HKMA published the seventh and final issue of the Regtech Watch series, which outlines the three-year roadmap of HKMA to integrate supervisory technology, or suptech, into its processes. Through greater use of suptech, HKMA aims to enhance the effectiveness and forward-looking capability of its supervisory processes. HKMA also launched a new regtech adoption practice guide series to provide banks with detailed practical guidance on the implementation of regtech solutions. The series forms part of the two-year regtech promotion roadmap announced by HKMA in November 2020. This issue provides guidance on the cloud-based regtech solutions.
Guide on cloud-based regtech solutions
The published regtech adoption practice guide provides an overview of the technology behind cloud-based regtech solutions, outlines the common challenges in cloud-based regtech adoption, and shares information on how others have addressed these challenges to successfully adopt regtech solutions in their organizations. As noted in the first issue of the guide, cloud computing is a key underpinning technology behind regtech solutions. The use of cloud technology for regtech solutions offers several benefits, including timely offsite support, fast implementation, and highly scalable solutions. The guide explains how cloud-based regtech solutions can be used to support risk management and compliance. It illustrates the benefits of leveraging cloud-based regtech solutions and describes key barriers and risks when adopting cloud-based regtech solutions. The document also provides practical implementation guidance to banks on the adoption of cloud-based regtech solutions. It outlines the following key components of cloud-based regtech implementation, particularly in response to the key barriers and risks of adoption for banks:
- Banks should establish four elements to be ready for cloud adoption— cloud strategy, governance committee, cloud responsibility, and cloud assessment framework.
- To select the most suitable regtech solution, banks should evaluate their business requirements and security needs, perform business value analysis, and review service-level agreements.
- When implementing cloud-based regtech, banks could consider adopting Application Programming Interface (API) methodology for seamless transformation and introduce flexibility in architecture design for future-proofing.
- Continuous monitoring of cloud activities and data protection through data governance framework are essential to ensure cloud security and avoid non-compliance issues.
The guide also shares use cases on the adoption of cloud-based regtech solutions, describing the challenges faced by a bank and the way a regtech solution helped to resolve these challenges. The guide outlines the key lessons learned from successful regtech implementation, from the perspectives of both the bank and the regtech provider. One of the use cases involves submission of a regulatory report, wherein bank needed to meet the specified data structure and prepared the report accordingly. The use case demonstrates how cloud-based regtech solutions can be leveraged to automate the reporting process. By virtue of the cloud-based regtech solution, the bank was able to respond to regulatory updates with agility, enhanced mobility, and improved user experience. Another use case pertains to the cloud-based, artificial intelligence-enabled client information management platform, which allowed a bank to automate the assessment and classification of unstructured documents for each customer; along with a built-in workflow, the bank was able to significantly increase efficiency, moving from a manual process averaging 11 hours per case to five hours per case. The bank adopted the cloud-based regtech platform solution as it wanted to build a scalable solution that could meet business demands and enhance customer experience.
Three-year suptech roadmap
HKMA is now in the initial stages of implementing its suptech roadmap. As with other major structural changes, HKMA will take a measured and incremental approach to embrace suptech. Efforts will first be made to lay down a solid “backbone” or the “foundational” initiatives of the suptech roadmap, which in turn will support the subsequent deployment of more advanced and sophisticated technologies to enhance the supervisory processes. With this in mind, the first step in the suptech journey involves a series of proof-of-concepts to test the feasibility of suptech solutions. The initial focus is placed on developing a centralized platform (so that supervisors can view and access information about authorized institutions in a single location) and building a knowledge management system for storing structured supervisory information (for example banking returns) and unstructured information (such as board minutes and internal audit reports). Once the foundational initiatives are in place, HKMA will turn its attention to the adoption of advanced analytics techniques. These techniques focus on enhancing the ability to detect early risk signals, which in turn will improve the HKMA’s forward-looking capabilities. Accordingly, a later step in the suptech journey will be to explore automated intelligence gathering and machine learning techniques that will allow the capture and processing of large amounts of structured and unstructured information, from both proprietary sources such as banking statistics and publicly available sources such as social media posts. Since HKMA is still at an early stage of its suptech journey, significant uncertainty remains regarding the final solutions and tools that will be deployed amid evolving technological developments.
Keywords: Asia Pacific, Hong Kong, Banking, Regtech, API, Data Governance, Suptech, Cyber Risk, Cloud Computing, Reporting, Basel, Internal Controls, Suptech Strategy, HKMA
Previous ArticleEIOPA Revises Impact Assessment of 2020 Solvency II Review
The European Banking Authority (EBA) has published the final templates, and the associated guidance, for collecting climate-related data for the one-off Fit-for-55 climate risk scenario analysis.
The European Banking Authority (EBA) recently published a report that recommends enhancements to the Pillar 1 framework, under the prudential rules, to capture environmental and social risks.
As a follow on from its prudential standard on the treatment of crypto-asset exposures, the Basel Committee on Banking Supervision (BCBS) proposed disclosure requirements for crypto-asset exposures of banks.
The Basel Committee on Banking Supervision (BCBS) and the European Banking Authority (EBA) have published results of the Basel III monitoring exercise.
The Prudential Regulation Authority (PRA) recently issued a few regulatory updates for banks, with the updated Basel implementation timelines being the key among them.
The U.S. Department of the Treasury has recently set out the principles for net-zero financing and investment.
The European Commission (EC) launched a stakeholder survey on the draft International Guiding Principles for organizations developing advanced artificial intelligence (AI) systems.
The finalization of the two sustainability disclosure standards—IFRS S1 and IFRS S2—is expected to be a significant step forward in the harmonization of sustainability disclosures worldwide.
Decentralized finance (DeFi) is expected to increase in prominence, finding traction in use cases such as lending, trading, and investing, without the intermediation of traditional financial institutions.
The Basel Committee on Banking Supervision (BCBS) published reports that assessed the overall implementation of the net stable funding ratio (NSFR) and the large exposures rules in the U.S.