Compliance in banking
With RegTech applications such as data analytics and AI, financial service providers will be able to process compliance requirements automatically. Swisscom is operating as an all-in-one service provider, as Dominik Witz, Head of Banking Compliance & Regtech, explains.
Text: Hansjörg Honegger, images: © Raphael Zubler,
Swisscom offers RegTech services. Can you define this term more precisely?
Dominik Witz: RegTech services are modern technologies that help banks and other financial service providers to implement regulatory requirements more effectively and efficiently than before.
What does that mean specifically?
We are talking about data analytics, artificial intelligence, self-learning software, encryption technologies, blockchain and biometric applications.
Is RegTech simply a new buzzword? Data analytics, for instance, has been around for a long time.
That’s the exciting thing about RegTech: We work with solutions that cover different requirements. With data analytics, customer behaviour can be analysed in order do things such as upsell. But the same data can also be used to meet compliance requirements. For example, the bank needs to know the customer’s network well in order to combat money laundering. Data analytics helps a great deal here.
After studying law and attending the Higher Professional School for Banking and Finance HFBF, Dominik Witz worked for almost nine years at UBS, including as Compliance Officer and Operational Risk Officer. He then headed Finma’s Department for Money Laundering and Financial Crime for almost five years, after which he took a position at Swisscom Banking. Since January 1, he has been Head of Compliance & RegTech at Swisscom Banking.
Where is Swisscom positioned? Developing everything yourself is hardly possible.
It is our strategy to take over what is already on the market via cooperations and add managed services to this. Our services will enable customer to get everything from a single source.
I assume that Swisscom will not immediately have a big package of offers. What is your starting point going to be?
As a first step, we provide the option to record customer interactions on all digital channels in accordance with the law.
Who is the partner?
We are offering this on the basis of the Qumram solution. This is a very good example of how we will establish services in future. Qumram provides the software, and Swisscom makes available the entire infrastructure, such as servers, databases, applications and lines. We will of course also implement the integration project: advising the customer, specifications and, in cooperation with Qumram, configuration.
Financial services providers have already made a lot of progress with the digitisation of their processes and offers.
However, this development seems to have passed by the compliance processes somewhat.
Why is that?
The development of Fintech originates from the customer interface. For the start-ups which kicked off and advanced this development, it was primarily about improving customer benefit. Each Fintech developer has himself also had experiences with financial services in the role of customer and therefore knows how to increase the customer benefit. But with RegTech, technology meets regulation-specific expertise. These are two disciplines that for purely cultural reasons have previously not always been drawn to each other.
“In Switzerland we have principle-oriented regulation, which allows a lot of room for discretion.”
Compliance costs the financial service provider a lot, but at the same time it is not a unique selling point. Why are there still no standard solutions?
I think this also depends on the different risk profiles of the individual institutions. Compliance is mapped in processes that are deeply embedded in the organisation. Even just developing company-internal standards is extremely difficult. In addition, the banks want to continue to use their freedom to shape processes, which is understandable.
But compliance doesn’t have much to do with that...
It does in Switzerland. We have principle-oriented regulation, which allows a lot of room for discretion. What is a “useful grace period” or “elevated risk”? This must be decided by a person on a case-by-case basis.
“I think that Swiss banks will get on board in time and standardise compliance processes across the industry.”
Will this greater room for interpretation in comparison to the competition represent a disadvantage for the Swiss banking centre in future?
Viewed historically, it has been a model of success to grant banks these freedoms. However, the rule-based regulation which is standard in foreign countries facilitates automation of compliance processes, which makes cost savings easier to implement abroad. But I think that Swiss banks will get on board in time and standardise compliance processes across the industry, if only for cost reasons.
Where do you see the greatest potential for higher efficiency and ultimately cost savings in the RegTech area? Where is the low-hanging fruit?
In the cross-border area. In principle, all information is available on what is permitted and what is not in cross-border service provision, but this information is found in thick books and folders and must be assembled with a great deal of effort on a case-by-case basis. The digitisation of this information and these rules means considerable time savings for the affected banks in their day-to-day business. However, it will only be possible in the long term to automatically recognize new regulations and assign them to the appropriate processes and systems.
“The work of the bank staff will change, also with regard to compliance.”
In regard to the catchphrase “automation”: Are jobs threatened by RegTech?
I don’t think so, but the work of the bank staff will change, also with regard to compliance. In future, the customer service providers will have to deal less with background clarifications and will be able to focus more on advising customers. Background clarifications will increasingly be provided by technology, and the work will ultimately become more attractive. The same applies to compliance officers, who in future will spend less time compiling information and be able to focus on interpreting it. However, they will also have to deal with the technologies more intensively. But they are not alone in that – it is a phenomenon of the modern era, after all.