On the sidelines of Money20/20, held in Amsterdam this week, bobsguide caught up with Nick Cook, head of regtech and advanced analytics at the UK’s Financial Conduct Authority (FCA).
What’s on the FCA’s agenda at the minute, concerning technology capabilities?
All of the external facing regtech sits under my department. Internally, I’m leading our more advanced analytics, both the technology side - cloud analytics - as well as building out our human side - our data science capability. Over time, through training and development we can start to build it out and expand in an osmotic fashion across the wider organisation - effectively enabling us to leverage machine learning.
We’re also running sandboxes and hackathons to develop and encourage the regtech contingent of the UK startup market. You can see how our regtech sandboxes begin to hang together quite clearly and we often borrow the tech that’s developed there.
Does all this make the FCA one of the more advanced regulators?
Public opinion would suggest we’re ahead of quite a number. I’m not sure I could say with confidence we’re right at the front on all bases. The feedback we get is that we’re more active and engaged than a lot of other regulators and that’s according to a global pool.
We’re also going to see a lot of emerging markets regulators with few legacy issues being able to leapfrog straight into new techs like cloud analytics, but that’s difficult to execute if you’re new to the game so they must consider that. ASIC [the Australian Securities and Investments Commission] are good and quite public about their regtech use cases that they themselves would like to use. The CFTC [US Commodity Futures Trading Commission] is becoming more progressive, but broad opinion seems to be that the FCA is doing a decent job in that respect.
How useful to regulators are fintech sandboxes?
There are other regulators who have sandboxes so we’re not the only one but we’re by far the most active sandbox ahead of Abu Dhabi and Singapore who are also doing hackathons although I’ve heard we get a higher calibre of participants.
We have a rich mix of skill sets, not just developers and coders but business people and those who understand the regulations as well as subject matter experts. We also make sure we have ‘closers’ who can sell the products very well as well as UI guys who can make it user friendly.
The teams that work at a hackathon would have representation from different companies or banks so quite often that cross-collaboration offers some really unique propositions.
As an example, we had a hackathon a few weeks ago and a team, composed of a couple of banks, built a blockchain backend and a snazzy front end visualisation tool for transaction monitoring to leverage data between institution with blockchain to move it around.
So on top of crunching 9 billion rows of data in two days, they also had a video to demo it, and presented it really well. In this way, the business audience can get their head around it and it leads to adoption.
Where are you seeing the biggest leaps in innovation?
There’s a lot of investment in regulatory reporting. We’ve seen better real-time monitoring systems for call centres with automated voice and behavioural analytics.
What do you think is going to be the next piece of regulation to cause banks problems?
That’s an awkward question for a regulator, but I’d have to say GDPR. There have been and are real efforts going into GDPR compliance, all the cleaning up of data, managing it and understanding it unlock the exploitation of huge data sets.
We’re also seeing a lot of interest with how emerging technologies the implementation of SFTR. They’re interested in taking some of the learnings from MiFID II and how they can be applied to SFTR.
The other question is what does Brexit do to regulation.
The whole inquisition is around whether we diverge from EU regulations and that’s not something I can answer. Even if we don’t diverge from regulations, the way we could deliver it might make a big difference.
I mentioned our machine execution reporting work, we couldn’t make all the european reporting requirements machine executable because we don’t have the unilateral mandate. Even if we kept the same regulations, we might state them in a user friendly and tech supportive manner.