• wblogo
  • wblogo
  • wblogo

Regulation is eating the world!

Martyn Evans, Altus Consulting, Head of Consulting, Bath, 3 April 2018

articleimage

The deluge of regulation that has emanated from Western governmental bodies since 2008 is going to overwhelm compliance officers unless regulatory IT rescues them. RegTech might not be the only factor in their salvation, but it will be the most significant factor.

Mark Anderson said in 2011 that software was 'eating the world.' He was commenting on the way in which businesses such as Amazon and Netflix were changing the music and video industries by operating mainly as software businesses. He was one of the original authors of the Mosaic and Netscape browsers, if any reader is old enough to remember those. He now sits on the boards of eBay and Facebook. What he said about the inexorable rise of software now goes for financial regulation as well.

What hit us?

The financial crisis of 2008 changed the world forever. The Bank of England estimates that the cost of the crisis to the global economy was between US$60 trillion and $200 trillion. This cost relates in part to direct support for banks and economies and in part to a decline in the productive potential of nations around the world.

A loss so significant would be hard for countries to stomach under any circumstances but it is especially hard to swallow for having been caused by the crimes of the world's largest financial institutions. As Barack Obama famously put it: "food stamp recipients didn't cause the financial crisis; recklessness on Wall Street did."

The regulatory reaction

The repsonse from governments and regulators to the crisis has been consistent throughout the globe: a raft of swingeing fines and an outpouring of more onerous regulation. Regulators have been keen to bare their teeth, both to punish firms for their conduct in the run-up to 2008 and for subsequent misdeeds. As a result, the decade has seen some of the biggest fines ever levied against corporations. The Bank of America, JP Morgan, HSBC, UBS and BNP Paribas have all had to pay fines of more than $1 billion, often at the hands of the US Securities and Exchange Commission and the British Financial Conduct Authority. The total number of fines issued by financial regulators since 2008 is somewhere around US$320 billion.

Regulators have been drafting huge swathes of new regulations. The number of rule changes (i.e. updated or new regulations) that globally active financial institutions must track every day has tripled since 2011 to an average of almost 200. In the UK, the Prudential Regulation Authority's rulebook looks quite light at 221 pages, compared with the 20,000 pages of the Financial Conduct Authority's version. The EU has had its own slew of regulations, including the Network and Information Security Directive, which comes into force in May. The reach of these regulations has widened: the European Union's second Markets in Financial Instruments Directive (MiFID II) and General Data Protection Regulation (GDPR) and the US Foreign Accounts Tax and Compliance Act (FATCA) 2010 all have extra-territorial reach.

Meanwhile, the number of regulatory alerts has been growing. Figures from Thomson Reuters state that the total for the whole world was 8,704 in 2008; 10,000 in 2009; 12,000 in 2010; 14,200 in 2011; 17,760 in 2012; 27,000 in 2013; 40,000 in 2014; 51,000 in 2015; and 53,000 in 2016. The fines levied by the FCA alone have gone up from about £100 million in 2011/12 to £1.4 billion in 2014/15, although there was a drop to about £850 million in 2015/16.

It is therefore no wonder that regulation is at the top of everyone's agenda. My firm has estimated that more than half the activities involved in running a typical financial firm are subject to some form of regulation. This includes not only the PRA and FCA but also regulators as diverse as the Health and Safety Executive, the Department of Transport and, of course, HM Revenue & Customs.

Amazingly, some firms still have their heads in the sand and are hoping that the last ten years of change represents a one-off reset of the regulatory watch. My firm's prediction is that this pace of change is the 'new normal.' Over the next five years we fully expect to see at least as much change as over the last five, if not more.

An unsustainable rise in staff

One result of this has been a dramatic increase of risk and compliance staff at financial firms. HSBC has increased its compliance staff from 1,750 to 7,000 worldwide between 2007 and 2016 - almost a fourfold increase in less than ten years. BBVA (Banco Bilbao Vizcaya Argentaria) of Spain recently estimated that, on average, financial institutions have 10-15% of their staff dedicated to governance, risk management and compliance - mainly compliance. HSBC spends about US$1 billion on compliance worldwide.

It does not take a genius to tell you that this is not a sustainable answer to the problem. The law of diminishing returns operates here and an exponential increase in compliance staff is not the right path to compliance in the long run. The answer, of course, is technology. I am not saying that it is the only factor, but it will be the most significant factor in the achievement of long-term sustainable compliance. Hail the rise of RegTech!

* Martyn Evans can be reached on +44 (0)1225 438 000 or at martyn.evans@altus.co.uk

Latest Comment and Analysis

Latest News

Award Winners

Most Read

More Stories

Latest Poll