EBA ANALYSIS OF REGTECH IN

EBA ANALYSIS OF REGTECH IN THE EU FINANCIAL SECTOR

JUNE 2021 EBA/REP/2021/17

EBA ANALYSIS OF REGTECH IN THE EU FINANCIAL SECTOR

Contents

Abbreviations

4

Executive Summary

5

Background

7

Methodology

10

1. Current RegTech landscape in the EU

12

1.1 Overview of the RegTech market in the EU

12

Status of adoption

15

1.2 The underlying technologies behind the RegTech solutions

20

1.3 Governance processes for RegTech adoption

22

1.3.1 Key components involved in governance processes for RegTech adoption

22

1.3.2 Cooperation/partnership

26

1.3.3 Time to production

26

2. Benefits of RegTech use

28

2.1 Main benefits

28

2.2 Perceived RegTech advantages versus traditional solutions

31

3. Challenges of RegTech use

32

3.1 Challenges from the FI perspective

32

3.2 Challenges from the RegTech provider perspective

35

3.3 Main risks

38

4. Deep dives into RegTech segments

42

4.1 AML/CFT

42

4.1.1 4.1.2 4.1.3 4.1.4 4.1.5

General overview

43

Activities of FIs and RegTech providers

43

Use of technology-based innovations

44

Benefits, challenges and risks associated with use of AML/CFT RegTech solutions 45

Case studies

47

4.2 Fraud prevention

48

4.2.1 General overview

48

4.2.2 Activities of FIs and RegTech providers

49

4.2.3 Use of technology-based innovations

49

4.2.4 Benefits, challenges and risks associated with use of fraud prevention RegTech

solutions

50

4.2.5 Case studies

52

4.3 Prudential reporting

53

4.3.1 General overview

53

4.3.2 Activities of FIs and RegTech providers

53

4.3.3 Use of technology by FIs - evidence from the Cost of compliance study

55

2

EBA ANALYSIS OF REGTECH IN THE EU FINANCIAL SECTOR

4.3.4 Benefits, challenges and risks associated with use of prudential reporting RegTech

solutions

57

4.4 ICT security

60

4.4.1 4.4.2 4.4.3 4.4.4

4.4.5

General overview

60

Activities of FIs and RegTech providers

61

Use of technology-based innovations

62

Benefits, challenges and risks associated with use of ICT security RegTech solutions

63

Case study

65

4.5 Creditworthiness assessment

66

4.5.1 General overview

66

4.5.2 Activities of FIs and RegTechs

67

4.5.3 Use of technology-based innovations

68

4.5.4 Benefits and challenges associated with use of CWA RegTech solutions

69

4.5.5 Case studies

71

5. Conclusions and way forward

73

5.1 Conclusions

73

5.2 Way forward

77

6. Annex

80

3

EBA ANALYSIS OF REGTECH IN THE EU FINANCIAL SECTOR

Abbreviations

AI AML/CFT API BTS CCO CEO CFO CIO COO CRO CWA DLT DPI EEA ECB ESAs E-money ETL FIUs GIS ICT Security KPI KYC KYE LEI ML NLP POC PSD 2 PUI R&D RaaS RPA SaaS SCA SLA SME VC

Artificial Intelligence Anti-Money-Laundering and Countering the Financing of Terrorism Application Programming Interface Binding Technical Standards Chief Compliance Officer Chief Executive Officer Chief Financial Officer Chief Information Officer Chief Operating Officer Chief Risk Officer Creditworthiness Assessment Distributed Ledger Technology Distribution Point Identifier European Economic Area European Central Bank European Supervisory Authorities Electronic Money Extraction, Transformation and Load Financial Intelligence Units Geographical Information System Information & Communication Technology Security Key Performance Indicator Know Your Customer Know Your Employee Legal Entity Identifier Machine Learning Natural Language Processing Proof-Of-Concept Payment Services Directive 2 Process Unique Identifier Research & Development RegTech-as-a-Service Robotic Process Automation Software-as-a-Service Strong Customer Authentication Service Level Agreement Subject Matter Expert Venture Capital

4

EBA ANALYSIS OF REGTECH IN THE EU FINANCIAL SECTOR

Executive Summary

The EBA is focused on monitoring financial innovation, promoting knowledge-sharing and fostering technological neutrality in regulatory and supervisory approaches.

Article 31 of the European Banking Authority (EBA) Founding Regulation (EU) No 1093/2010 mandates the Authority to promote supervisory convergence and facilitate entry into the market of actors or products relying on technological innovation, in particular through the exchange of information and best practices. The aim of this mandate is to contribute to the establishment of a common European approach towards technological innovation.

The use of innovative technology in the financial sector continues at fast pace. RegTech, defined as any range of applications of technology-enabled innovation for regulatory, compliance and reporting requirements implemented by a regulated institution (with or without the assistance of RegTech provider), has the potential to make compliance more effective in the European financial sector.

Financial institutions using RegTech solutions highlight enhanced risk management, better monitoring and sampling capabilities, and reduced human error as the main benefits of use of RegTech solutions. Meanwhile the RegTech providers emphasise the ability to increase efficiency, quell the impact of ongoing regulatory change and improve effectiveness as key benefits associated with the use of their RegTech solutions.

However, RegTech solutions, if not properly implemented, may give rise of risks for FIs that would need to be identified, monitored, and managed. These risks may relate to, for example, compliance, concentration, business continuity, ICT and security, reputational, internal governance, conduct and consumer protection, or technology. At the same time RegTech may give rise to new risks for competent authorities supervising FIs that use RegTech solutions. In particular, potential risks may arise when trying to assess the effectiveness and reliability of the technological solutions used by FIs, and there may be a potential lack of the skills and tools needed to supervise the use of technology-enabled RegTech solutions, for example, when trying to audit the underlying algorithms.

As a result, a balanced approach is needed to acknowledge RegTech benefits and create an innovate-supportive environment, but at the same time to closely monitor and be prepared to manage any associated risks.

Against this backdrop, RegTech implementation is not without its own challenges. The table below provides a summary of the main challenges from the perspective of FIs and RegTech providers.

5

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download