CyberLex
CyberLex Insights on cybersecurity, privacy and data protection law

Paving the Way for RegTech: Australian and Canadian Developments

Posted in FinTech
Jason PhelanAna BadourDrew Wong

Recently, the Australian Securities and Investments Commission (ASIC), which regulates financial services and markets in Australia, provided recommendations and engaged in consultation on establishing best practices and guiding principles for the regulatory technology (RegTech) eco-system in Australia.

As discussed in our previous post in respect of UK developments in the area, “RegTech” can be understood as describing new technologies that facilitate the delivery of regulatory requirements. This demand has been driven by increasing levels of regulations and reporting requirements, which places operational challenges and new risks on the financial services sector. RegTech has the potential to complement financial services providers with streamlined compliance procedures in a cost-effective manner, which could also allow regulators to get access to and process a larger amount of data.

Generally, RegTech services help to declutter, analyze, and provide reports on large, intertwined, and complicated data sets to facilitate  access in a more consumable format. For example, RegTech applications include services to reduce the risk of money laundering activities conducted online, monitoring of online transactions in the digital payment eco-system, fraud prevention and audit trail capabilities.

ASIC Innovation Hub and Request for Feedback

In May 2017, ASIC published a report providing an update on the work of its Innovation Hub and outlining its approach to Fintech, RegTech and related areas. It also sought feedback from different stakeholders with respect to its proposed approach to RegTech.

In March 2015, ASIC established the Innovation Hub, which serves as a body and forum to assist new Fintech businesses navigate through ASIC’s regulatory framework. To date, the Innovation Hub has worked with 168 entities, notably providing them with informal assistance to help bridge any knowledge or resourcing gaps and providing them with access to senior ASIC staff to help streamline processes. Of the 33 new Australian financial services licenses and Australian credit licenses granted since March 2015, the businesses that who have engaged with the Innovation Hub received approval substantially faster than those who have not.

In mid-2016 the Innovation Hub expanded its scope and began to engage with RegTech businesses by providing them with informal assistance. ASIC met with a number of RegTech stakeholders and service providers to get a better sense of their business model and of the RegTech eco-system, as well as with domestic and international regulators to discuss developments in the area. ASIC currently conducts sets of trials of RegTech, including machine learning applications assessing document sets to identify useful evidence and social media monitoring tools.

In its report, ASIC described its new initiatives to complement its current RegTech activities, including the establishment of a liaison group composed of RegTech stakeholders who will meet three times a year to facilitate networking and collaboration opportunities within the RegTech sector, the hosting of a problem-solving event (“hackathon”) with the industry and a commitment to a small number of new trials of RegTechs. ASIC sought feedback from those new initiatives.

ASIC’s RegTech Roundtable 2017

As part of its current commitment to engage with the RegTech community, ASIC hosted its first RegTech roundtable discussion in February 2017 to discuss with a number of entities from across Australia, while regulators and government officials observed. The discussion focused on the current RegTech landscape and its future development, and on the commercial, regulatory and practical barriers to future potential of RegTech in Australia.

The emerging themes during the roundtable included:

  1. Current RegTech environment and emerging technologies – factors such as computer capacity, storage, data use, new technological applications, and the industry sentiment of focusing on efficiency, while maintaining a conduct risk management focus, as well as the opportunities offered by big data and machine learning, are contributing to driving the opportunities and growth in the RegTech market.
  2. Importance of real time monitoring – near real time monitoring of conduct by financial services providers has the potential to change the role of regulators’ from a “rear view mirror” approach to compliance to one focused on learning and prediction, which would save costs and facilitate more streamlined compliance, while having the potential to create a shift within organisations relying on proprietary systems towards an effective compliance culture.
  3. Cyber and information security – questions were raised with respect to the ownership of the data generated by RegTech services, access to such data, cyber security and protection of digital identity.
  4. Lack of human involvement – a potential risk could be formed from replacing the normally human involved process of ensuring compliance with a heavily relied upon process based on an automated system, while potentially creating disruption within organisations as RegTech will inevitably means changes for staff which could see such technology as a threat.

Beyond the themes and risks discussed, ASIC asserted that it sought to continuously engage and receive feedback from those affected by RegTech. ASIC’S intention appears to align the RegTech industry with current compliance systems to streamline and integrate RegTech to better facilitate upholding regulations and ensuring the existing industry is trained and adapts seamlessly.

Canadian Approach to RegTech

The Ontario Securities Commission (OSC) and ASIC previously entered into an agreement, pursuant to which, among other things, they committed to share information on emerging trends in each other’s markets and the potential impact on regulation.  The OSC has also shown its own interest in RegTech developments.  In November 2016, the OSC held its own hackathon bringing together members of the Fintech community to find solutions to regulatory problems arising in the area of RegTech. This hackathon brought in over 120 members of the Fintech community to facilitate discussion and produced a white paper with input from the Fintech and RegTech community.

More generally, in Canada, as discussed in a previous post, the Canadian Securities Administrators (CSA) announced earlier this year the launch of a regulatory sandbox, allowing Fintech businesses to apply with the CSA to receive regulatory relief to test their products and services. RegTech providers are specifically listed as one of the types of business models that is eligible to apply to the CSA regulatory sandbox.

For more information about our Firm’s Fintech expertise, please see our Fintech group’s page.