European Securities and Markets Authority Identifies RegTech Risks
A senior official at the European Securities and Markets Authority (ESMA) has given a speech on “The Adoption of RegTech within the Financial Services”. Patrick Armstrong is the Senior Risk Analysis Officer, Innovation and Products Team at ESMA and gave the speech on 16 May at a RegTech conference in London.
Mr Armstrong identified three risks of RegTech:
- Disintermediation – when collaborating with RegTech firms, financial institutions cannot delegate responsibility for their compliance and risk management activities. Instead, the ultimate responsibility remains with the regulated financial institution. While greater specialisation brings efficiency gains, it means there is a risk that full oversight does extend all the way down the value chain. Additionally, while established financial firms have experienced compliance staff, this may not be true of all new entrants in the sector, who may be unaware of exactly how far their responsibility extends.
- Digital Security – a major concern across sectors, and of course security needs are especially acute in the financial sector. One can argue that the migration to a digital centralized data infrastructure increases a firm’s vulnerability to attack, theft and fraud. We must develop mind sets in which client data is viewed with the same level of security as that given to money placed in secure vaults. To achieve this, we may need to promote increased real-time collaboration between financial sector institutions on cyber security matters.
- Migration Risk – the differential adoption of new technology. Failure on the part of market participants to adapt to the newer digitalized infrastructure presents business risk that may separate winners from losers in the coming years. As well, failure to adapt to a more automated regulatory compliance process may leave participants with platforms ill-suited for the current regulatory framework. For their part, regulators must migrate to a digital based supervisory process, only then can they cope with the volume of data they will soon receive.
Just as FinTech is introducing changes to the way in which market participants offer their services, so too Mr Armstrong saw that RegTech may alter the way in which financial institutions and regulators comply and supervise. Implemented correctly and monitored effectively, Mr Armstrong recognised that RegTech has the potential to improve a financial institution’s ability to meet regulatory demands in a cost efficient manner. Similarly, as a regulator, ESMA is constantly looking for tools to improve the way in which it can better supervise market behaviour. Provided both parties manage this process of change suitably, he thought they can work towards putting in place an effective, fair and transparent financial services sector that stimulates growth and benefits society as a whole.