SEI’s Kevin Byrne on why it’s imperative for firms to consider how they use data if they want to remain competitive. Clean capture is crucial, as is flexibility to adapt to a continually changing security environment.
It seems the answer to every question recently has been “more data.” As our data pools grow, so too must our technological capabilities to process it – and protect it. Data privacy laws are proliferating, and as investors are asked to provide more information about themselves, the investor experience has become an integral component in the success of any regulatory program.
Striking A Balance – at Least Half of One
On the one hand, you have multifaceted regulatory challenges and, based on the location and number of jurisdictions in which you operate, you may also have myriad reports and filings with strict deadlines and specific data requirements. On the other hand, you have investors of varying sophistication and size who are looking for increased transparency, but also wary of offering that same transparency into their own personal data. And it’s understandable; with every announcement of a new leap forward in technology automation – AI, IoT, NLP and so on – comes a different report questioning the safety and motives of said leap, holding up a data breach as evidence.
So, where is the balance? Regulatory bodies have feet firmly planted on their side of the data requirement seesaw. Anti-money laundering and know your customer regulation (collectively called AML/KYC) have had a dramatic influence on investor experiences in recent years. By design, these rules force financial institutions to dig deeper into their clients’ affairs. Devised with the goal of making it harder for criminals and terrorists to do business, AML/KYC policies and processes have also produced less desirable effects related to more intrusive client due diligence. The balance, therefore, must come in the overall experience you offer your investors as you request, retain and report ever increasing amounts of data from them, about them and for them.
To be clear, this is not to say regulatory demands are a bad thing. In the United States, both AML/KYC and the Foreign Account Tax Compliance Act (FATCA), two major regulatory changes in the early part of the 21st century, continue to profoundly affect the digital domain within financial services. One is rooted in a broad crackdown on tax evasion, while the other has its roots in the war on terror. Both have their basis in thwarting criminal behavior; both have affected asset management organizations far beyond the U.S. borders.
FATCA caused ripples to spread throughout the global financial services ecosystem, forcing banks and investment firms to re-examine their processes and technology, not to mention their investor or client base and the information about them they disclose. It also requires inputs from front-, middle- and back-office operations. It is, therefore, crucial that compliance systems be as thorough and discrete as possible while also being automated and efficient.
Regulatory initiatives in Europe are having a similarly global effect, but the focus has been on data privacy. The General Data Protection Regulation (GDPR) of 2016 was formulated to give people control over their personal data and govern the movement of that data outside of Europe. Meanwhile, GDPR and similar laws are spurring innovation by those seeking to develop effective solutions for the issue of data privacy and portability. And again, we see the need for balance here as well. The most efficient ways of gathering or analyzing data may not be the most effective ways when it comes to delivering that data to regulators. Building a platform without taking both sides of that data equation into account could result in a more cumbersome process rather than a better one.
Whether they realize it or not, regulatory bodies are shaping the investor experience as they go. With very little wiggle room around their rigid requirements, the onus falls on the manager to cut through the palaver and make the sharing of information as simple and painless as possible.
If You’re Asking for More, at Least Make it Easier to Deliver
Redesigning processes goes part of the way toward addressing these regulatory needs. The investor’s experience should be as streamlined as possible, with other stakeholders introduced at the appropriate time. If data is captured cleanly and efficiently, it not only simplifies compliance, but also enables easier audits and informs feedback loops that can further improve processes. It should be possible, for example, to prepopulate any form with previously captured information, much like one-click checkouts when shopping online. Well-designed workflows should have the added benefit of consolidating software needs and creating a streamlined, user-friendly process.
Even the most carefully designed investor experience is worth nothing, though, if it is not compliant with existing regulations. The security environment changes extremely quickly, and the push/pull between regulators and tech entrepreneurs drives further change. Innovative new technologies can quickly emerge to disrupt existing solutions and better address regulatory demands. The rapid rate of technological change, combined with an increasingly complex and globally fragmented regulatory landscape, means asset managers will ideally want to work with a partner who understands the whole ecosystem and has the ability to supply technology-enabled compliance services.
Central to this reimagined digital experience is the concept of a single golden record for investor data. Clarity about who is entitled to what data is ultimately needed. Distributed ledger technology (DLT) shows great promise in this regard, but it still remains on the periphery of the industry despite a great deal of interest and development of proofs of concepts.
Flexibility Through Technology is Key
Data drives transformation, but the emergence of certain tools and trends has given it life. Managers sit in the midst of vast overlapping pools of data containing information on market movements, investor behavior, government filings and demographic trends, to name a few. It can be hard, however, to wade through those pools and find the key nuggets of actionable intelligence. APIs provide a way for much of this data to be tied together, and successfully aggregating data is a powerful first step in analyzing it in search of competitive advantage. Ideally, with added clarity, decision-making would improve, marketing efforts would be more successful and employees would be more content.
Given the potential for abuse and fraud, data aggregation is also an area of great concern and scrutiny.
FINRA recently came out with a warning to banks and investment organizations that the risks of aggregation include the “potential vulnerability to cyber fraud, unauthorized transactions and identity theft. A key risk is that the aggregators could be storing all consumer financial information or security credentials in one place, creating a new and heightened security risk for consumers.” Aggregators agree that managing these risks is crucial, but they are also quick to point out that they are in many cases a stronger — not weaker — link.
Firms are also tackling data by applying artificial intelligence and machine learning. Portfolio management has so far been the primary area of application for cognitive computing in the asset management industry, but it is also being used to make operations more efficient, manage risk more effectively and, importantly, improve communications with clients.
Client communications, of course, are also being revolutionized in this digital age by the ubiquity of social media and mobile interfaces. Going forward, interactions will increasingly use new technology like voice recognition, augmented reality and personal assistant software. Investors already use Alexa, for instance, to retrieve their balances and transaction histories.
Adoption of new technology and processes is uneven across the industry. Inertia is a powerful force, and many managers remain wedded to the status quo. This is not altogether surprising when considering the daunting scope and potential cost associated with digital transformation. Forming partnerships with the right organizations can alleviate some of this apprehension (and cost). Service providers and technology firms can bring far more than tactical solutions, weaving together key components of a thoughtfully designed client experience.
Additionally, over the years, we’ve watched globalization and convergence push technology to be agnostic of all things – currency agnostic, strategy agnostic, vehicle agnostic, etc. – able to accept and process all types. We’ve now seen this spill into the need to be “regulator agnostic,” meaning each regulating body wants a set of specific data points and information in the format they dictate and the delivery method and timetable they require. It would be wishful thinking to hope for standardization across them all, so technology must now be flexible enough to check all those boxes. It cannot be rigidly built based on one specific request; it would be almost instantly obsolete. Instead, technology now must be designed to meet all current requirements and be ready to adjust to any potential future demands.
Initiating the process of digital transformation can be unnerving. There’s no question it is a formidable undertaking, but falling behind the digital curve is certainly a recipe for obsolescence. Flexible technology is a key component of any regulatory program, but also in building and maintaining strong investor relationships. As McKinsey notes, asset managers will need “to embrace new ways of working and adopt methods that will be foreign to standard approaches and the existing operating culture.” Yet the payoff “can be compelling.”1
1
Kevin Byrne is Managing Director of Global Regulatory Risk and Compliance within 
