Technology and regulation are intersecting in ways that create uncertainty in a number of areas, but for those who work in compliance, the big question is whether advanced technologies like artificial intelligence and blockchain will ultimately replace people.
It’s a fear that some banks have already faced head-on. When BBVA Compass recently began using robotic process automation to carry out specific pieces of compliance, such as retrieving statements, employees were worried.
“That’s the wildfire that ran through our teams — I’m going to lose my job,” Lyn Hall-Fore, U.S. director of BSA/AML compliance at the bank, said onstage at this week’s SourceMedia RegTech conference in Brooklyn.
To address this concern, she held quarterly town halls, showed the staff what the bots were going to do and created videos about the new tech.
“We worked hard to make sure everybody knew this was not going to replace them,” Hall-Fore said. “We told them, this is to make your job easier and better and give you more capacity to think, but still meet your production quotas.”
Indeed, if there’s a common response to the question from many in the industry, it’s that jobs won’t be replaced, they’ll be better.
“Technology is not going to steal our jobs,” said Gene Ludwig, CEO of Promontory Financial Group and a former comptroller of the currency. “We will have more interesting jobs that will change.”
Ludwig is at the forefront of the issue after selling his consultancy group to IBM so it can help train Watson, the company’s artificial intelligence system. Watson is being programmed to handle anti-money-laundering, trade surveillance and compliance management.
Ludwig also suggested that with Watson’s help, people could spend less time in meetings.
He described Watson as a helper elf that assists people in the work they’re required to do.
But Dan Kimerling, a venture capitalist who until recently was in charge of research and development at Silicon Valley Bank, expressed skepticism.
“Of course [regtech] is going to cause us to fire people,” he said. “Why would we invest in the software if we can't find cost savings somewhere else? And of course it would never allow us to avoid boring meetings because we work in banks and essentially all the meetings are banal.”
But that hasn’t been Hall-Fore’s experience. So far, BBVA has created four bots — small sets of code that execute simple, repetitive tasks. Each has an employee ID, so it’s auditable.
The efficiencies from the two bots are enough that Halle-Fore isn’t planning to hire additional staff for 2018, but she expects the workload to grow.
“This is allowing me to free up manpower to do something more innovative, more challenging, looking at the risks, seeing how we're going to monitor those, and moving away some of that administrative and managerial aspects that were a waste of time,” she said.
Jo Ann Barefoot, CEO of the Barefoot Innovation Group and co-founder of Hummingbird Regtech, offered a vision for how regulation could be transformed by regulation technology into something that looks and feels completely different from what we have today.
For instance, regulators could adopt Apple’s App Store model.
“The regulators could say, if you want to innovate in compliance, you can be on our App Store platform, you have to meet these standards, then have at it — innovate rapidly instead of slowly. We'll watch over it,” Barefoot said.
Regulators could issue rules in the form of computer code that would be self-executing: Banks could plug it in and they and their supervisors would know they are compliant.
There could also be a shared pool of real-time data that regulators and banks could look at. This would replace the sampling examiners do and the annual, monthly and quarterly reports banks have to provide. And regtech could provide an alternative for identity verification, Barefoot said.
“The data breach at Equifax is an example of the fact that we're kidding ourselves by thinking our identities are somehow protected by having a unique Social Security number,” Barefoot said. “Our Social Security numbers are all over the dark web and for sale. We need new digital methods.”
A combination of biometrics, attestations in which people vouch for each other, and monitoring behavior patterns could provide identity verification.
Technology has already started affecting regulation, Barefoot said.
Some regulators, she said, are working on providing regulation in formats that are machine readable and easily searched, so companies can determine whether they apply to them. Others, including the Securities and Exchange Commission, are using AI to help find misconduct and insider trading.
Banks are starting to overhaul anti-money-laundering practices by sharing data and suspicious activity topologies.
Barefoot suggested three things must occur before enlightened regtech can be possible.
One is more collaboration between regulators, policymakers, financial services executives, tech people and advocates.
“We have a problem with being able to talk to each other,” Barefoot said.
Another is regulatory sandboxes.
“The regulators themselves need a chance to get hands on with new technologies, understand what's good and what the emerging risks are,” Barefoot said. “If you've got several regulators who only see fintech through looking at a bank that has a partnership with it, which is what happens today, they're not going to understand deeply and they need to get more ability to run experiments, get empirical information, do those things innovators do, learn fast through trial and error in test bed environments.”
And third, she suggested creating a separate channel for regtech.
“Instead of trying to figure out what we should do to this whole massive system, we should leave it there and start building something small on the side of it, use experimentation and let companies and regulators try their own solution in an innovative lab-type design.”
Ultimately, Barefoot sees the creation of a new system that runs parallel to the old — at least for now.
Banks could either stay regulated the way they are today, or “come into this new system, plug your data in to ours, we'll agree on standards by which we're going to evaluate it, we'll catch problems early,” she said. “And if you do this, we're not going to make you do all the compliance stuff you have to do over here, because we don't really care how you got there, as long as we're empirically sure you did. Over time, maybe someday the big old system will wither away because people will have opted in to the new one.”
Editor at Large Penny Crosman welcomes feedback at firstname.lastname@example.org