HKMA published the seventh and final issue of the Regtech Watch series, which outlines the three-year roadmap of HKMA to integrate supervisory technology, or suptech, into its processes. Through greater use of suptech, HKMA aims to enhance the effectiveness and forward-looking capability of its supervisory processes. HKMA also launched a new regtech adoption practice guide series to provide banks with detailed practical guidance on the implementation of regtech solutions. The series forms part of the two-year regtech promotion roadmap announced by HKMA in November 2020. This issue provides guidance on the cloud-based regtech solutions.
Guide on cloud-based regtech solutions
The published regtech adoption practice guide provides an overview of the technology behind cloud-based regtech solutions, outlines the common challenges in cloud-based regtech adoption, and shares information on how others have addressed these challenges to successfully adopt regtech solutions in their organizations. As noted in the first issue of the guide, cloud computing is a key underpinning technology behind regtech solutions. The use of cloud technology for regtech solutions offers several benefits, including timely offsite support, fast implementation, and highly scalable solutions. The guide explains how cloud-based regtech solutions can be used to support risk management and compliance. It illustrates the benefits of leveraging cloud-based regtech solutions and describes key barriers and risks when adopting cloud-based regtech solutions. The document also provides practical implementation guidance to banks on the adoption of cloud-based regtech solutions. It outlines the following key components of cloud-based regtech implementation, particularly in response to the key barriers and risks of adoption for banks:
- Banks should establish four elements to be ready for cloud adoption— cloud strategy, governance committee, cloud responsibility, and cloud assessment framework.
- To select the most suitable regtech solution, banks should evaluate their business requirements and security needs, perform business value analysis, and review service-level agreements.
- When implementing cloud-based regtech, banks could consider adopting Application Programming Interface (API) methodology for seamless transformation and introduce flexibility in architecture design for future-proofing.
- Continuous monitoring of cloud activities and data protection through data governance framework are essential to ensure cloud security and avoid non-compliance issues.
The guide also shares use cases on the adoption of cloud-based regtech solutions, describing the challenges faced by a bank and the way a regtech solution helped to resolve these challenges. The guide outlines the key lessons learned from successful regtech implementation, from the perspectives of both the bank and the regtech provider. One of the use cases involves submission of a regulatory report, wherein bank needed to meet the specified data structure and prepared the report accordingly. The use case demonstrates how cloud-based regtech solutions can be leveraged to automate the reporting process. By virtue of the cloud-based regtech solution, the bank was able to respond to regulatory updates with agility, enhanced mobility, and improved user experience. Another use case pertains to the cloud-based, artificial intelligence-enabled client information management platform, which allowed a bank to automate the assessment and classification of unstructured documents for each customer; along with a built-in workflow, the bank was able to significantly increase efficiency, moving from a manual process averaging 11 hours per case to five hours per case. The bank adopted the cloud-based regtech platform solution as it wanted to build a scalable solution that could meet business demands and enhance customer experience.
Three-year suptech roadmap
HKMA is now in the initial stages of implementing its suptech roadmap. As with other major structural changes, HKMA will take a measured and incremental approach to embrace suptech. Efforts will first be made to lay down a solid “backbone” or the “foundational” initiatives of the suptech roadmap, which in turn will support the subsequent deployment of more advanced and sophisticated technologies to enhance the supervisory processes. With this in mind, the first step in the suptech journey involves a series of proof-of-concepts to test the feasibility of suptech solutions. The initial focus is placed on developing a centralized platform (so that supervisors can view and access information about authorized institutions in a single location) and building a knowledge management system for storing structured supervisory information (for example banking returns) and unstructured information (such as board minutes and internal audit reports). Once the foundational initiatives are in place, HKMA will turn its attention to the adoption of advanced analytics techniques. These techniques focus on enhancing the ability to detect early risk signals, which in turn will improve the HKMA’s forward-looking capabilities. Accordingly, a later step in the suptech journey will be to explore automated intelligence gathering and machine learning techniques that will allow the capture and processing of large amounts of structured and unstructured information, from both proprietary sources such as banking statistics and publicly available sources such as social media posts. Since HKMA is still at an early stage of its suptech journey, significant uncertainty remains regarding the final solutions and tools that will be deployed amid evolving technological developments.
Keywords: Asia Pacific, Hong Kong, Banking, Regtech, API, Data Governance, Suptech, Cyber Risk, Cloud Computing, Reporting, Basel, Internal Controls, Suptech Strategy, HKMA
Previous ArticleEIOPA Revises Impact Assessment of 2020 Solvency II Review
The Bank of England (BoE) published a consultation paper on approach to setting minimum requirement for own funds and eligible liabilities (MREL), an operational guide on executing bail-in, and a statement from the Deputy Governor Dave Ramsden.
The European Banking Authority (EBA) is seeking preliminary input on standardization of the proportionality assessment methodology for credit institutions and investment firms.
Certain regulatory authorities in the US are extending period for completion of the review of certain residential mortgage provisions and for publication of notice disclosing the determination of this review until December 20, 2021.
The Prudential Regulation Authority (PRA) published the policy statement PS18/21, which introduces an amendment in the definition of "higher paid material risk taker" in the Remuneration Part of the PRA Rulebook.
The European Banking Authority (EBA) published its annual report on asset encumbrance in banking sector.
The European Banking Authority (EBA) published a methodological guide to mystery shopping.
The Australian Prudential Regulation Authority (APRA) released a letter to authorized deposit-taking institutions to provide an update on key policy settings for the capital framework reforms, which will come into effect from January 01, 2023.
The Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) published a report that assesses the business continuity planning activities of financial market infrastructures or FMIs.
The Bank of England (BoE) published questions and answers (Q&A) on OSCA to BEEDS migration for statistical reporting as well a presentation from the project overview session held with statistical reporters.
The Basel Committee on Banking Supervision (BCBS) is consulting on a technical amendment to the Basel Framework to reflect a new process reviewing the global systemically important bank (G-SIB) assessment methodology.