What is SupTech?
A technology segment that is experiencing a lot of spotlight right now is called RegTech. RegTech enables companies to be more effective at meeting their regulatory and compliance obligations. Since the crisis, financial regulations have increased, and other regulations have followed suit (in manufacturing, data privacy, etc.) The result is that companies, especially enterprise, have a myriad of compliance obligations that are very time consuming and for which they are at risk of being penalized. RegTech addresses this problem, helping those companies to automate their internal data collection, analysis, reporting, attestation, etc.
But there is now an emerging subset of RegTech called SupTech, short for supervisory technology. The idea is that it’s not just regulated entities that can benefit from tech, but also the regulators themselves.
The most often cited motivations for developing SupTech applications are:
1. Enhanced effectiveness of the regulator e.g. by automating some or all of the data collection and data analysis steps, detecting compliance issues automatically
For regulators, a major consideration is how well they are preventing non-compliance or catching it if it does occur. How many cases can they look at? How deep can they dive into the data? How quickly can they spot problems? (see article)
2. Reduced costs e.g. through improved data collection and validation before it reaches the officer. One vendor, Vizor, mentions that it is common to see poor data provided by regulated entities, which in turn can lead to errors by staff, all of which is time consuming too resolve. The "Rule of Ten" is that it costs 10x more to complete regulatory work when the data is flawed. "In some cases, regulators have been known to spend up to 16 weeks chasing, checking and validating data".
3. New capabilities that aren’t possible by humans alone, such as scanning huge volumes of market data to detect suspicious activity like insider trading and market manipulation. An experimental capability in the case of RPO might be performing real-time scanning of media to detect suspicious PSP behavior or public sentiment toward particular PSPs.
SupTech Areas of Innovation
SupTech initiatives today fall into 2 major areas of the supervisory process: Data Collection and Data Analytics. Our RFSQ focused on the “Data Management” area highlighted in yellow, which is the low-hanging fruit that can be addressed with relatively mature technology today.
Still Early Days…
The 2018 paper Innovative technology in financial supervision (suptech) – the experience of early users shows the early state of the market. Some central banks are experimenting with advanced tech like cloud computing, AI/ML, NLP, etc. in these areas.
Independent SupTech Vendors
These solutions focus on data collection, data validation, workflow engine and reporting. They all list central bank clients who use their software to support regulatory/supervisory activity. The two most cited are Vizor and BearingPoint.
BearingPoint (Abacus Regulator)
Donnelly Financial Solutions (DFIN)
Of course, it is also likely that the vendors we have invited to the RFSQ will propose a custom solution that simply integrates existing mature products. If so, it is possible they will propose an iBPMS solution such as Pegasystems, Oracle, Appian, AgilePoint as the workflow and business rules engine.
Here is an illustrated example of Oracle’s BPM solution, part of Oracle’s middleware, being used to design a workflow for a central bank (“In this demo I will be simulating a Banking Supervision process where a specific department of a Central Bank is responsible for over-sighting it's financial institutions and based on certain decision points various documents are required to be generated.”)
Gartner’s 2019 Magic Quadrant for iBPMS lists trade-off’s of 20 major vendors in the space. For example, AgilePoint is easy-to-use and has a strong integration with Microsoft Dynamics , but its analytics and decision support capabilities are limited, a trade-off to consider. ServiceNow has workflow engine capabilities, but is not considered a full-featured BPM solution.
Reporting aka Data Visualization
In a supervisory regime, reporting and data visualization requirements must be carefully considered.
IBM for example makes the case for its advanced visualization package that most BPMs don’t have out of the box: “Many supervisory agencies apply technology for data visualization. Data after all do not equal information. Powerful visualization tools are required, given the quantity, density and complexity of data, to present information to supervisors in a readily comprehensible way. IBM i2 and associated iBase information schemes are applications for data and network visualization analytics used by ASIC to represent temporal, associative and causal relationships from structured data sources.”
Abacus Regulator visualizes reported data in reporting templates or tables “depending on the definitions by EBA, EIOPA or ECB.” I believe these are European central bank reporting standards. Will we have any specific reporting format or standard to meet for external authorities?
XBRL data standard
As SupTech shifts the industry from documents to machine-readable structured data there is growing interest in the XBRL standard, an offshoot of XML, that is already used by a handful of financial institutions internationally. In 2018 SEC made the decision to mandate the use of XBRL. The U.S. Federal Energy Regulatory Commission (FERC) announced a plan to transition from document-based reporting to standardized XBRL data reporting and analysis. The long-term goal of using structured data, in particular using an industry standard format, is to make filing easier, more consistent and accurate for filers, and for regulators make information that was difficult to use more searchable and user-friendly.
Today XBRL is still just an emerging standard and one of the drawbacks is a lack of semantic context of XBRL tags (basically, every regulators and regulated entities can create their own custom XBRL tags and there’s no established standard on how to interpret custom tags). FIBO is an initiative to make XBRL more semantically meaningful, still allowing for custom tags but that must derive from a standard set of base tags.
Pitfalls of IT Solutions Today
Some pitfalls noted across the literature in using IT solutions for supervisory work:
Updates on SupTech are provided at the regular Central Banking FinTech and RegTech Summit as well as other FinTech conferences.