What RegTech and Regulatory Sandboxes Can Learn From Entrepreneurs

By Janos Barberis for LTP

The general perception of regulators is that they are slow and reactive. The Dodd-Frank Act illustrates this. It was passed in 2010, only two years after the Global Financial Crisis (GFC), its full implementation remains a work in progress. And despite the effort, time and resources invested in it, Dodd-Frank represents a less significant shift than the ones effected in the early 1930s and the mid-to-late 1980s. Dodd-Frank is really only a reactive and incremental improvement that has had limited impact on financial markets and their structure.

In the (almost) 10 years that have passed since the GFC, what has emerged strongly is FinTech. While the regulators have been implementing post-crisis reforms, entrepreneurs have been busy. And now it seems that with their regulatory houses more in order, regulators are beginning to also embrace forward-looking innovation. The best illustration of this is the speed with which regulatory sandboxes have been announced. So far, over nine have been announced, of which six have emerged in the last four months and 60% of them have been established in Asia.

One might argue that the boom in regulatory sandboxes is another reactionary move: driven by a jurisdiction’s fear of missing out on the chance of growing as a financial center. However, upon closer examination the response appears more measured: each sandbox has localized their offering (e.g. regulatory powers, market conditions) and narrowed their focus.

Furthermore, one can argue that the intent behind establishing a sandbox matters as much or more than their narrow regulatory outcomes. Establishing a sandbox demonstrates a regulators’ desire to move towards a more proportionate regulatory framework that balances risk and innovation. While most regulators seem to have realized that sandboxes are not child’s play, many are yet  to invest adequate resources into their operation, either from a human capital or technical perspective. Similarly, as with startups, regulators will have to enter into a reiteration cycle to improve the quality of, and add value to, their sandboxes. In the meantime, the startups entering these ‘safe harbors of innovation’ will be early testers, with working products that require fine-tuning.

Regulators will need to keep their vision alive as sandboxes are unlikely in the first year to deliver much by way of results. Perhaps most importantly, regulators must ensure that in the event of another crisis, they do not fully revert from their proactive approach to a reactive one. In other words, the innovative spirit of regulators needs to be nurtured and maintained, as it does with entrepreneurs. Each needs to learn from the sum of their experience. Similarly to startups, regulators should cherish the journey as opposed to the destination because of innovation, and its effective regulation, are ever-evolving processes.

This is not to say that regulation allows follows innovation. India and Europe have demonstrated how reform can spur innovation and the rise of FinTech is partly a product of the large post-GFC regulatory reforms (albeit reforms that were focussed on different ends). It is merely to pose the question of how a pro-active and adaptive regulatory framework can be created to embrace what we know we don’t know.

At the core of this vision lie a number of well explored and established principles for regulators: Technological neutrality, proportionality and traditional regulatory objectives of financial stability (both macro and micro), market integrity and consumer protection. The challenge is using technology to develop better ways of doing things, from the standpoint of regulators, industry and infrastructure.

As an example, while all regulators agree on the importance of AML/KYC, there has been limited harmonization with respect to this most common form of compliance. Too often, the spirit of the law is distorted by its implementation. In the context of banks, this often takes the form of banks and regulators blaming the other and each failing to take responsibility and addressing the question of why they cannot innovate. Lack of innovation is blamed on a reciprocal misunderstanding as to what is possible and how it can practically be achieved.

Regulatory sandboxes should become a new forum for discussion, in which the dominant outcome is promoting innovation rather than reducing risk. This means that regulators should not seek to prevent all risks from occurring, but instead, evaluate whether an innovation enhances or decreases risks in comparison to what already exists. It is about accepting driverless cars because they are statistically less likely to generate an accident, as opposed to failing to support them because they have caused one or two accidents, during which people often ask, “should I hire a lawyer after a head injury?” It is about supporting facial recognition solutions, as the instances of fraud associated with them is likely to be far lower than with traditional chip and pin mechanisms.

For this to happen, regulators will need data and a lot of it, in order to ensure that the true risks association with a given innovation are adequately estimated. Foreign experiences should also be taken into consideration and their data used. The depth and size of the data necessary to achieve this has placed immediate pressure on regulators’ resources. With limited staff, regulators will hit a bottleneck in their review, evaluation and approval of innovation.

As a result, regulators need to start embracing machine learning tools, which will allow them to better understand large and unstructured data sets. Identifying substantial risks by running sufficiently large simulations to identify points of failure is key.

For now, the largest simulation in the world is in China. China doesn’t need a regulatory sandbox because the whole country is one and its technology firms are the kids playing in it. When Alibaba released its experimental credit scoring tool, Sesame Credit, it was quickly apparent that its credit scoring algorithm was being gamed by its users. Sesame Credit was underpinned by the assumption that the more a person spent or received, the more creditworthy they were. However, people quickly started to send the same amount back and forth in order to increase their credit score. The unusual pattern alerted Alibaba and led to the algorithm being re-adjusted.

However, not every country has the capacity to run control experiments on the scale of China, so as to uncover flaws. These countries will either have to rely on machine learning tools or accept the risk of regulation lagging behind innovation as a result of not being able to evaluate the real risks and benefits of innovative measures sufficiently quickly.

This blog was is part of a longer academic research entitled: FinTech, RegTech and the Reconceptualization of Financial Regulation. It was written by professor Douglas Arner (HKU), Professor Ross Buckley (UNSW) and Mr. Janos Barberis (Ph.D. Candidate & Founder SuperCharger). Their white paper has now become the fastest downloaded paper on the topic within the last two weeks.

First appeared at LTP