What Big Regulatory Shifts Are on the Way? | The Fintech Times

What Big Regulatory Shifts Are on the Way? | The Fintech Times


2024 is proving another standout year for the regulatory space, finding itself under the spotlight, for better and worse reasons. This month, The Fintech Times will look at some of the biggest issues regarding compliance and financial rules, as well as the solutions hoping to ease the compliance journey for firms and make the fintech world fairer and safer.

Throughout this month, we’ve taken a look at several facets of the regulatory world and compliance, including its biggest challenges, opportunities and successes. Now, we turn our attention to the unknown: the future.

What are the biggest regulatory shifts on the way? Could anything drastically unexpected happen? To find out, we reached out to industry experts to get their predictions on what is to come.

Embedded compliance
Krishna Subramanyan, CEO of Bruc Bond
Krishna Subramanyan, CEO of Bruc Bond

“The most significant shift we’re seeing in the regulatory landscape is the move towards ‘embedded compliance’,” explains Krishna Subramanyan, CEO of Bruc Bond, a Singapore-headquartered fintech. “This approach integrates compliance seamlessly into every financial process, rather than treating it as a separate function. For corporate banking and cross-border payments, this means compliance checks become as smooth and invisible as the security checks on your phone.

“By embedding compliance into banking technology platforms, financial institutions can offer their clients real-time, automated compliance checks across multiple jurisdictions. This not only significantly reduces compliance costs but also enhances the overall effectiveness of anti-fraud measures.

“Fintech companies that successfully implement embedded compliance will be well-positioned to lead in the new regulatory landscape.”

Stepping outside of finance

Iain Armstrong, global regulatory affairs practice lead at ComplyAdvantage, breaks down three ways he expects to see the regulatory world change: “For some time now, AML/CFT regulations have been expanding beyond financial institutions, increasingly covering adjacent professionals in areas such as law and real estate.

Iain Armstrong, Regulatory Affairs Practice Lead for ComplyAdvantage.Iain Armstrong, Regulatory Affairs Practice Lead for ComplyAdvantage.
Iain Armstrong, regulatory affairs practice lead for ComplyAdvantage

“The EU is even gearing up to regulate football clubs for AML/CFT. We should expect this to continue with more firms outside of financial institutions being regulated.

“One area still not discussed enough is social media networks. Whether it’s a romance scam or identity-based fraud, most financial crimes begin outside traditional financial institutions, and regulatory coverage should reflect this.

“We should also see a greater focus on how AI is being used by both financial institutions and regtech vendors. AI-based technologies offer tremendous potential to improve efficiency and prioritise workloads, but explainability standards must be set. If a human analyst denies you access to a bank account, as a consumer, you’d want to know why. The same should apply if AI is being used to automate that decision-making process.”

Keeping an eye on AI and crypto
Remonda Kirketerp-Møller, CEO of MuinmosRemonda Kirketerp-Møller, CEO of Muinmos
Remonda Kirketerp-Møller, CEO of Muinmos

“In the near future, we can expect several significant shifts in the regulatory space, driven by the rapid advancement of technology and the evolving risks facing the financial sector,” adds Remonda Kirketerp-Møller, CEO of Danish regtech firm Muinmos.

She also expects AI to have the largest impact on regulation in the near future: “One major trend will be the increased adoption of AI and machine learning by both regulators and institutions, enabling more proactive and predictive regulatory frameworks.

“Additionally, regulations around cryptocurrencies and decentralised finance are likely to tighten as governments seek to establish clearer frameworks for these rapidly growing sectors. We will also see more global coordination among regulatory bodies to address cross-border financial crimes to reduce regulatory arbitrage.”

Keeping up with evolving threats
John Byrne, CEO of CorlyticsJohn Byrne, CEO of Corlytics
John Byrne, CEO of Corlytics

John Byrne, CEO of regulatory risk intelligence firm Corlytics, echoes views on the transformative potential of AI: “The global regtech space continues to grow as changes in regulation happen at pace. To keep up, the sector will continue to adopt digitalisation, with AI and machine learning continuing to evolve the automation of compliance and risk monitoring.

“As global privacy laws evolve, there will be a stronger focus on data privacy and the techniques used to ensure compliance. Regulators will continue to focus on sustainability and ESG initiatives, driving continued improvements of regtech solutions to meet the challenges in these areas.

“The regulation of AI itself and the associated standard of ISO42001 will be transformative, just as the data privacy and cyber regulations have been. There will be legislation for firms to be vigilant and put policies in place for effectively new forms of cyber threats in the AI domain in areas such as data poisoning.”

New measures, new impact?

Finally, Keith Fenner, SVP and GM EMEA at GRC SaaS company Diligent, discusses the impact new regulatory rules could have: “Developments such as the EU’s Network and Information Security (NIS2) Directive, which businesses must comply with from 18 October and Digital Operations Resilience Act (DORA), due to take effect in January, present an opportunity for UK businesses to raise the bar in relation to cyber risk management.

Keith Fenner, SVP and GM EMEA at GRC SaaS company DiligentKeith Fenner, SVP and GM EMEA at GRC SaaS company Diligent
Keith Fenner, SVP and GM EMEA at GRC SaaS company Diligent

“Specifically, NIS2 will expand the earlier NIS Directive to include more organisations, while requiring management bodies to approve and oversee the risk management measures of their business. On top of this, more prescriptive reporting measures are being introduced. For instance, organisations that experience a significant incident must provide an early warning to their country’s Computer Security Incident Response Team within 24 hours.

“The new directive will also enforce mandatory public disclosure of compliance breaches and even the publication of individuals and entities involved in a breach. Previously, responsibility for cybersecurity was placed solely on IT departments, but with the latest developments in regulation, the entire organisation is responsible. So, with the changing regulatory landscape there is a huge amount at stake if businesses fail to comply.”



Source link

Leave a Comment

Your email address will not be published. Required fields are marked *

Shopping Cart