Regulatory Change Products – Our Market Assessment

Our RegTech product directory covers nearly 500 different RegTech products, categorised according to the type of regulatory problem they address. This year, we are extending our research to further understand the market.  We will create market maps of each category and provide insights on the current state of each market segment. In March, our focus has been on the Regulatory Change category.

Regulatory change management and ongoing compliance monitoring is a critical activity for all regulated firms due to the volume, velocity and variety of regulatory changes.

This category therefore includes products that enable regulated firms to:

  • Perform horizon scanning and ongoing monitoring of regulatory developments.
  • Interpret, assess and analyse new regulations to determine their relevance and impact
  • Map changing and existing regulatory rules to internal policies, processes and controls
  • Manage the risks associated with the complex and changing regulatory environment and the deployment of that knowledge to the right people, enabling the right decisions at all levels of the organization

Mapping the Market

We have further subdivided the RegChange category, as illustrated by our market map:

Classifying technology solutions that are multi-functional is never an easy process and is more of an art than a science so if you are a RegTech with a regulatory change product, do let us know whether you feel your product is in the wrong place!

In addition to categorisation by function, products in this category can also be grouped according to their maturity


Using older or more traditional technology, these are generally the large Governance, Risk and Compliance frameworks that were largely born out of the Enterprise Risk Management movement in the early 2000s. Established partly as a response to the 2002 Sarbanes Oxley Act, these products have dominated the market in multiple industry sectors. Recently, there has been some consolidation in this market with the acquisition of Nasdaq’s BWise by SAI Global and RSAM by ACL Services, speculatively as a result of the RegTech Challengers in this sector.


Following the global financial crisis of 2008 and the subsequent wave of regulatory reform, several products emerged to challenge the incumbent GRC platforms, using more innovative technology such as AI and data analytics. These products automate the gathering and analysis of regulatory change information necessary to inform organizational decision-making about how to respond in a highly pressurised environment.

New Kids on the Block

Even more recently, we are seeing the deployment of more advanced AI, particularly Natural Language Processing and Machine Learning to add further levels of automation into the management of regulatory change – largely to create a more seamless process of mapping regulatory rules and their changes to existing policies, processes and controls.


Platforms vs Point Solutions

When we last did a detailed assessment of this market segment, many of the challenger products were either focused on a specific type of regulation or a specific aspect of managing regulatory change, such as horizon scanning or policy management. Over the last six months there has been a concerted effort by several firms to (a) increase their regulatory coverage and (b) extend their functionality into other aspects of the regulatory lifecycle such as rules mapping, workflow, traceability and evidencing of compliance. Two companies to note here are ClauseMatch and Ascent, both of whom had significant Series A raises in 2018 and are rapidly scaling their products and geographical reach.

Regulatory Change Management vs Compliance Management

Now that the major pieces of regulatory reform are complete, future regulatory changes are likely to be piecemeal and focused on fine-tuning rather than wholesale changes. This will shape the market for Regulatory Change RegTech products in two key ways. Firstly, regulated firms now have some much needed breathing space to develop more strategic approaches to managing regulatory change and technology is the optimum solution. Secondly, while large scale changes will attract senior management attention (and budget) and be managed as discrete change programmes, it is harder to keep track of and evidence the compliance of smaller scale changes that are managed as part of BAU. We are therefore seeing the Go-To-Market focus switching from regulatory change management to ongoing compliance management and assurance, meeting the increasing demand for more advanced mapping of regulatory rules and obligations to policies, processes and controls so this can be managed more effectively.  

Business Model Taxonomy – The Holy Grail

Full and seamless mapping of regulatory rules and obligations (often using techniques based on natural language processing and machine learning) requires several foundational building blocks to be in place.

  1. The disaggregation and disambiguation of the regulatory texts into machine readable rules.
  2. An up to date repository of policies, business processes and controls that these machine readable rules will be mapped to.
  3. A dynamic and machine readable version of a business model taxonomy, which represents the many dimensions of a complex financial institutions and the relationships between these dimensions – products, legal entities, business lines, functions, countries, regulatory jurisdictions.

Without this third building block, mapping regulatory obligations onto the business in a seamless way will be difficult to achieve. Open industry standards such as the Banking Industry Architecture Network (BIAN) standards and the ontology work of the Object Management Group are steps in the right direction but the first RegTech product to really crack this tough nut is certain to do very well indeed.