FINRA’s Move to Foster Regtech

The end of 2018 found the Financial Industry Regulatory Authority (FINRA) busy issuing guidance on several fronts, including the release of a report on “Technology Based Innovations for Regulatory Compliance (“RegTech”) in the Securities Industry” in September. The report highlights the opportunities and risks financial services firms face in selecting and implementing emerging technologies for regulatory and compliance purposes. From the perspective of regulatory technology (regtech) providers, the openness of FINRA’s open approach to regtech is encouraging. 

FINRA noted that nearly 20 percent of financial services firms have implemented some type of regtech and described several areas where emerging regtech can assist firms in oversight and risk management. FINRA observed that artificial intelligence, natural language processing and biometrics “present great opportunities for firms to develop and use applications that may enhance existing compliance at reduced costs.” A firm’s decision to implement a regtech solution will require an analysis of how it solves a specific compliance problem and aligns to its existing business and oversight processes to result in meaningful efficiencies.

Functionally, surveillance and monitoring are areas where regtech is gaining “substantial traction,” per FINRA. For example, regtech tools may allow firms to move from traditional lexicon-based search and supervision methodologies toward risk-based approaches to these practices. That’s an area where continuously improving tools with machine learning and AI tools can do things like identifying potential high-risk regulatory and security issues in voice and video content to facilitate more effective compliance reviews. These types of tool capabilities can achieve what FINRA outlines as one of the key goals of a successful regtech solution: a technology that can be used to “obtain more accurate alerts and enhance compliance and supervisory staff efficiencies.” Throughout the regtech statement, FINRA makes it clear that these efficiencies — reducing time spent on manual reviews or engaged in aggregating data — are essential benefits of a regtech solution.

FINRA emphasizes that innovative approaches to problem-solving through technology are not limited to regtechs themselves. Regulators like the U.K.’s Financial Conduct Authority (FCA) have made their rulebooks machine-readable to encourage the development of interactive technologies that can be built around open data sets. We see FINRA’s own Innovation Outreach Initiative as playing a key role in the adoption of regtech solutions. FINRA’s engagement with member firms, vendors and the public are already leading to collaborative, impactful guidance and the evolution of new technologies to solve compliance problems.

Finally, FINRA offers implementation suggestions to broker-dealers, advising them of important considerations for selecting and deploying regtech applications. Broadly, FINRA observes that regtech allows for more seamless integration of compliance into existing firm protocols, “making rule compliance part of the business process.” Furthermore, from a vendor selection perspective, FINRA highlights that a regtech’s understanding of the legal and practical implications of broker-dealer and other relevant rule sets are critical. Successful regtech vendors are drawing on subject matter expertise across the legal, compliance and information security domains to ensure their software meets regulatory and industry expectations around supervision and security – for example, proactively leveraging FINRA requirements on electronic communications supervision (Rule 3110) and advertising and marketing (Rule 2210) to design mechanisms to identify and escalate potential compliance violations, as well as ensure that subsequent reporting and archiving of evidentiary content is consistent with the books and records obligations (Rule 4511).

All regtech providers and the Financial Institutions that use regtech should be encouraged by FINRA’s active participation in developing a roadmap for innovation in the regtech space. In fact, at FINRA’s RegTech Conference panel, participants discussed the issues above, as well as the importance of identity management and validation, the continued emphasis on understanding pertinent regulatory requirements and tips for the selection and deployment of regtech software. In light of the September report and the comments from the Conference last week, we should all be looking forward to continuing the dialogue in the year ahead.