AI Tames the Complexity of Regulation in Financial Services
By 2020, financial institutions will be staring at more than 300 million pages of regulations, way beyond what their employees will be able to handle. Currently, banks spend approximately US$ 270 billion each year – which is 10 percent of the total operational spending of big banks – on regulatory compliance. Even the average Credit Union spends the equivalent of one employee’s time for every four employees on meeting regulatory obligations.
DATA QUALITY: Compliance teams are presented with enormous quantities of internal and external data emanating from customer records, financial transactions, phone calls, emails and activity logs. But ironically the information doesn’t always serve their purpose. When surveyed during a webinar on regulatory trade reporting, 33 percent of participating firms said their biggest compliance challenge was getting hold of the right kind of data, while 24 percent said it was the quality of data itself. Under such circumstances, the ecosystem becomes vulnerable to fraud and policy violations.
REGULATORY OVERLOAD: 2015 alone saw the addition of 20,000 new banking regulatory requirements. In an ever-tightening regulatory milieu, banks have to deal with onerous and copious legislations in all the geographies they are present. This not only entails huge effort, but at times also creates a conflict between jurisdictions.
PRODUCT DATA SILOS: Some cases of fraud come to light only upon examining additional data outside the transaction itself or in a cross-product view. For instance, a credit card transaction that looks above board might not appear so when seen in conjunction with the customer’s account information. Unfortunately, compliance managers rarely get the opportunity to access a cross-product view – that is, a comprehensive picture of risks and potential violations – because product data in banks typically resides in silos.
Managing this complexity takes a fine balancing act. Set the reporting threshold too low (that is, widen the scope of documents under regulatory purview) and end up with an exponential increase in false positives; lift the threshold high and risk a breach. Through experience, most banks seem to have settled on a workload that occupies about 15 percent of their workforce.
If that seems excessive, imagine the situation in three years, when the 300 million pages of regulation prediction comes true. With the reins slipping away from humans, the only option before banks is to leverage automation technologies, from machine learning, natural language processing to deep learning, and manage the burgeoning scale and complexity.
Imagine the situation in three years, where by some estimates, we may have 300 million pages of regulation.
Of course, banking compliance is no stranger to technology. With improvement in capability and reduction in cost, biometric technology has been instrumental in fraud prevention. I expect fingerprints and retinal scans to be soon widely applied in authenticating card transactions. And although biometric technology is largely independent of Artificial Intelligence today, we can expect to see visual recognition systems working in the background to identify users in the near future.
Most financial institutions have also been using some levels of automation to perform reporting and compliance-related tasks for a few years now. To cite an example, banks are leveraging readymade platforms and toolsets to automate the entire lifecycle, from data gathering to report submission.
Now it is the turn of Regtech to introduce some of the disruptive technologies in financial services to the realm of compliance; technologies such as Big Data Analytics, APIs, and Machine Learning, which are modeling risks, tracking capital compliance, and cracking down on money laundering and other malpractices. Of these, I consider Machine Learning a significant marker in the progress of technology adoption from simple automation to evolved forms of Artificial Intelligence. Machine Learning – the ability of computers or smart devices to learn from data without being programmed – is making its way into banks, identifying deviant activity patterns from big data across products and asset classes, and developing and testing algorithms to proactively manage risk and fraud.
Machine Learning is far better equipped than human beings for this role because not only can it handle massive amounts of data and a very large number of variables for analysis, it can also spot correlations that are not apparent to us. For instance, a risk manager on finding a large drawdown might investigate a few indicators such as the location or the time of transaction, and other similar parameters that are known to us. The machine, on the other hand, is not limited by the confines of human understanding − it will look further, even at hundreds of apparently unconnected variables, for its analysis and to garner insights.
Machine Learning, by its sheer power of speed and scale, has many everyday uses such as reviewing documents. Last year, JPMorgan Chase employed Machine Learning to review commercial loan agreements, which used to occupy staff for 360,000 hours every year. The bank is not only saving enormous manual effort and time, but is also reporting lower error rates. JPMorgan Chase is now planning to deploy Machine Learning in more complex areas, such as credit default swaps and custody agreements.
The next frontier for Machine Learning, in conjunction with other AI technologies, especially Natural Language Processing and Robotics, is to comprehend regulations, decide if a certain action is in violation, and answer queries. Today, two bankers in different parts of the world could interpret the same text differently, based on one’s individual experience and regulatory context. With Natural Language Processing making significant strides, there is the possibility of using AI to read and codify regulatory information into a single source of truth. In such a scenario, two bankers based in different parts of the world only need to query the AI system, through a chatbot for example, and they will both receive an identical interpretation of the text.
While this may take three to five years to unfold into the mainstream, Infosys is already working with a client to digitize their global standards and compliance handbooks on our knowledge-based AI platform. Users can query the platform about a particular transaction in English and a chatbot will tell them if it is permitted or not.
So what will be AI’s impact on banks and financial institutions in the near future?
As stated earlier, approximately 15 percent of a bank’s workforce is engaged in risk and compliance activities. At the top are the policy makers, liaising with regulators and industry bodies, and working closely with the bank’s top leadership. These essentially ‘human’ roles will be irreplaceable by machines. In the middle are those responsible for evaluating risks and managing exceptions, and so on. Most of them will continue in their jobs, but might need to upgrade some skills. The bottom tier of the compliance staff performs voluminous and repetitive day-to-day tasks, which will be automated. The average compliance workforce will shrink by half in the next three to five years.
Understandably, this will spark job security concerns. My belief is that while jobs will be lost to automation, some staff can be trained and upgraded to fill vacant middle-tier roles, instead of the organization recruiting afresh. Others can be deployed in new roles, where they can use their knowledge to solve compliance problems, train new hires, or participate in Regtech innovation.
Research corroborates this approach. When Infosys recently surveyed 1,600 senior leaders in IT and Business functions for their views on AI, 84% of respondents said they plan to train employees on the benefits and use of AI, and 80 percent plan to retrain or redeploy impacted employees. AI is an opportunity for enterprises to conduct more purposeful pursuits, starting by amplifying the ability and achievements of their human resources.
There is a flipside to AI adoption in regulatory compliance. Banks have to be careful not to allow Machine Learning and other AI systems to develop biases, which could negatively impact the quality of decisions. They should also make sure that the compliance team doesn’t lose its grip on things once machines start taking decisions. Last but not least, they would have to convince regulators that their intelligent machines are doing at least as much due diligence in compliance screening, if not more, as the human beings before them.