We spoke with James Nicholls about what a common business language might look like, and how cultivating one has the potential to increase RegTech adoption.
James is a Managing Director at Braithwaite, specialist advisers serving the traditional financial services sector as well as fintechs, regtechs, and digital asset providers. With more than 16 years’ experience across the UK, Europe, and the US, James helps global financial services to analyse and respond to changing market dynamics and regulatory requirements.
What is a ‘common business language’?
Financial services without the jargon
The financial services industry is fraught with jargon and terminology that differs greatly from bank to bank. Organisations often speak different ‘languages’ when describing their business profile, products, services, and regulatory obligations. This ultimately results in a gap in understanding both within and between financial services firms.
Much of this disparate terminology stems from the gradual and organic evolution of the financial services industry. As new obligations, products, and market opportunities emerge, firms articulate them in different ways to attract customers.
The RegTech ecosystem is no different- many providers have unique ways of describing the regulatory obligations with which they help firms comply.
A common business language in this context refers to a shared vocabulary across two primary areas:
- The regulatory footprint of an organisation - this refers to the products and services a firm offers, the markets in which they operate, who their customers are, and what controls they deploy.
- The regulatory obligations that exist within financial institutions - a lack of common language can lead to inconsistencies in the ways in which firms define their regulatory obligations. Without consistency, firms risk missing obligations and therefore being non-compliant.
The MITRE ATT&CK cybersecurity framework
The cybersecurity market has evolved more recently and more methodically than the financial sector and has a larger pool of standardised terms which are used to refer to threats.
MITRE ATT&CK is an example of a globally accessible and standardised repository of information about the malicious behaviours used at various stages in real-world cyberattacks.
ATT&CK – which stands for Adversarial Tactics, Techniques and Common Knowledge - includes detailed descriptions of observed tactics and techniques, providing a foundation for the development of specific threat models and methodologies.
The challenges that arise from a lack of a common language in RegTech
Data Mapping
Many RegTech vendors code data models using internal frameworks derived from the regulatory obligations they seek to automate. However, these models don’t always match those within financial institutions so organisations must go through a process of matching fields from their database to the vendor’s, referred to as ‘data mapping’.
This presents two central risks:
- Misinterpretation - mapping data requires an understanding of both data models. Model documentation can be complex and unclear, as data models may have developed organically over time. As a result, it can present a huge challenge for firms. Misinterpretation can result in misreporting and extortionate financial penalties.
- Resource allocation - data mapping remains a manual task within many firms, with swarms of analysts required to evaluate and translate disparate data models. Financial institutions deal with huge volumes of data and, as a result, this process is extremely resource intensive.
Financial services firms can get locked into the vendor’s view
Complex data implementations can lock a firm into a particular vendor's including their terms and product language.
Once an institution's systems have been mapped to one vendor they cannot easily be transferred to a different solution. This can provide barriers to competition and slow innovation within the RegTech industry.
FinTech’s role in developing a common language
The emergence of FinTech can be seen as a net positive in the journey toward a common language in the financial services industry. Neobanks and fintechs have the luxury of creating new financial products without the baggage of decades of organic system evolution.
Large incumbents represent a convoluted blend of technology and processes that have emerged over decades, through various acquisitions and in-house developments. This leaves them with extremely complex system landscapes and contributes to the challenges of data modelling and systems architecture.
The solution to forming a common RegTech language
There is no ‘one size fits all’ approach
While there is no predefined path to success, the common language challenge lends itself to a horizontally scalable solution. For example, institutions can adopt a common language in one area of the organisation while rolling the same programme across the wider business in parallel.
The broader the adoption - both within and between organisations - the greater the benefit to industry. Braithwaite have worked closely with the FinTech Open Source Foundation (FINOS), a non-profit organisation which fosters adoption of open source and collaboration in the financial services sector, to move the agenda forward in developing such a common language for liquidity reporting.
Other similar initiatives include the Common Domain Model (CDM) laid out by the International Swaps and Derivatives Association (ISDA), a ‘blueprint’ for how derivatives are traded and managed across the trade lifecycle. The ISDA CDM provides a single, common digital representation of derivatives trade events and actions to promote consistency and facilitate interoperability across firms and platforms.
What’s changed and why now?
The 2022 State of Open-Source Report sponsored by the Open-Source Initiative (OSI) found that 77% of organisations increased their use of open-source software over the course of 2021.
There are several catalysts that have spurred adoption across the globe:
Willingness to collaborate
Financial institutions have become far more receptive to open-source collaboration than they were five or ten years ago. There is a growing acceptance and realisation that organisations can collaborate with one another without jeopardising their competitive position.
Technological understanding
Open-source collaboration relies on semantic web technology, and while this has been around for the best part of a decade, the rise in data scientists and technological capabilities within firms is driving a resurgent interest in this technology and its applications.
More broadly, there is a renewed interest in the financial sector as to how firms can better use technology and advance RegTech use.
Discover next-generation financial crime compliance technology
Book a demo of our solutions or get in touch to find out how Napier can rapidly strengthen your AML defences and compliance capabilities.
Photo by Solen Feyissa on Unsplash