RegTech Council Chair and CEO of JWG, PJ Di Giammarino on regulation
The RegTech Council has gained the ear of regulators, providing a much-needed bridge between them, firms and the wider financial and technology markets. One of its passions is driving the change of approach necessary to radically transform regulatory compliance.
In Season 2 of Unleash Your Data podcast, we had the opportunity to hear from PJ and get some true insight into the current thinking in what has now become the regulatory industry. Here are some highlights from the podcast with PJ.
The rulebook reimagined
“The way we are working with the regulators in terms of shaping how you do regulations right – how do you deploy technology and data to regulations in a modern way.”
It’s time for Regulatory 2.0 - major regulators and international bodies are starting to step back and review their regulations, asking that all-important question – why did we do it this way? Is there a better way? What would it look like if it isn’t what we have today? This will take a lot of leadership and it’s not going to happen overnight, PJ says, but the conversations are much more mature and the role of the regulator and how it works is much more collaborative.
PJ highlighted the need to increase the level of standardization that we aspire to do. Just a LEI code or a set of standards about what a data element is, isn’t enough. We need to establish standards across the patch. We need to make it meaningful, make it useable, make it more business as usual.
Treating data as capital
“We’ve never had a framework for measuring the value of the data from a business point of view. We’ve never had credit for having good regulatory data.”
To this PJ adds that there’s a recognition now that unless we find a mechanism to look at the validity and computational integrity of the data in the system, we’re never going to incentivize people to make the change to treat data as the asset it deserves to be recognized as. He senses a shift in approach as people recognize the need to have a more robust system.
An institutionalized dictionary and glossary of assets
“We’ve got to make this the Wikipedia for data.”
What is the true public good as the regulators see it – how do we manage the data? We don’t have the dictionary, the glossary today. It’s not good enough anymore. We need to get those assets institutionalized for the system. So those 80-odd fields that we are arguing the toss about and how they are formatted and how they are put out will be tied back to a dictionary and that will be tied back to a glossary. And we’ll put the glossary in the context of the rules. We’ll have something to refer back to and that is where you really start getting the engagement from the technologies, you can create the trusted data sets, you can then engage the engineers and ask, how can I do that better?
Compliance digitized
“There a phenomenon I was speaking to a regulator about yesterday getting too close to the fence. As soon as you put a fence up, people will go up to the fence and stop, they won’t keep pushing the envelope.”
As a noun, compliance operates as a function – a bunch of people sitting and checking and manually reviewing the systems and controls we have. As a verb, it is a living thing, it’s a set of instructions we all must figure out, we need to be thinking through what is means to manage my operations and controls. Some of the new technologies allow the data to be managed better. Similarly, no regulator wants to say ‘this is where the line is, this is how you meet my rule.’ Regulators are asking ‘are our rules fit for the digital age?’ It’s the how did I get to that number and how did I submit that number? Part of the operational resilience of the system, and part of the way regulators will start thinking about assessing each investment firm, is to what extent are they managing the technology estate that supports the data infrastructure? That’s what we need to know because it’s all happening in real time now.
The futuristic and here and now are joining up
“It’s no longer the case that the regulator can’t get involved in helping to shape ‘what does good look like… the regulators are getting hands on with experimenting, they’re playing with the data sets.”
As a new decade dawns, future technology is the here and now. Technology such as privacy enhancing homomorphic encryption allows safe comparison between data sets where neither of the owners of the data will know how it’s being compared. That’s a fundamentally new construct that we never had but it is something we can leverage for say, money laundering. We can do better regulatory report validation, think about quality levels. In the fifth Money Laundering Directive, which goes live on 10th Jan, firms are mandated to compare data to their data to all the registry data. How are you going to do that without technology? Put it on a spreadsheet, go through it manually and send a bunch of emails or couldn’t you use some of these new technologies to compare the data sets.