RegTech joins the C-Suite

A new ‘C’ has been added to the suite in banking: the Chief Security Information Officer. BlueNotes has a video interview this week with ANZ’s new CISO, Lynwen Connick, who comes from an eminent career in the Australian public service.

Commonwealth Bank of Australia has announced a Chief Information Security and Trust Officer, Yuval Illuz, an Israeli cyber specialist. Other major banks are also looking at new hires/roles in this space.

" As humans are elevated into roles recognising the strategic importance of cyber security and compliance, more robots are entering the field."
Andrew Cornell, BlueNotes managing editor

At ANZ, Connick will be part of the bank’s leadership group and have a strong strategic focus.

Meanwhile, as actual humans are being elevated into roles recognising the centrality and strategic importance of cyber security and compliance, more robots are entering the field.

The latest site map by CB Insights of the regulatory technology – regtech – base camp shows a few scattered villages have become a sprawling city.

Click image to zoom Tap image to zoom

This landscape goes beyond financial services – the categories including vendor risk management, cybersecurity and environmental protection.

Yet the imperatives across all domains are similar: make sense of and manage a proliferation of regulation; streamline the institutional response; cut the costs of administration and compliance; and – ideally – derive some strategic advantage.

“A host of tech start-ups in the regulatory space has emerged that offer a range of software, services, and tools aimed at bringing more data and efficiency to regulatory compliance,” CB Insights noted.

“We … define it as companies developing technologies aimed at simplifying and streamlining compliance, risk management, reporting, data management, and more. In the last five years, regtech companies have raised $US2.3 billion in funding across 317 deals.

Click image to zoom Tap image to zoom

”Though the bulk of start-ups in this space are focused on compliance in the financial services sector, there are several start-ups that are working on regtech related to healthcare, environmental protection, food and drug, cybersecurity, blockchain, and even cannabis.”

I’m not sure Donald Trump will step in to protect a rust belt of regulators made redundant by technology but even if he doesn’t, the world of regulation is actually pivoting to the degree humans are becoming more important, rather than less.


Connick makes this point in her BlueNotes interview, arguing the stakeholders for cyber-security are not just management and regulators but customers who expect a safe, seamless and engaging technology experience.

Elsewhere in BlueNotes there is a fascinating insight into the new fronts in the campaign against fraud.

Ellen Joyner Roberson from SAS Security Intelligence outlines the technology being arrayed and systems needed while ANZ’s head of fraud risk strategy Tamsyn Harris makes the crucial point that much fraud targets individuals rather than transactions and so there needs to be a strong focus on the human element.

Across this universe from regulation – which encompasses both institutional integrity via capital and liquidity provisions, for example, and consumer protections – to cyber security to strategy, it is increasingly evident even as regtech grows in scope and sophistication human guidance will be increasingly important.

Part of this is the mechanics of how institutions run: regulators increasingly demand more-involved boards and boards want to hear from executives in charge who can answer questions, explain data sets, make recommendations and assure directors they can sleep easily at night. They need senior individuals who can translate what the technology is doing.

Announcing the appointment of Connick, ANZ said she joins “from the Australian Government where she delivered the new National Cyber Security Strategy in the Department of the Prime Minister and Cabinet”.

In its review of regtech start-ups, CB Insights identified eight sub-categories: anti-money laundering (AML) and Know-your-customer (KYC) solutions; blockchain and/or Bitcoin; Enterprise Risk Management; Operations Risk Management including governance, risk mitigation, incident identification, issue tracking, monitoring for compliance obligations, data storage, and reporting; Portfolio Risk Management; Quantitative Analytics; reporting – including centrally maintaining information for future reporting requests; tax management; and trade monitoring – including monitoring compliance with trade restrictions.

Click image to zoom Tap image to zoom

Deloitte’s latest Asia Pacific Financial Services Regulatory Outlook notes four major regulatory themes dominating the outlook for Asia Pacific financial services firms during 2017:

• Maintaining the resilience of financial institutions and the financial system, including “Basel IV”, ICS, stress-testing and recovery and resolution planning;

• Ensuring firms have robust governance frameworks and are cultivating the right culture;

• Increasingly intense and data driven supervision; and

• Managing the impact of innovations in technology, including disruption from FinTech, the growing interest in RegTech and building cyber resilience.

These are all potentially very valuable sectors for lowering compliance costs, improving the quality of reporting and growing productivity. But lowering costs is one thing. Gaining a competitive advantage by providing something of value to customers will be more significant.

And this is where the new generation of senior cyber officers will be expected to contribute.

No company has ever achieved sustainable success through cost cutting. Success comes from customer acquisition and revenue growth – operating efficiency can be essential where revenue growth is anaemic and helps margins even when it is strong.

But in compliance and hence regtech, the cost focus is necessary but not sufficient. Where this new generation of executives, in compliance, in cyber security, will add real value is in using the technology to better satisfy stakeholders – including regulators – by building competitive edges.

Andrew Cornell is managing editor at BlueNotes

Additional reporting by Victoria Kanevsky

The views and opinions expressed in this communication are those of the author and may not necessarily state or reflect those of ANZ.

editor's picks

15 Feb 2017

Correspondent banking and the global vs local fight

John Campbell | GM Transact & Save, Australia Commercial, ANZ

In a post-Trump, post-Brexit world, societies must ultimately decide how open, international and interconnected they want to be. It is the age-old global-versus-local debate; rapidly becoming a defining issue globally.

08 Feb 2017

Trump: an easier life for banks?

Andrew Cornell | Past Managing Editor, bluenotes

Bank stocks in the US – and particularly investment banks – rallied sharply in early February as US President Donald Trump indicated he would push ahead with unwinding some regulation brought in after the financial crisis.

24 Jan 2017

LONGREAD: Is 2017 the end of banking?

Alex Kewley | Director, Client Insights & Solutions, ANZ

It makes for great clickbait but 2017 will not be the 'end of banking'. It will, however, be another year of significant transformation.