Back in October 2014 we wrote about how Compliance was a huge market opportunity. However it maybe one of those markets where the problem is blindingly obvious but the solution is non-trivial. Nearly a year later I still do not see the Regtech Compliance killer system; if it is hiding in plain sight please tell me. So I got to thinking about what a great Regtech Compliance solution would look like, so that if I ever spotted a beast like this in the wild I would recognize it.
Here are the 5 attributes that a Regtech Compliance killer system should be able to offer:
- Real time and in context. Lots of data is just “digital landfill” unless it is delivered “just in time and in context”. Just in time means that the data is made available in real time even if it is not consumed in real time. It is not relevant until it is relevant in context. For example, consider a conflict of interest statement. The fact that a family member just moved into a conflict of interest position is only useful if delivered within the context of a system where you need to declare any conflicts.
- Legacy integration. Any solution that involves changing legacy system is a showstopper. It is a weakest link issue. Just one legacy system that is not integrated could be your compliance nightmare. Combining 1 & 2 (real time and in context plus legacy integration) is tough. Rewriting all apps to be compliant is easy (ahem, expensive and takes too long). Doing integration according to the constraints of decades old batch systems is easy but won’t be real time and in context.
- Understanding the risk/reward trade off. Perfect Compliance is like Perfect Security. It is totally simple to design a perfect Compliance system. Any bureaucrat can do that. The problem is that you will stop business or encourage people to ignore it. In the real world it is a trade off. You have to enable people to do their jobs without putting the business into great danger. Traders understand this. All opportunity has risk.
- Immutable. This is is where Blockchain technology could be a break through. A shared database where all parties can trust that nobody can change the database is a big deal.
- Rules based user interface for non-programmers. Apart from death and taxes, we can be confident that compliance rules will change and grow in complexity. Unless a compliance person can “code” these rules using legal language rather than programming code, any solution will quickly become obsolete.
In short, this is difficult, but the prize is still big.