Will GenAI change the face of RegTech?

AI is big ... really big.

Artificial Intelligence (AI) has been around for some time but it only with generative AI that we see it come into the mainstream. The reason for this is that AI is having a real impact on economic growth. Economists predict an increase in global growth of an extra 1.6% per year. This means that the global economy will be 16% bigger than otherwise be by 2035 (or the current size of the German, Japanese. Indian and UK economies put together!)

Growth will, however, be uneven with most gains being in life science, technology and financial services and the benefits will start with role augmentation, then role substitution and finally product and service innovation. 

This sets the context for GenAI in RegTech.

RegTech Use Cases

Let’s first look at the RegTech use cases for role augmentation using large language models (LLMs). There is a lot that GenAI can be applied to in RegTech.

• Risk assessment. Monitoring internal and external data sources to determine the risk of regulatory noncompliance of processes and transactions.
• KYC. KYC risk assessment scorecard useage to decide when and how many KYC checks are needed. Creation of suspicious activity reports based on the customer and their transactions.
• Regulatory interpretation Scan regulations for phrases to prompt a choice from a control library. GenAI acts as a policy ‘expert’ for colleagues to quiz. 
• Transaction monitoring and categorization Models monitor data to look for unusual patterns, connections and aggregated impacts.
• Fraud detection AI can be used to detect and prevent fraud by looking at customer actions.
• Climate risk Automate the review of physical risk and the collection of customer transition risk assessments. 
• Cyber risk assessment GenAI can propose and monitor detection rules and speed up secure code development. It can create security insights through pattern recognition and finding unusual behaviors.
• Loan applications AI can help customers apply for loans by asking questions and collecting information after which scorecards are applied. 

Let’s look at the last of these in the figure below as an example of how pervasive GenAI could be in augmenting a risk process.

Figure 1: GenAI application to a customer onboarding use case

But there are also use cases for the second wave of GenAI adoption where modelling is used to substitute for roles. Substitution uses fusion models (several models not just one large one) rather than LLMs to copy human activity. The main use cases are. 

• 1 Line of Defense (LOD) risk identification Monitor control adherence in real time. Controls are applied which allow automated monitoring of triggers and patterns in the data.
• 2 LOD risk workflow Direct risk resolution towards the next best action. Risk events are assessed and directed using previous resolutions.
• 1 and 2 LOD horizon scanning Automated scanning and linking of events. This covers credit risk signals for specific customers and nonfinancial risk assessments of external events.

This steps up the benefits realised significantly compared to today’s GenAI being trailed and implemented. Some benefits of this phase include.

• It can spot patterns better … just like humans. 
• Reduce costs of managing processes and data 
• Reduce operational risks manual operations become well-designed automated ones and should reduce risk, 
• Models for a particular subject are less data hungry. This is particularly useful where data is less available. 
• Trained on incomplete data or data from many different types of sources thus allowing more flexibility in the data used.
• Dynamically recalibrated giving us the benefits of the machine learning features.

… but it’s not just about the AI model.

So, we know what use cases we want to apply GenAI to. How are we going to do it? There are some important components needed as shown in Figure 2.

Figure 2: Components needed for GenAI success in RegTech

Financial institutions must step up their game when managing data. Typically, we see new data management practices being introduced for both operational data and a modelling data environment. Using cloud technology can make these the same, but we still need good practices to manage both.

Also, banks should do better at orchestrating their data i.e. managing data flows around the business and between the organisation and ecosystem players. 

Some Predictions 

GenAI in RegTech is very dynamic and going through its hype cycle like all new practices and technology. A good dose of reality should be applied so I offer some predictions.

• LLMs will run out of data to train on in 2 – 5 years. This will limit their further adoption particularly in RegTech.
• AI will follow the hype cycle ‘bust’ that will happen. Global investment in GenAI is already tailing off
• Fraudsters’ use of GenAI is coming to a device near you!
• Fusion models will be in the ascendancy, needing smaller data sets and addressing specific use cases. 
• Those who (eventually) succeed will soar, those who don’t will crash and burn e.g. automated consumer credit decisions should target upper 90s % of applications assessed.

About the author:

Jeremy has had an extensive career in international banking and management consulting. His most recent role has been for Lloyds Banking Group in UK as Head of Business Design for the risk function. He is also author of ‘Designing the Digital Bank of the Future’.