How to master the profusion of financial regulation, let alone comply with it, is one of the most pressing issues faced by the financial sector today. An important part of the answer is RegTech: technological solutions that facilitate compliance with regulatory requirements.
In recent legal doctrine, RegTech is almost unequivocally hailed as holding the promise of substantial gains in terms of increased efficiency and reduced risk of human errors and resulting administrative fines. Underexposed in legal doctrine and regulatory reports are, however, the risks and challenges of RegTech solutions.
Without neglecting the obvious benefits, my contribution (‘RegTech as a Response to Regulatory Expansion in the Financial Sector') specifically focuses on those risks and challenges. When a RegTech solution contains even a small error, this may create systematically erroneous outcomes, leading to large scale liability risks. In addition, building watertight systems tailored to the needs of a specific financial institution comes with a hefty price tag, which may be prohibitive, especially for smaller players. In order to contain these costs, financial institutions can buy ‘one size fits all’ RegTech solutions, created by RegTech companies, or open-source solutions may be developed, which supervisors could be requested to endorse. When those mechanisms lead to a single RegTech solution being widely used in the marketplace, an error in this solution may result in systemic compliance failures and systemic risks. RegTech also creates new challenges in the areas of cybersecurity and data protection. Finally, the dehumanization resulting from RegTech solutions may necessitate particular risk management efforts.
Nevertheless, RegTech seems to be one of the very few successful answers to the current compliance challenge. Moreover, both legislators and supervisors increasingly require or presuppose automation to ensure compliance. The paper therefore presents several strategies to manage or contain each of the RegTech risks and challenges.
In a final part, the contribution shows that the role of supervisors is paramount in the RegTech era. Supervisory support of RegTech should at least include the provision of sufficiently long implementation periods for new regulation, which allows for the development of adequate RegTech systems. Of equal importance are swift supervisory feedback on interpretation difficulties in the implementation process, sandboxes allowing for trial and error of new RegTech solutions in a safe environment, and the development of RegTech solutions for reporting to the supervisor. In the complex maze of today’s financial regulation, the supervisor increasingly takes up the role of intermediary between the legislator and financial institutions, between rules and compliance. RegTech indeed accelerates the evolution towards a cooperative supervisory model, in which the supervisor guides financial institutions in their search for adequate and correct compliance and in which financial institutions in turn deliver essential input to the supervisor for the development of efficient guidelines, best practices and RegTech solutions.
Veerle Colaert is a professor of financial law at KU Leuven University, a co-director of the Jan Ronse Institute for Company and Financial Law, a member of the ESMA Stakeholder Group, and a member of the Sanctions Committee of the Belgian Financial Services and Markets Authority (FSMA).