Register For Our Mailing List

Register to receive our free weekly newsletter including editorials.

Home / 162

Regtech evolution as compliance drives us crazy

Counting the volume of in force regulation hardly sounds exciting, but it was the necessary starting point for the Federal Government’s deregulation agenda. The results were startling to say the least.

It turns out that two years ago, the Federal regulatory footprint consisted of about 1,800 acts and over 83,200 subordinate instruments and quasi-regulations. And that doesn’t include state and territory regulation or global regulation that impacts on Australian businesses.

Deloitte Access Economics puts the cost of compliance with Federal and State regulation at $95 billion p.a. and - even more disturbing –the cost of complying with self-imposed red tape at an additional $160 billion. That’s $28,000 per household. According to Deloitte, compliance workers are now an alarming one in every 11 workers in Australia!

While the Federal Government reports some progress in reducing the cost of compliance through its deregulatory agenda, it appears to be taking three steps forward and 2.9 steps back as new regulation continues to proliferate.

The problem isn’t limited to Australia. Thomson Reuters’ 2015 Cost of Compliance survey reported that regulatory fatigue was expected to increase globally due to snowballing regulation. Firms were facing difficulties finding and retaining suitably skilled compliance staff due to increased stress and potential personal liability. And regulatory matters are reportedly consuming disproportionate amounts of board time, from correcting non-compliance and preventing further sanctions, to implementing structural changes to meet new rules.

Financial services bears its fair share, probably a disproportionate share, of this burden. Indeed, managing regulation and compliance is one of the biggest challenges for financial services businesses today. It’s all very well to aspire to offer world-best customer service, but in many areas, attempts to do so are stymied by compliance and reporting obligations.

So its little wonder that businesses are increasingly turning to technology to help solve the problem. We’ve seen two distinct waves of regulatory technology development – and we are on the cusp of a third and even more exciting wave.

Wave 1 – Governance, risk and compliance programmes

Governance, risk and compliance (GRC) programmes are a ‘linear’ response to the proliferation of regulatory requirements (that I fondly think of as ‘list and tick’). They offer an online database of regulatory obligations. More advanced applications offer users the ability to customise the obligations to their unique business requirements, add internal business rules, allocate responsibilities and capture reports on the progress and success (or otherwise) of compliance efforts. Worthy Australian providers include CompliSpace, SAI Global and LexisNexis.

Modelled on enterprise risk management tools, these systems have become essential to businesses operating in complex environments to help catalogue and manage the ever increasing regulatory burden.

One thing they don’t do is reduce that burden.

All those tasks still need to be allocated to someone. And policies, procedures and tools still need to be developed. Employees need to be trained, supervised and monitored. Regular internal and external audits need to be undertaken to check that the policies and procedures are working. And periodically, the entire system needs to be reviewed for effectiveness. It’s exhausting just to think about!

The other thing they don’t do is detection.

List and tick programmes are only as good as the data that users contribute. If a person falsely self-certifies, if an overworked compliance manager ‘fudges’ a monitoring report (just this once!), if a regulatory obligation gets missed or misinterpreted - the assurance reports on which boards rely so heavily could be compromised.

Are they useful? Absolutely. Are they effective to prevent or deter regulatory breaches? Only in the same way that an inventory is useful to tell a business how much stock it has on hand.

Wave 2 – Surveillance

The excesses that led to the GFC, the financial planning and insurance scandals and even the alleged bank bill swap rate rigging are testimony to the fact that the comfort that boards and compliance teams have taken in Phase 1 GRC programs is somewhat misplaced.

After the GFC, in response to the need to prevent such catastrophic market failures going forward, a new wave of surveillance tools emerged.

For example, NASDAQ’s SMARTS surveillance technology, which ASIC began using in 2010, enabled regulators and trading marketplaces to analyse trends in market data and identify suspicious trading activity such as insider, high-frequency and algorithmic trading. Today, ASIC has the capacity to continuously monitor suspicious trading patterns that can indicate market misconduct in real time. Because ASIC will investigate and, as we have seen, prosecute such conduct, trading houses can ill afford not to invest in similar technologies.

The downside of these technologies is that the sheer volume of data produced by these systems can create unmanageable overload. It’s all very well to know about a problem but if you have so many that you can’t effectively deal with them, the information is of limited use.

There is a clear scope for further development of trading surveillance using artificial intelligence which mimics the way the human brain works. Together, data mining, pattern recognition and natural language processing have the ability to distinguish conduct which poses serious risk of non-compliance. This advanced intelligence will help regulators and compliance workers to make better informed and faster choices about prioritising, mitigating and managing regulatory risk. Everyday compliance tasks like fraud detection, currency monitoring and reporting to regulators are increasingly being automated.

Wave 3 – Prevention, rather than cure

Wave 3, which is in its early stages, is being driven by the fact that Wave 2 technologies can only focus on real time or after-the-event detection and reporting. This inevitably requires considerable compliance resources to monitor, manage and rectify problems once detected. The challenge has been exacerbated by social media which has exponentially expanded what needs to be monitored.

When 9% of our workforce is engaged in compliance work, we have surely reached an inflection point. Diverting ever more productive resources into regulatory activity doesn’t make economic sense. And the deregulation agenda is hardly likely to solve the problem in any timely fashion. So there appears to be a golden opportunity for more innovative technology solutions.

What might they look like? Well, an ‘ounce of prevention’ has been worth a ‘pound of cure’ since the expression was coined by English jurist, Henry de Bracton in 1240. It’s time for technology to turn its attention to prevention. Real time. Before the event. And as operational processes are increasingly being automated, compliance requirements can and are increasingly being built into the technology.

The exciting advance offered by Wave 3 technologies is the ability to deploy artificial intelligence and other machine-learning techniques within process gateways so that breaches can be detected when, or even before, they occur and rectified before completion of the activity.

Wave 3 technologies, or regtech as they’re now known, will enable firms to detect and manage regulatory and other risks before they even occur. Although Anti Money Laundering – Counter Terrorism Financing identification and verification currently appear to be the most well developed applications, a number of novel applications are evolving out of stealth mode as artificial intelligence capabilities are advancing.

Regulators worldwide are watching these developments with interest. In the UK, the Financial Conduct Authority has called for input on how regtech can deliver outcomes that improve efficiency, transparency and collaboration. The Bank of England has announced an accelerator to work with fintech firms on its unique challenges. And a global regtech capital markets conference is taking place in London in July to debate the need for a 'regtech commons'. Closer to home, ASIC is about to establish a dedicated regtech team and AUSTRAC is actively reaching out to fintech startups.

In a world where poor conduct can be detected and prevented at source, we might even see an acceleration of the deregulatory agenda!

 

Claire Wivell Plater of The Fold Legal is a leading financial services and credit lawyer. She actively advises both digital and ‘analogue’ businesses on commercial and regulatory issues and is a member of the Federal Treasurer’s Digital Advisory Group.

 


 

Leave a Comment:

RELATED ARTICLES

CBA, AUSTRAC and our Orwellian privacy laws

banner

Most viewed in recent weeks

Raising the GST to 15%

Treasurer Jim Chalmers aims to tackle tax reform but faces challenges. Previous reviews struggled due to political sensitivities, highlighting the need for comprehensive and politically feasible change.

7 examples of how the new super tax will be calculated

You've no doubt heard about Division 296. These case studies show what people at various levels above the $3 million threshold might need to pay the ATO, with examples ranging from under $500 to more than $35,000.

The revolt against Baby Boomer wealth

The $3m super tax could be put down to the Government needing money and the wealthy being easy targets. It’s deeper than that though and this looks at the factors behind the policy and why more taxes on the wealthy are coming.

Are franking credits hurting Australia’s economy?

Business investment and per capita GDP have languished over the past decade and the Labor Government is conducting inquiries to find out why. Franking credits should be part of the debate about our stalling economy.

Here's what should replace the $3 million super tax

With Div. 296 looming, is there a smarter way to tax superannuation? This proposes a fairer, income-linked alternative that respects compounding, ensures predictability, and avoids taxing unrealised capital gains. 

The rubbery numbers behind super tax concessions

In selling the super tax, Labor has repeated Treasury claims of there being $50 billion in super tax concessions annually, mostly flowing to high-income earners. This figure is vastly overstated.

Latest Updates

Investment strategies

Trump's US dollar assault is fuelling CBA's rise

Australian-based investors have been perplexed by the steep rise in CBA's share price But it's becoming clear that US funds are buying into our largest bank as a hedge against potential QE and further falls in the US dollar.

Investment strategies

With markets near record highs, here's what you should do with your portfolio

Markets have weathered geopolitical turmoil, hitting near record highs. Investors face tough decisions on valuations, asset concentration, and strategic portfolio rebalancing for risk control and future returns.

Property

Soaring house prices may be locking people into marriages

Soaring house prices are deepening Australia's cost of living crisis - and possibly distorting marriage decisions. New research links unexpected price changes to whether couples separate or silently struggle together.

Investment strategies

Google is facing 'the innovator's dilemma'

Artificial intelligence is forcing Google to rethink search - and its future. As usage shifts and rivals close in, will it adapt in time, or become a cautionary tale of disrupted disruptors?

Investment strategies

Study supports what many suspected about passive investing

The surge in passive investing doesn’t just mirror the market—it shapes it, often amplifying the rise of the largest firms and creating new risks and opportunities. For investors, understanding these effects is essential.

Property

Should we dump stamp duties for land taxes?

Economists have long flagged the idea of swapping property taxes for land taxes for fairness and equity reasons. This looks at why what seems fairer may not deliver the outcomes that we expect.

Investing

Being human means being a bad investor

Many of the behaviours that have made humans such a successful species also make it difficult for us to be good, long-term investors. The key to better decision making is to understand what makes us human and adapt.

Sponsors

Alliances

© 2025 Morningstar, Inc. All rights reserved.

Disclaimer
The data, research and opinions provided here are for information purposes; are not an offer to buy or sell a security; and are not warranted to be correct, complete or accurate. Morningstar, its affiliates, and third-party content providers are not responsible for any investment decisions, damages or losses resulting from, or related to, the data and analyses or their use. To the extent any content is general advice, it has been prepared for clients of Morningstar Australasia Pty Ltd (ABN: 95 090 665 544, AFSL: 240892), without reference to your financial objectives, situation or needs. For more information refer to our Financial Services Guide. You should consider the advice in light of these matters and if applicable, the relevant Product Disclosure Statement before making any decision to invest. Past performance does not necessarily indicate a financial product’s future performance. To obtain advice tailored to your situation, contact a professional financial adviser. Articles are current as at date of publication.
This website contains information and opinions provided by third parties. Inclusion of this information does not necessarily represent Morningstar’s positions, strategies or opinions and should not be considered an endorsement by Morningstar.