With the first quarter of 2020 coming to a close, there is a growing and almost universal sentiment that we would all like a redo on the year. As they say, hindsight is 20-20 (no pun intended) but it would have been nice to have had better foresight into how best to deal with the operational issues and risks that firms are facing right now.

Many, if not all, financial institutions (FIs) have enacted a variety of measures to minimize the spread of the COVID-19 virus and the Canadian FIs are all working diligently and in concert with other global banks to formulate and implement strategies to mitigate the spread of COVID-19, while still maintaining sales and trading activity and all associated operational procedures.

​So what exactly are firms doing? 

In partnership with Fintech Cadence, we surveyed the Canadian RegTech community between January 15 February 28, 2020 to understand the key regulatory compliance challenges firms are facing. Respondents were asked to select their top three issues from a range of options, including topical themes such as open banking, digital ID and third-party risk along with more ‘legacy’ themes, such as regulatory reporting and regulatory change management. Surprisingly, the top three challenges were exactly the same as last year. Compliance Effectiveness ranked as the greatest challenge, followed by Regulatory Change Management and Trade Reporting. It would be interesting to delve further into the underlying issues. Does it stem from underlying technology structure and an over-reliance on manual processes? Or is it due to the movement by banks and other financial institutions towards digital transformation that requires a re-think of compliance and risk functions in order to provide a seamless and trusted customer experience? I expect a bit of both. (You can hear from RegTech experts on this topic when the CRTA leads a panel on this subject at FCCON20 Rise
​ 

The Canadian Regulatory landscape is multi-layered and quite complex making it difficult for RegTech firms to make sure they are building products that are compliant and sustainable. The CRTA have put together a reference paper to help firms understand what each regulatory body does and provide some insight and links to  their 2020 strategic plans. 

On January 16, 2020 we held our first sold-out event – Exploring the Art of the Possible – Trade Surveillance for Capital Markets.  Many thanks to Deloitte Canada for graciously hosting and to Quantexa for their sponsorship. With the room filled to capacity, the morning started with a thought-provoking discussion, moderated by Sandra Persaud of Deloitte, among financial industry practitioners:

• Jason Le – AVP Compliance, Head of Global Surveillance – TD Wholesale Banking
• Loren Schwartz – Head of Regulatory Reporting Services – CIBC World Markets
• Alex Taylor – VP Surveillance – IIROC
• Elizabeth Bethoney – Head of Financial Markets, Americas – Quantexa

Loren Schwartz and Jason Le started by describing how their respective organizations are tackling trade surveillance.  Using open-source technology is key to remaining agile.  As Loren said, “the last thing we want to do is build another legacy system”.  Realistically though, budget constraints can limit a firm’s ability to implement best-of-breed systems.
​
They also discussed the merits of in-house development: the ability to experiment, flexibility to adjust course as lessons are learned and rules change, and ultimately building “muscle” within the firm.  As with almost every technology project, the challenge – especially for large organizations – is normalizing all the disparate data needed to be effective.  As Jeff Harvie later pointed out, “you can’t do any of the fun stuff until you organize the data.”

In 2019 RegTech evolved from being an experiment to a reality. FIs realized that RegTech is a tool that fits into a well-defined, broader compliance framework and can help reduce compliance risks when coupled with the right data, people and processes. We also saw global regulators go on the record about RegTech and start to ask FIs questions about how they are leveraging RegTech and exploring SupTech* to manage their own processes.  Investment in RegTech grew by 103% and it has matured to its own vertical.  At the CRTA, we believe that RegTech will continue to transform Canada’s financial services ecosystem and will evolve into a necessary utility. We plan to continue to lead the conversation, drive strategic thinking and mobilize action. Here’s what some of our Board and Advisors predict for 2020:  
CRTA 2020 Predictions

Following on the heels of the Client Relationship Model (CRM) – the largest regulatory reform the investment industry has seen – firms are now faced with another set of rules that regulators have designed to further enhance the client-advisor relationship – Canadian Securities Administrators (CSA) Client-Focused Reforms (October 3, 2019). For some firms it may feel as though they’ve barely had a chance to breathe before they tackle another set of client-facing reforms. Similar to CRM, which required substantial investment in technology and infrastructure to support new reporting requirements, it’s difficult to consider these reforms in the absence of the significant systems and technology investments that will be required for firms to comply with the reforms in a meaningful way.
 
For example, introducing a minimum time frame in which client information must be reviewed – at least every 12 months for managed accounts, within 12 months before making a trade for, or recommending a trade to, the client, where the registrant is an exempt market dealer, or at least every three years for all other account types – will require some firms to reconsider their account documentation processes to ensure, even in the case where changes are not required, that a systematic account review can be captured and appropriately shared with the client for review.
 

​On November 27, 2019 the Canadian Regulatory Technology Association (CRTA) (Association canadienne de la technologie réglementaire (ACTR)) and KPMG co-hosted A Look into the Future – Emerging Trends and the Use of AI for Model Risk Management (MRM). Many thanks to KPMG for the ideal space, refreshments and hospitality.
The morning opened with a presentation by Mike McCausland of KPMG’s recent Global Model Risk Survey[1] of domestic and global banks, which uncovered some very interesting (and perhaps concerning) trends, including that:

• regulatory supervision of MRM has increased in recent years but only 1/3 of banks have gone through MRM an exam, and most were very recent.  Banks across the globe align their model definitions with SR 11-7 but interpretations vary, so more clear guidance is needed
• SAS is the most common programming language for model development, but R and Python are becoming more prevalent, and C++ is still used within the capital markets area of many large banks
• only a third of respondents have established a model risk appetite and associated parameters
• only half responded that they are actively investing in automated solutions or new technologies to improve model risk management

Panelists at the November 14, 2019 CRTA anti-money-laundering (AML) breakfast, sponsored by Norton Rose Fulbright, concluded that RegTech can help, but is not the full answer to AML woes. 
 
Panel members agreed artificial intelligence and machine learning help distinguish signals from noise and more quickly identify true positives and avoid false negatives, but to be effective, there must be ‘good data’ and business partners must work together both to learn from the past and develop forward-looking tools.  Rosalind Laruccia explained that “audit can be an effective sounding board when onboarding a new product or service and should not be feared or just seen as a once-a-year visitor and place to call in emergencies, but rather be engaged as an ongoing partner,”
Staff need to understand not only the data they most immediately use, but also the downstream impacts of any change across siloes so clients can be understood from a 360° perspective.  Firms with cross-border operations have greater challenges, as different countries may label and understand fields differently or handle common problems in inconsistent ways.  So testing is particularly important; in the experience of one firm, the results of data analysis identified hundreds of clients with a Jan. 1, 1800 birthdate – a case of incorrect data or no date available being handled in this manner?  The KYC process must include entry, storage, testing/checking and retrieval so downstream users can verify data for logic, data can be correlated, and both structured and unstructured data can be managed.

​AML Panel from L to R: Donna Bales (Co-Founder, Canadian RegTech Association), Navjit Singh (Senior Consultant, AML Analytics and Reporting, CIBC), Vishal Gossain (VP – Global Risk Management, Scotiabank), Daniel Leslie (Attorney, Norton Rose Fulbright), Rosalind Laruccia (AVP – Internal Audit, Laurentian Bank of Canada), Eric Brock (COO – PNC Bank (Canada))

To help drive our program for our members, the CRTA posed a question on our website: “What business problem are you trying to solve?” Responders were asked to select their top three issues from a range of options, including topical themes such as open banking, digital ID and compliance for evolving businesses (e.g. cannabis, cryptocurrency and robo advisors) along with more ‘legacy’ themes such as regulatory reporting and regulatory change management. Preliminary indications show ‘Compliance Effectiveness’ as the primary issue, followed by “Regulatory Change Management” and “Regulatory Reporting”. This seems to indicate that financial institutions continue to struggle with how to manage and measure their compliance programs. ​