Top Ten Highlights for RegTech from the PRA & FCA 2019/20 Business Plans

Both UK Financial Regulators – the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) – issued their 2019/20 business plans just before Easter. These plans lay out the work programmes of each authority for the next twelve months, making them an essential read for firms with products that support the compliance of regulated firms.

Here are ten key points from these business plans that RegTech firms should be aware of:

  1. Financial regulation in the UK is moving from a period of policy change and implementation to one of evaluation. It is likely that the PRA and FCA will increase their focus on the efficacy of newly implemented systems and processes within regulated firms.
  2. The FCA is still firmly committed to RegTech and has laid out its three focus areas for the year:
    1. Exploring how the data exchange between industry and regulators can be improved through initiatives such as the Digital Regulatory Reporting (DRR)
    2. The use of technology to improve outcomes for AML & FCC in a more cost-efficient manner
    3. Understanding how technology can be used to support better outcomes for vulnerable customers
  3. The FCA will be reviewing its expectations for how firms manage IT upgrade and data migration processes which could again result in greater scrutiny of these processes, as part of the overall operational resilience agenda.
  4. Operational resilience remains a key focus for both the FCA and the PRA. Much of this activity will focus on cybersecurity and the use of cloud-based infrastructure. Hopefully, additional clarity on the regulatory expectations of the use of cloud and third-party IT service providers will increase the adoption of RegTech SaaS solutions.
  5. The PRA will begin to evaluate the effectiveness of SM&CR regime and will continue to focus on governance arrangements and accountability – the record-keeping and full and transparent audit trails provided by RegTech products will be fundamental to demonstrating compliance with SM&CR
  6. The PRA continues to develop its own use of RegTech (or should that be SupTech?) to support more advanced data analytics and intends to implement new machine learning techniques in its supervisory activities. Other uses for machine learning are also being explored, as are improving PRA staff access to and analysis of data.
  7. Credit risk will remain a key area of focus for the PRA – and the scope of their supervisory scrutiny will continue across the credit lifecycle, particularly for higher risk portfolios, products and segments. Regulated firms will need to ensure they have consistent, high quality data to fulfill these targeted assessments of asset quality.
  8. The FCA will be considering the future of regulation in a number of ways over the next year and is keen to understand how the technological opportunities for a machine readable and executable handbook can help to improve the framework for estimating costs and benefits.
  9. The FCA will be exploring the challenges for transparency and accountability in the use of data and machine learning and algorithmic decision making. It will be undertaking discovery work to see whether the existing regulatory framework (e.g. Treating Customers Fairly) is sufficient for ensuring the ethical use of data in financial services.
  10. FCA work on the regulation of cryptoassets will continue in 2019/20, including clear guidance on the regulatory perimeter for these assets and calls for further international co-ordination for cryptoassets that fall outside the existing regulatory frameworks.

We will continue to monitor these themes over the course of the coming year and we will be picking up specific topics as part of the series of industry roundtables we are running in collaboration with the FCA.  RegTECHTalents, our November event, will also be exploring some of these themes as part of the FinTECHTalents festival – register here to benefit from the mad bird rate.