HKMA published the seventh and final issue of the Regtech Watch series, which outlines the three-year roadmap of HKMA to integrate supervisory technology, or suptech, into its processes. Through greater use of suptech, HKMA aims to enhance the effectiveness and forward-looking capability of its supervisory processes. HKMA also launched a new regtech adoption practice guide series to provide banks with detailed practical guidance on the implementation of regtech solutions. The series forms part of the two-year regtech promotion roadmap announced by HKMA in November 2020. This issue provides guidance on the cloud-based regtech solutions.
Guide on cloud-based regtech solutions
The published regtech adoption practice guide provides an overview of the technology behind cloud-based regtech solutions, outlines the common challenges in cloud-based regtech adoption, and shares information on how others have addressed these challenges to successfully adopt regtech solutions in their organizations. As noted in the first issue of the guide, cloud computing is a key underpinning technology behind regtech solutions. The use of cloud technology for regtech solutions offers several benefits, including timely offsite support, fast implementation, and highly scalable solutions. The guide explains how cloud-based regtech solutions can be used to support risk management and compliance. It illustrates the benefits of leveraging cloud-based regtech solutions and describes key barriers and risks when adopting cloud-based regtech solutions. The document also provides practical implementation guidance to banks on the adoption of cloud-based regtech solutions. It outlines the following key components of cloud-based regtech implementation, particularly in response to the key barriers and risks of adoption for banks:
- Banks should establish four elements to be ready for cloud adoption— cloud strategy, governance committee, cloud responsibility, and cloud assessment framework.
- To select the most suitable regtech solution, banks should evaluate their business requirements and security needs, perform business value analysis, and review service-level agreements.
- When implementing cloud-based regtech, banks could consider adopting Application Programming Interface (API) methodology for seamless transformation and introduce flexibility in architecture design for future-proofing.
- Continuous monitoring of cloud activities and data protection through data governance framework are essential to ensure cloud security and avoid non-compliance issues.
The guide also shares use cases on the adoption of cloud-based regtech solutions, describing the challenges faced by a bank and the way a regtech solution helped to resolve these challenges. The guide outlines the key lessons learned from successful regtech implementation, from the perspectives of both the bank and the regtech provider. One of the use cases involves submission of a regulatory report, wherein bank needed to meet the specified data structure and prepared the report accordingly. The use case demonstrates how cloud-based regtech solutions can be leveraged to automate the reporting process. By virtue of the cloud-based regtech solution, the bank was able to respond to regulatory updates with agility, enhanced mobility, and improved user experience. Another use case pertains to the cloud-based, artificial intelligence-enabled client information management platform, which allowed a bank to automate the assessment and classification of unstructured documents for each customer; along with a built-in workflow, the bank was able to significantly increase efficiency, moving from a manual process averaging 11 hours per case to five hours per case. The bank adopted the cloud-based regtech platform solution as it wanted to build a scalable solution that could meet business demands and enhance customer experience.
Three-year suptech roadmap
HKMA is now in the initial stages of implementing its suptech roadmap. As with other major structural changes, HKMA will take a measured and incremental approach to embrace suptech. Efforts will first be made to lay down a solid “backbone” or the “foundational” initiatives of the suptech roadmap, which in turn will support the subsequent deployment of more advanced and sophisticated technologies to enhance the supervisory processes. With this in mind, the first step in the suptech journey involves a series of proof-of-concepts to test the feasibility of suptech solutions. The initial focus is placed on developing a centralized platform (so that supervisors can view and access information about authorized institutions in a single location) and building a knowledge management system for storing structured supervisory information (for example banking returns) and unstructured information (such as board minutes and internal audit reports). Once the foundational initiatives are in place, HKMA will turn its attention to the adoption of advanced analytics techniques. These techniques focus on enhancing the ability to detect early risk signals, which in turn will improve the HKMA’s forward-looking capabilities. Accordingly, a later step in the suptech journey will be to explore automated intelligence gathering and machine learning techniques that will allow the capture and processing of large amounts of structured and unstructured information, from both proprietary sources such as banking statistics and publicly available sources such as social media posts. Since HKMA is still at an early stage of its suptech journey, significant uncertainty remains regarding the final solutions and tools that will be deployed amid evolving technological developments.
Keywords: Asia Pacific, Hong Kong, Banking, Regtech, API, Data Governance, Suptech, Cyber Risk, Cloud Computing, Reporting, Basel, Internal Controls, Suptech Strategy, HKMA
Previous ArticleEIOPA Revises Impact Assessment of 2020 Solvency II Review
The Prudential Regulation Authority (PRA) published the final policy statement PS21/21 on the leverage ratio framework in the UK. PS21/21, which sets out the final policy of both the Financial Policy Committee (FPC) and PRA
The Consumer Financial Protection Bureau (CFPB) proposed to amend Regulation B to implement changes to the Equal Credit Opportunity Act (ECOA) under Section 1071 of the Dodd-Frank Act.
The Prudential Regulation Authority (PRA) decided to maintain, at the 2019 levels, the buffer rates for the Other Systemically Important Institutions (O-SII) for another year, with no new rates to be set until December 2023.
The Financial Stability Board (FSB) published a progress report on implementation of its high-level recommendations for the regulation, supervision, and oversight of global stablecoin arrangements.
In a letter to the authorized deposit taking institutions, the Australian Prudential Regulation Authority (APRA) announced an increase in the minimum interest rate buffer it expects banks to use when assessing the serviceability of home loan applications.
The Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) are consulting on the preliminary guidance that clarifies that stablecoin arrangements should observe international standards for payment, clearing, and settlement systems.
The European Banking Authority (EBA) and the European Insurance and Occupational Pensions Authority (EIOPA) have set out their respective work priorities for 2022.
The Malta Financial Services Authority (MFSA) updated the guidelines on supervisory reporting requirements under the reporting framework 3.0, in addition to the reporting module on leverage under the common reporting (COREP) framework.
The European Commission (EC) published the Implementing Decision 2021/1753 on the equivalence of supervisory and regulatory requirements of certain third countries and territories for the purposes of the treatment of exposures, in accordance with the Capital Requirements Regulation or CRR (575/2013).
EC published the Implementing Regulation 2021/1751, which lays down implementing technical standards on uniform formats and templates for notification of determination of the impracticability of including contractual recognition of write-down and conversion powers.