-depth guidance on evaluating regtech products and conducting initial due diligence on vendors.