Albert Einstein once said, ‘The measure of intelligence is the ability to change’.  In the current volatile environment, banks need that intelligence to keep risks in check and ensure ongoing regulatory compliance.  Because it is always easier to navigate a changing environment with a clear view of what lies ahead, we thought it would be helpful to map out the changes that are on the horizon for RegTech.

Accelerated rate of regulatory change and increased complexity

Banks are facing a rapidly changing regulatory environment with more complex requirements. To cope with this, they are relying on effective and nimble software solutions that can quickly adapt to regulatory changes.

A recent KPMG survey of CCOs revealed that 53% expected to enhance technology and data analytics, and 64% expected an increase in their technology budget with the primary drivers of that increase to be from data analytics, cybersecurity, process automation and AI.

Firms moving from internal builds to working with vendors.

According to Forbes, “Experience shows that building systems typically takes longer and is more costly than organizations project. In addition, there could be greater risk associated with internal builds when compared to industry solutions that are created by companies focused on RegTech because they often have more in-depth and current knowledge of regulations.”

A need for risk tools that enable risk assessment, risk decision making, and risk control at a tactical level.

Banks are implementing integrated risk management tools to hold lines of businesses accountable for risk control. This approach decentralizes risk management responsibilities and empowers individual business units to actively participate in risk assessment, decision making, and control. It ensures a more holistic and proactive approach to risk management throughout the organization. Murex, FIS, RSA, and SAS are a few of the more popular risk management tools we’ve seen garner adoption recently.

An increased focus on data quality

Forbes states,” The number of regulatory reporting requirements is growing—with no indication of slowing anytime soon. As new requirements continue to hit the market, the downstream demand for actionable, well-informed data will continue to increase going forward.

Bad data is expensive. Unstructured data and incorrect reporting mean higher-risk decision-making, as well as increased breaks and manual reconciliations. That puts financial institutions at risk of regulatory and operational consequences. RegTech plays an important role in supplying precise, clean and well-measured data sets and addresses existing problems around data in silos. Additionally RegTech allows seamless process automation, data platform standardization, driving business analytics and effective regulatory reporting, API Platforms for each retrieval of data, IT controls to monitor transactions/delays/failures.

Artificial Intelligence (AI) and Machine Learning (ML) in risk and compliance management

Artificial Intelligence, especially generative AI and Machine Learning, represent a natural progression in risk and compliance technology because of their ability to quickly analyze and classify large volumes of unstructured data with limited human intervention. This allows banks to lower costs while increasing accuracy and efficiency.

The benefits of AI/ML, include:

  • Improved forecasting accuracy due to ML’s ability to capture non-linear relationships between variables;
  • the ability to extract multiple variables from huge volumes of data with extreme accuracy allows real-time event monitoring with fewer false positives; and
  • the mitigation of human error.

Potential uses of AI/ML, include:

  • Credit risk modeling- The ability to apply advanced logic and decision rules and classify large volumes of data allows banks to more accurately predict key credit risk characteristics like Probability of Default (PD) and Loss Given Default (LGD).
  • Fraud Prevention– Machine learning algorithms have historically been highly accurate in predicting credit card fraud due to their ability to develop, train and validate huge volumes of data.
  • Monitoring Traders- AI technologies have been effectively used to monitor trader activity for insider trading, market manipulation and rogue trading by analyzing email and calendar activity and cross-referencing it with trade activity data. This methodology has allowed the probability of misconduct to be calculated with a high degree of accuracy.
  • Customer Complaints- AI can not only efficiently track customer complaints to ensure timely resolution, but it can also identify trends and patterns to uncover potential compliance and control gaps.
  • Anti-Money Laundering- AI technologies’ ability to parse large quantities of data can vastly improve Know Your Customer (KYC) and transaction monitoring by increasing efficiency and reducing false positives. Generative AI algorithms can also be trained to write case narratives for Suspicious Activities Reporting (SAR).

AI Risk and Regulation

While AI technologies bring significant advantages, they also come with risks. Regulators are considering introducing regulations to address the challenges associated with AI technologies. With regulators such as SEC chief Gary Gensler stating that “AI will be at the center of the next financial crisis” effective AI risk management and regulatory compliance programs must be developed in parallel with the adoption of these technologies.


The current landscape of risk and compliance technology is characterized by the need for adaptive and efficient solutions to navigate the rapidly changing regulatory environment. Banks are leveraging technology and data analytics, collaborating with specialized vendors, adopting integrated risk management tools, and focusing on data quality. Additionally, AI and ML technologies are being utilized to enhance risk and compliance processes, but careful attention must be given to managing the risks and ensuring regulatory compliance.

Doran Jones has the expertise and experience to provide a holistic approach to address all of these needs and recommends developing an AI risk management framework along with any AI risk and compliance processes.  This framework should address both technical risks (such as algorithmic bias data accuracy) and non-technical risks (such as compliance with Ai related regulations and ethical considerations) through the use of robust analytics and periodic monitoring and testing.