How data analytics is boosting regtech’s potential

Facing pressure from increasing regulation, community banks are increasingly able to use data analytics and ever-evolving regtech to make their compliance automation more effective.

By Karen Epper Hoffman

If there’s one area where community banks may need technology to ease their operational burden, it is in compliance. To that end, financial institutions and service providers are marrying data analytics to their regtech initiatives to further improve their efficacy and accuracy.

“The regtech space is especially promising for community banks because the availability of off-the-shelf solutions can increase efficiency and lower costs … ”

Regtech, or regulatory technology, is arguably one of the hottest areas of fintech innovation, as is the use of data analytics. So, it’s little surprise that banks and fintechs are combining the two.

“The regtech space is especially promising for community banks because the availability of off-the-shelf solutions can increase efficiency and lower costs, as community banks don’t have the same resources as the global banks to develop in-house custom solutions for compliance issues,” says K. Thomas Ko, a partner at Stroock & Stroock & Lavan in New York City.

While the most common compliance systems are used in areas like anti-money laundering (AML), Office of Foreign Assets Control (OFAC) monitoring and know your customer (KYC), Ko says that new regtech systems can provide “broader bankwide solutions in such challenging areas as monitoring and managing changes in regulation, supporting the internal audit function, credit risk, asset risk, stress testing and producing automated regulatory reports, including structural and financial reports.”

Banks are also able to give their compliance efforts a data boost in the arena of vendor risk management, where Ko says, “the requirement to conduct risk assessments of third-party vendors can easily overwhelm a smaller bank, as well as their vendors, in the vendor onboarding process.”

Mary Gill Hundley, chief administrative and risk officer at KlariVis in Roanoke, Va., which has developed a data analytics systems, says the integration of automated data analysis into compliance solutions is helping to provide “faster delivery of information to drive efficiencies associated with implementing and monitoring compliance risk,” which is critical given the rapid pace of new regulation.

Regtech overall has been seen as a boon to banking because it takes the often tedious but necessary tasks of filtering huge amounts of customer, onboarding, employee and transactional data and sifting for possible red flags. Experts say marrying existing and emerging regtech solutions to more advanced data analysis tools, even utilizing artificial intelligence (AI) and machine learning, will leapfrog the technology ever further forward, allowing for cleaner and more accurate data to be collected from legacy or disparate systems more quickly.

Community banks can branch out

Many community banks that may not have considered regtech now have opportunities to embrace this growing category of fintech. “Within community banks in specific, the landscape for regtech is still at a fairly underdeveloped stage,” says Gilles Ubaghs, a senior analyst for Boston-based Aite Group. Since many community banks rely on their core provider for solutions, Ubaghs says that it is only in recent months that banks “are starting to branch out and work more directly with smaller scale fintech [and] regtech providers,” which might offer more advanced solutions for data analysis utilizing AI, machine learning or cloud-based delivery models. Much of this development is centered on automating onboarding and improving the customer experience, including KYC requirements, he adds.

Colin Whitmore, also a senior analyst at Aite Group, says machine learning-based data analytics is also being incorporated into financial crime compliance solutions, often involving cloud-based services through an application programming interface (API) to make implementation faster and cheaper. Assessing potential risk of all varieties, especially in terms of KYC, has been aided greatly by advanced analytic techniques such as machine learning and AI, according to Justin Gagne, the head of data science and analytics for Artis Technologies in Atlanta.

“These technologies provide ML-driven services built from massive datasets collated from giants in the banking and e-commerce industries, enabling companies to have big data tools without the pain of managing big data themselves. The net effect being, for consumers of these tools, a large lift in the ability to correlate information like address, phone, email and device with a single customer,” Gagne says.

In turn, this can help banks in their compliance efforts to connect to collaborative database systems or sync up for alert lists and global watch lists to detect if a device or email is related to a known bad actor.

“In the past, these types of KYC correlation efforts were traditionally calculated in house and with a much lower level of confidence,” Gagne says, “simply because those calculations once lacked the large sample size made possible by collaborative databases provided by vendors.”

But challenges remain, as is often the case. “[Community banks] understand compliance and customer onboarding are key regtech use cases, with significant potential to increase efficiencies behind the scenes,” Ubaghs says, “but to-date implementing these solutions has been out of reach for many U.S. community banks.”

And better data usage does not eliminate the need for human interaction and testing. Ko advises community banks not to treat automated systems as “panaceas for their compliance needs.” Just as emerging KYC and AML systems do not solve all banks’ concerns regarding AML compliance, he says, “systems, no matter how sophisticated, require regular human testing and monitoring.”

For example, Ko says an update to an AML system may create “an error that causes certain accounts or transactions to be missed or misflagged. The compliance staff should be able to recognize the change in volume of alerts and raise a concern and test the system. Even in the absence of such change, the systems should be regularly tested.”

Compliance Guide

Need an answer to a burning compliance question? Visit the ICBA Compliance Vault at and get access to more than 2,500 Q&As.

Karen Epper Hoffman is a writer in Washington state.