2024 is proving another standout year for the regulatory space, finding itself under the spotlight, for better and worse reasons. This month, The Fintech Times will look at some of the biggest issues regarding compliance and financial rules, as well as the solutions hoping to ease the compliance journey for firms and make the fintech world fairer and safer.
Kicking off our regtech focus this month, we will look to establish the biggest challenges that companies currently face when trying to ensure compliance within the fintech industry.
Regulatory rules are constantly changing, with new ones being introduced at a rapid rate. While firms are often given time to transition and adapt to these changes, a vast number of challenges remain. But what are the biggest obstacles facing firms? We asked industry experts to find out.
Keeping compliance teams on their toes
Olympe Leflambe, general counsel, legal and compliance at Mangopay
“The regulatory framework evolves constantly, and it can be challenging for compliance teams to change their operations so frequently,” explains Olympe Leflambe, general counsel, legal and compliance at Mangopay, the payment infrastructure provider. “Even with agile teams and tools, changes can be disruptive, especially when legislation hasn’t yet caught up with technology”.
But it’s not just falling foul of regulatory rules that teams need to be wary of.
Leflambe continues: “In parallel, fraudsters leverage new technology very quickly (for instance, using deepfakes to circumvent liveness checks) and compliance teams must remain very vigilant about new controls not being outdated as a result.”
A ‘double-edged sword for compliance teams’
Matthew Franzyshen, business development manager at Ascendant Technologies, a full-service IT company, explains how the rapid evolution of artificial intelligence (AI) has both positively and negatively impacted compliance.
Matthew Franzyshen, business development manager at Ascendant Technologies
“I think the pace with how technology is evolving is a double-edged sword for compliance teams. On one hand, these technological advancements help make the work more efficient, simple, and agile. It helps create a space where compliance teams can focus on hard-hitting issues rather than waste time on mundane work.
“However, the emergence of these technologies means that regulations to monitor their proper usage also crop up. Case in point is the wrongful usage of AI and machine learning, which poses tons of cybersecurity risks for companies. Tons of fraud and scams have come about due to these technologies, of which compliance teams need to prepare and be aware of to protect the integrity of the company. The biggest issue, though, is that new scams crop up faster than older ones are addressed. Keeping up with this can be a true headache.”
Changing state to state
For firms in the US, a fragmented regulatory landscape across states can also leave roadblocks for compliance teams to overcome explains Gale Simons-Poole, chief risk officer at BHG Financial.
Gale Simons-Poole, chief risk officer at BHG Financial
“BHG occupies a distinct position in the lending landscape: we are a non-bank lender that works with banks and so we interact frequently with federal and state regulators. One of the biggest challenges that compliance teams are facing is making sure their teams are staying on top of ever-changing regulations.
“States have interests and priorities that differ from federal regulators, which makes this more challenging and even more important.
“Regulations also change every year, and it is imperative to keep a diligent eye on them, which is why BHG has built such a robust regulatory team with deep regulation and compliance expertise to ensure we’re staying on top of the shifts and that we are always in compliance.”
Preparing for DORA
Meanwhile, firms in the European Union have a different challenge to consider altogether. Guy Mettrick, industry vice president at process automation platform Appian, discusses the impact incoming regulatory rules could have.
Guy Mettrick, industry vice president at Appian
“The Digital Operational Resilience Act (DORA) represents a huge challenge for compliance teams. The regulation, coming into force in January 2025, will add the complexity of enhanced governance across the entire supply chain. In response, compliance teams must integrate sophisticated risk management across supply networks and third-party relationships.
“Renegotiating contracts and updating service-level agreements (SLAs) within tight deadlines adds to this burden. The increased compliance complexity and costs necessitate substantial investment in technology and training. Regular resilience testing and reporting further strain resources.
“Lastly, shifting towards a centralised compliance approach requires significant organisational restructuring and adopting advanced automation and AI technologies.”
‘Headache’ over new rules
“From a data privacy and cybersecurity perspective, I think the greatest challenge for compliance teams currently is keeping abreast of all the legislation, rules and regulations applicable to their organisation,” says Sarah Pearce, partner at law firm Hunton Andrews and Kurth.
Sarah Pearce, partner at Hunton Andrews and Kurth
“Compliance teams have robust GDPR frameworks in place but there are a wealth of other rules and regulations applicable to those operating in the financial services sector that require additional processes and procedures to be put in place – and new rules and regulations are constantly emerging.
“In the EU for example, the NIS2 Directive, introduces a new era of EU cybersecurity legislation and must be transposed into national law of the EU Member States by October 17, 2024. Also in the EU, DORA is specifically directed at the financial services industry and is aimed at strengthening the IT security of financial entities and making sure that the financial sector in Europe is able to stay resilient in the event of a severe operational disruption.
“The rise of AI and the EU AI Act, together with other laws emerging globally provides an additional headache for fintech compliance teams given the multiple use cases likely within such organisations.
“There will be some overlap for with existing requirements and compliance teams can, to some degree, leverage existing practices and frameworks but there are undoubtedly requirements coming in that are entirely new and will require extensive additional operational implementation.”
The rising cost of compliance
For Daniel Bedford, research analyst at Juniper Research, the rising cost of compliance is one of the biggest challenges facing compliance teams.
Daniel Bedford, research analyst at Juniper Research
“The floor is constantly being raised, and leaving businesses to balance regulatory obligations and financial efficiency. Compliance cost encompasses the salaries of compliance staff and their training, regulatory reporting costs, investment in technology upgrades, audit and legal fees, and the cost of implementing new regulatory guidelines and procedures.
“Rising costs are driven by different factors for every organisation, often being dependent on the industries they operate in, such as financial services or healthcare, which have more stringent reporting requirements and heavier fines. For organisations with a more global reach, operating across multiple jurisdictions will result in businesses being subject to varying regulatory regimes, which can drive up the cost of compliance significantly.
“Additionally, specific industries or jurisdictions come with varying levels of regulatory complexity, with growth of standards, laws, and other regulations, which can make compliance more complex and more costly. In order to combat these difficulties, we recommend that compliance teams invest in future-proof technology, that can provide automation and high-throughput analysis, allowing compliance teams to unlock efficiencies better manage their resources, meaning humans can intervene at the right time and avoid manual administration.”
Addressing the challenges
Finally, Lucy Huntley, banking success director at FullCircl, shares insight into how firms can begin to address these challenges, urging them to aim for a well-balanced approach to compliance.
Lucy Huntley, banking success director at FullCircl
“New rules and updates are continually being introduced, and staying on top of them is no mean feat. It’s perhaps an unspoken challenge but compliance teams are often perceived as a roadblock to the delivery of superior customer experiences and therefore growth. The reality is actually the opposite, a well-balanced approach to compliance can have a hugely beneficial impact, both reputationally and financially, with fewer cases of fraud and money laundering.
“Technology has a key transformative role to play here. A move away from manual processes and workflows towards a more dynamic tech and data-driven compliance strategy helps keep pace in a way that balances the dual challenges of stringent regulatory compliance and delivery of superior customer experiences.”
The post What are the Biggest Challenges Facing Compliance Teams? appeared first on The Fintech Times.
