≡  Menu

Innovation to Manage Risk & Compliance Across the APAC Region


interview with Chee Kin Lam, Group Head of Legal, Compliance & Secretariat, DBS Bank

What practical steps does the financial services industry need to take, to ensure the RegTech agenda moves forward?
There’s a pretty vibrant ecosystem for innovation as a whole and I think all of us need to engage and participate. Problem statements need to get shared. That will drive consensus on the biggest issues facing the industry. In turn that allows innovators – startups, vendors, or even broader public/private partnerships - to understand our pain and propose solutions, and to iterate with proof of concept – fail fast, learn fast. Successful concepts can then be deployed, and then improved over time until they become weapons against criminals and inappropriate conduct.

Which existing regulatory or compliance requirements benefit most from a RegTech solution?
I don’t think we should approach this by starting from the regulatory or compliance requirements. It’s a much more holistic approach that is needed. For example, if KYC is approached merely from the perspective of the regulatory or compliance requirement, it’s very easy to create blind spots around integrating with existing operating processes, synergies with fraud or credit risk, and customer experience. I think we need to ask a more basic question, “why is KYC painful”, and then methodically address the pain points that flow from the question. Some of the pain frankly has nothing to do with regulatory requirements. And it is only from basic questions like that do we get concepts like “privacy by design” or “security by design”. We need to think about this as “compliance by design”.

That said, I think the most promising aspects of RegTech – the aspects with the most promising transformational or weaponisation opportunity – are things like KYC utilities, analytics for surveillance (whether in financial markets or in sanctions/money laundering applications or even in more basic anti-fraud contexts), and I’ll throw something that I’m personally starting to get excited about which is analytics based on natural language engines.

How does RegTech work alongside existing regulatory compliance roles within financial services institutions?
Very broad question. I think the question implies that RegTech sits, in some way, organizationally separate from regulatory compliance roles and thus needs to “work alongside”, so I’ll answer the question from that perspective. In my view, I think RegTech must necessarily integrate with existing compliance roles – otherwise, it’s developing in isolation from the things that happen at the coalface, and you will lose highly valuable input from that real world perspective. So the big organizational challenge that exists is how do we get our compliance leaders to be completely conversant with RegTech and the ecosystem around it, so that those leaders will create the organizational structures, culture, incentives and tools to facilitate the innovation.

How can RegTech improve products and services for consumers?
I have a very simple view on this. It really doesn’t matter how much the front office transforms the delivery of products and services for customers, if it still takes X days to do a KYC or if customer suitability versus product risk is still done manually by a relationship manager. The end result is a customer experience that is not optimal and that ultimately means our lunch is eaten by someone who will deliver that optimal experience. A big part of the experiential “drag” that a customer encounters when dealing with a financial institution has to do with things like compliance and security. So if RegTech (or more broadly innovation) doesn’t kick in to ensure that we get an equivalent and proportionate transformation, I don’t think we will truly harness the benefit of the many opportunities represented by technology.

Let me now turn to something that can get forgotten even as we debate customer benefit. It’s fairly common for stakeholders to say that regulation is a barrier to innovation, but I think it’s equally important that we also think about systemic risks introduced by fintech or digital innovation, about new ways criminals can attack us with new digital channels, and about how conduct of business changes in pretty fundamental ways. Honestly, I don’t know that regulators spend their time thinking about creating barriers. They are worried about risk, and if we cannot show that we are managing the risk properly, then the regulators are correct in placing a barrier in the way. Therefore a critical aspect of RegTech is necessarily that we also deliver more controls effectiveness through innovation. In that way, we create a win-win-win; we are happy, customers are happy, and regulators are happy too.

Why will you be joining the RegTech Summit APAC, and what do you hope to get out of the event?
I’m quite stoked, to be honest. I think the industry has had a lot of sidebar conversations around RegTech, so it’s good that we’re dedicating time to coming together. As I said previously, we need the dialogue to drive consensus on where the pain is, what’s the most promising opportunity, and where we’ll be allocating resources.