Blog / Regulation

With GDPR hot on the heels of MiFID II and further regulation on the way, how can financial services keep up when the rules are constantly changing? It’s time participants took the driving seat says our CEO, Andrew Walsh.

When the new owner of Formula One recently announced substantial rule changes designed to level the playing field and reduce the cost of execution for teams not everyone was happy about it. Ferrari, the most successful team in F1 history, threatened to pull out of the sport entirely if the ‘regressive’ regulations, which they said would prevent them from winning, went ahead.

It’s not the first time we’ve seen big changes and controversy in F1 and it won’t be the last. The regulations governing F1 have changed countless times throughout the history of the sport to improve safety, and more recently, to reduce costs.

Sound familiar?

Like F1, financial services has seen a startling amount of regulatory change - a 400% increase in the last decade alone. The reasons behind it aren’t dissimilar either; ultimately to protect consumers and, increasingly, to ensure value is being delivered.

A sign of the times

You’re not imagining it, regulation is getting more complex. It’s a reflection of our embedded use of technology and an increasingly data-driven world. The growing threat of global cyber attacks and high security data breaches mean the need to protect consumers has never been greater and is why we’re seeing global changes in cybersecurity and privacy legislation, like the EU’s General Data Protection Regulation (GDPR) which recognises how much of our personal data is now held online, and consumers’ rights to it.

But with the GDPR deadline of 25 May 2018 hot on the heels of MiFID II, and more regulatory change to follow, how can financial services participants ever stay ahead of the game?

"Financial services has seen a startling amount of regulatory change - a 400% increase in the last decade alone."

The acceleration of RegTech

Where traditionally enterprises might have relied on hindsight and ad hoc systems to approach regulatory compliance, with the costs of compliance escalating by over 10% a year, this approach is no longer enough.

In F1, technology is constantly evolving, pushing speed and efficiency to its absolute limits, and it’s the same in financial services. The growth in regulation combined with significant developments in global fintech has led to the creation of a new breed of agile regulatory technology and tools. RegTech is answering a massive need to control costs and introduce efficiencies and its application in financial services is accelerating.

As levels of regulation rise and the global focus on data and reporting increases, RegTech is enabling firms to transform compliance through automation and better use of data. It’s also creating opportunities to think beyond compliance.

Our experience in the UK and other countries has been that advisers and wealth managers who see compliance as a catalyst to achieving broader goals around increased engagement and trust with clients, achieve greater return on their investment in regulatory response. The key is seeing compliance as an ongoing process, not the end game itself, it’s an approach that makes much more sense in our digital world.

Compliance by design

Regulation like GDPR places even greater importance on strong software quality and compliance discipline. The UK regulator, the FCA, has said it will look for ‘privacy and security by design’, which means ensuring privacy and data protection compliance are built into new IT systems and processes from the start.

Those preparing for GDPR will have to think about how data protection is part of their system design and ensure they have capability in place to meet reporting requirements.

This will be a challenge particularly for those already undergoing major changes to meet regulatory requirements elsewhere. But a word of caution, don’t build your next legacy system. Taking an ongoing and proactive approach to compliance means businesses must think strategically about how their partners and their technology can support their needs not only now but in the future.

Just as high performance technology is integral to F1 team strategies, many wealth and investment managers are choosing to simplify and unify their technology stack in favour of a robust, scalable and integrated system. It’s a growing global trend and one that’s giving financial firms greater flexibility and capability to adapt to the increasing level of market and regulatory change.

"Seeing compliance as an ongoing process is an approach that makes much more sense in our digital world."

A new global standard?

GDPR aims to standardise data processing regulations for businesses throughout the EU. Could it become a best practice in other parts of the world too? A unified approach to data protection would surely make sense for our global digital economy.

In Australia, it’s predicted that the mandatory data breach notifications laws coming into effect next year will be followed by other laws similar to GDPR. In South Africa, businesses are still coming to terms with the practical implications of the Protection of Personal Information (POPI) Act which brought its privacy laws in line with international standards and shares many rules in common with the GDPR. While in Canada, questions have been raised about whether its data laws, PIPEDA, should be amended to meet the GDPR requirements.

There’s a sense that there’s more change to come.

Play the long game

In response to the new F1 changes, Ferrari President Sergio Marchionne apparently told analysts on a conference call that ‘if the sandbox changes to the point it becomes an unrecognisable sandbox, I don’t want to play anymore’.

Those that are grappling with MiFIDII and GDPR may well empathise with Sergio, but while we can expect more regulation and change to come our way, with the right mind-set and the right technology, financial services can be in a better position to embrace it when it does.

Banner

More insight & research

This site uses cookies to store information on your computer. By using our site you accept the terms of our cookies policy. Accept