Abstract
Financial misconduct is a growing issue in the financial sector, leading to increased regulations. The increased need to comply with these regulations preceded the need for regulatory technology. Regulatory technology (RegTech) helps the financial industry comply with regulations. This study aims to identify regulatory technology’s impact on financial misconduct within the United States banking industry. This study uses an evidence-based approach to help make informed decisions on adopting regulatory technology to control financial misconduct. The researcher used the qualitative, Rapid Evidence Assessment methodology to find ten articles (quantitative and qualitative), critically appraise, code, and synthesize them to provide findings and recommendations to the United States banking industry, regulatory agencies, and regulatory technology solution providers. Data from the Financial Industry Regulatory Authority annual reports and Financial Crime Enforcement statistics helped triangulate the findings from the evidence synthesis to increase the study's validity. The results indicated that the adoption of RegTech provided advanced risk assessment and monitoring capabilities that increased compliance with regulations, minimized financial misconduct, and improved the stability and profitability of the United States banking system though it introduced information privacy risk.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Avoid common mistakes on your manuscript.
The 2008 banking crisis exposed financial misconduct in the industry and resulted in new regulations within the financial sector. McGrath and Walker (2022) indicated that misconduct is a growing issue in the financial sector. This misconduct has increased regulations in the industry, leading to the emergence of regulatory technology (Lynn et al. 2019). The Dodd-Frank Act and Consumer Protection Act were enacted within the United States to protect financial institutions from further crises due to financial misconduct. Though these regulations help minimize risks to financial institutions, implementing these regulations was expensive. Ellis Gutshall, CEO (Chief Executive Officer) of Valley Bank, indicated that it costs banks close to 12% of the operating costs or approximately $50 billion annually to comply with the regulations (Dodd-Frank Act’s Effects on Financial Services Competition 2012). This increase in operational expenses burdens smaller banks, causing smaller banks to have a lesser competitive advantage over larger banks. In a survey conducted by the World Bank, researchers suggested that at least half of the financial institutions surveyed worldwide noted that regulatory and supervisory compliance was one of their top three challenges (Feyen et al. 2022). Regulatory compliance is enforced using RegTech, or regulatory technology, solutions. Supervisory compliance by supervisory authorities is enforced by SupTech, or supervisory technology, which is nothing but RegTech for supervisory authorities.
RegTech and SupTech are software technologies that have emerged to ease regulatory and supervisory compliance by minimizing operation costs. Thakor (2020) indicated that United States banks had paid over $200 billion in fines for financial misconduct post-2009. RegTech helps identify instances of financial misconduct and saves banks the cost of penalties due to financial misconduct (di Castri et al. 2018). Multiple surveys by market research companies indicated that RegTech is on track to show a compound growth rate of over 20% between 2023 – 2027 (RegTech Market—Global Forecast to 2026, 2022). This paper explored the impact of RegTech in addressing compliance risk due to financial misconduct within the US banking system, where risk is defined by the Federal Bank of New York as “the potential for behaviors or business practices that are illegal, unethical, or contrary to a firm’s stated beliefs, values, policies, and procedures” (Chaly et al. 2017, pp. 5).
1 Problem statement
The banking industry in the United States is regulated mainly by prudential or consumer protection regulations. Prudential regulations ensure a financial institution’s financial soundness and stability; consumer protection regulations protect consumers. These regulations are in place to monitor and prevent financial misconduct. Failure to comply with these regulations results in hefty banking fines. Financial misconduct can fall under two broad classifications:
-
1.
Misconduct by consumers which includes money laundering, identity theft, fraud, and finance of terrorism.
-
2.
Misconduct by banks includes monopolizing the market, lack of consumer data protection, discriminatory practices, risk-taking that affects the bank’s stability, and insider trading.
For this study, financial misconduct includes both misconduct by consumers and misconduct by banks. Many laws help curb financial misconduct by consumers and banks within the United States. The fundamental laws are:
-
1.
Dodd-Frank Act – This act monitored the financial stability of major financial institutions whose failure could impact the economy, prevented predatory lending practices, set the Volcker rule which restricted how banks can invest, monitored the issuance of reliable credit ratings, and established a whistleblower program that helps report securities fraud. This law was partially rolled back in 2018 to exempt small banks.
-
2.
Bank Secrecy Act (BSA) (U.S.C 1970) – This act prevents laundering monetary investments, engaging in financial transactions in property derived from unlawful activities, and structuring transactions to evade reporting requirements. According to this act, any transaction over US $10,000 should be reported.
-
3.
Federal Deposit Insurance (FDI) (U.S.C 1950) – The FDI Act deems certain practices like operating with inadequate capital, engaging in hazardous lending and lax collection practices, engaging in speculative investments, failing to maintain controlled accounting practices, having excessive loan losses, or nonearning assets as unsafe and unsound and deems any banking institution that engages in these practices as displaying financial misconduct (FDIC 2023).
-
4.
Basel III (Ferreira et al. 2019) – This global framework sets regulations to enhance the shock-absorbing capabilities of banks by specifying capital adequacy and liquidity ratios and conducting periodic stress tests. These rules were implemented in the US banking industry starting in 2013.
There are several regulatory agencies within the United States to enforce these laws. It is difficult for banks to assess if they comply with these regulations since they would need to sift through massive data, which can be time and resource-consuming, but not doing so may result in hefty fines. RegTech is used to help banks sift through data and manage compliance regulations. RegTech is a software solution that leverages artificial intelligence, machine learning, blockchain, API (Application Programming Interface), or other technologies to monitor for financial misconduct in the following areas: Risk and Compliance Management, Identity Management, Regulatory Reporting, Anti-Money Laundering (AML) and Fraud Management, and Regulatory Intelligence. Earlier identification of misconduct using RegTech solutions saves banks from reputational damages and fines.
RegTech has gained popularity after the 2008 banking crisis with many regulatory agencies and banks using RegTech, however, there is still a high rate of financial misconduct reported, some of which have led to banking failures. So, did RegTech help to reduce financial misconduct? This query motivated the research question: What is the impact of RegTech on compliance risk due to financial misconduct within the US banking industry?
The CIMO (Context, Intervention. Mechanism, Outcome) framework aided in framing the research question, as shown in Table 1, since the framework facilitates a design-oriented research question, which helps offer practical interventions/solutions to issues faced by policymakers, management professionals, and organizations across different contexts (Costa et al. 2018).
2 Significance of the study
RegTech is an extensively researched topic. However, more studies discuss the potential impacts of RegTech rather than the current or past impact. Also, most systematic reviews in this field evaluate the different RegTech technologies and regulations and discuss possible application areas for RegTech (Tsang and Yang 2018). In recent months, many news articles have reported US banks shutting down due to bank runs (Smolenski 2023). Knowing whether RegTech would have prevented these shutdowns by flagging the banks’ financial misconduct ahead of a solvency issue would provide valuable information to the management of the US banking industry, the regulatory policymakers, and players in the RegTech industry. A few case studies evaluated the impact of RegTech for a particular application like AML or ‘Know Your Customer’ (KYC) in the US banking industry. However, there needed to be a more cumulative evidence-based review of the impact of RegTech across different applications like unified reporting of compliance reports to detect misconduct, risk assessment and monitoring to detect misconduct and enforcement of compliance regulations in the US banking industry. This study fills the literature gap and provides insights to the banking industry regarding the benefits of investments in RegTech, which contribute to a compliant and safe US banking system.
3 Literature landscape
Regulating agencies showed renewed interest in regulatory technology after the 9/11 attacks and the dot.com bubble in 2001 (Arner et al. 2017). Regulating agencies and the banking industry focused on detecting financial misconduct related to terrorist funding, money laundering activities, and rampant speculation in the security market that led to economic instability. This focus led to the initial growth of regulatory technology. Regulating agencies soon realized that financial institutions had no uniform reporting standards and began implementing and mandating eXtensible Business Reporting Language (XBRL).
Between 2001 and 2014, there were several articles related to the implementation of XBRL (eXtensible Business Reporting Language). Some articles discussed XBRL case studies (Chen 2010), and some discussed the impacts of XBRL (Blankespoor et al. 2014; Hao and Kohlbeck 2013). It was only in 2015 that the term RegTech was coined by the United Kingdom’s Financial Conduct Authority (FCA) (Turki et al. 2020).
Between 2015 and 2023, there has been an increase in publications related to RegTech. This spurt coincides with RegTech investments which have octupled from US $1.1 billion in 2015 to US $8.5 billion in 2019 (Howell, 2022). The publications during this time mainly focused on the available RegTech solutions and applications (Drgon et al. 2021; Fletcher et al. 2021; Von Solms 2021), fraud detection (Kurum 2023; Phillips and McDermid 2021; Sater 2020), unified reporting (Mousa and Pinsker 2020; Suwardi and Tohang 2017), and futuristic data collection and processing using artificial intelligence (AI) and Natural Language Processing (NLP) (Marina A. Aksenova 2022; Micheler and Whaley 2020; Soldatos and Kyriazis 2022).
4 Theoretical framework
The agency theory originated in the 1970s and is commonly used in economic and management literature to address governance mechanisms that regulate conflict of interest (Chen et al. 2012). The authorship of the agency theory is contended between two theorists, Stephen Ross and Barry Mitnick (Mitnick 2006). The agency theory attempts to define the relationship between the principal and the agent, where the principal relies on the agent to execute specific tasks. The theory assumes that the principal and the agent operate towards their self-interests which might be conflicting, and that the agent has more access to data and a better capacity to make decisions. The theory also postulates that regulating conflict between the principal and the agent reduces the agency's loss.
Looking at the research question through the lens of the agency theory, the principal can be the regulatory agency when the agent is the financial institution or the principal can be the financial institution when the agent is the consumer (see Fig. 1). The regulating agency is interested in financial stability and improving the nation's security posture and economic stance. The banking industry is interested in maximizing profit at the cost of higher risks leading to financial misconduct (Iqbal et al. 2015) which can potentially destabilize the nation’s economy leading to agency conflict. Consumers driven by their needs also indulge in financial misconduct (Karpoff 2021) which lowers the banking industry’s profit causing a conflict with the financial institution’s goal. Regulatory laws enforced using RegTech manage these conflicts of interest by enforcing compliance to help align the different stakeholders’ interests and reduce agency problems.
In addition to regulating conflicts of interest between regulatory agencies and financial institutions, and consumers and financial institutions, the banking industry uses RegTech to self-regulate. Large amounts of data are accessible to each financial institution and mined for self-regulation (Tuch 2018). Examples are mining consumer complaints to identify discriminatory practices (Siering 2022) and mining consumer data to identify risky consumers (Grassi and Lanfranchi 2022). Regulating agencies receive vast amounts of data from numerous financial institutions. This data helps regulate and address potential conflicts of interest between the regulating agency and the banking industry. Resolution of all disputes results in a compliant banking industry and reduces loss to the banking industry. In contrast, conflicts destabilize the banking industry and possibly the nation's economy.
5 Methodology
This study uses an evidence-based methodology. Rousseau (2006) suggested that using empirical evidence to make management decisions is better than using personal preferences. To address the review question, the approach employed was the rapid evidence assessment (REA) methodology, which relies on solid evidence. Systematic reviews (SR) are effective in synthesizing evidence; however, it typically takes 6–24 months to get results from a systematic review (Moons et al. 2021). The banking industry is dynamic and rapidly changing, so the time to generate systematic reviews impedes making quick evidence-based decisions. Also, systematic reviews introduce bias into the study due to their subjective nature (Crawford et al. 2015). However, the REA takes between 4–8 weeks and provides high-quality evidence providing similar results to systematic reviews, making it a more viable choice to provide rapid evidence (Moons et al. 2021).
Gough et al. (2012) suggested that configurative reviews using thematic synthesis aim at finding patterns that answer the review question fittingly. This study is exploratory; hence, a qualitative, configurative review approach was used along with data triangulation. Data was selected based on its relevance and contribution to the study and synthesized using a thematic approach to arrive at the findings.
6 Search strategy
The author implemented a structured search strategy, as suggested by Gough et al. (2017). The inclusion/exclusion criteria were defined. This study used peer-reviewed, primary research and empirical studies, primarily published in scholarly journals, in English, from 2008—2023. Bustin and Nolan (2016) suggested that peer-reviewed, scholarly journals have high transparency and reliability. The studies selected were from 2008–2023 since the banking regulations changed drastically after the banking crisis in 2008 and caused the spurt of many RegTech companies.
The search query was based on search strings designed using the CIMO framework, as shown in Table 2. Boolean and wildcard operators were used in the search strings to increase the specificity and sensitivity of the search. Increasing the search specificity and sensitivity also prevents bias in research and helps locate relevant studies (Barends et al. 2017; Haynes and Wilczynski 2004). Grewal et al. (2016) suggested that the key to proper research is an extensive data search; therefore, search queries were executed on multiple databases using four search strings. The databases used for the search were Business Source Ultimate, ScienceDirect, Directory of Open Access, Academic Search Ultimate, Emerald Insight, ABI/Inform, Journal Storage (JSTOR), Scopus, Google Scholar, Social Science Research Network (SSRN), and Securities and Exchange Commission (SEC) publications. Building blocks and snowball search techniques were used for more comprehensive results (Goodman et al., 2014).
Table 3 displays the search results and provides information about each study’s methodology and geography. A critical appraisal of the twelve articles retrieved from the search resulted in the final sample used for the study. The search strategy was documented with a PRISMA, as shown in Fig. 2. PRISMA is an evidence-based method of reporting study selection to avoid publication bias (Brooks and McNeely 2013).
7 Critical appraisal
Critical appraisal of the studies is a crucial step since Kepes et al. (2014) suggest that establishing the trustworthiness of the evidence yields meaningful results. Multiple tools are available to appraise a study critically. The appraisal tools were evaluated based on the recommendations of Bhattacherjee (2012), Kepes et al. (2014), Rousseau (2006), and Gough (2007) to appraise rigor, transparency, significance, and relevance. Each criterion used a scale of three, with the highest possible score of 12 and the lowest score of zero. The Mixed Methods Appraisal Tool (MMAT) variation tool (Munro et al. 2021) scored low on transparency but high on rigor, significance, and relevance. The TAPUPASM tool (Ryan and Rutty 2019) scored high on transparency. The MMAT variation tool had clearly defined questions evaluating an article. However, since the TAPUPASM tool was subjective, objective questions were framed for the transparency tenet within the TAPUPASM framework based on insights from Ryan and Rutty (2019). Hence, both tools were combined to create a new appraisal tool that keeps the rigor, significance, and relevance elements of the MMAT variation tool and adds the element of transparency to the tool. The combined MMAT and Transparency framework evaluated the initial 12 articles identified.
If the screening questions in the MMAT appraisal tool had a response of “No” or “Can’t tell,” it was deemed that further appraisal was not appropriate (Hong et al. 2018, p. 5). The combined MMAT and Transparency framework assigned a scale of three for each criterion, with the highest possible score of 24 and the lowest score of zero. The study only selected articles that had a score of 12 or higher. Therefore, articles by Siering (2022) and Tuch (2018) were not included, leaving a total of 10 articles selected based on the selection criterion. Table 4 displays the appraisal scores for all 12 articles.
A crucial criticism of the rapid evidence methodology is that it lacks transparency and rigor (Varker et al. 2015). Using tools like PRISMA and MMAT to report transparently on the search strategy and critically appraise the evidence ensures the study's high transparency, quality, and rigor (Varker et al. 2015).
8 Data extraction
A data extraction process was used to minimize bias and assess the studies for the relevance of the sample (Munn et al., 2014). The data extracted included the author, title, sample description, methodology, hypothesis, primary findings, and study limitations described by each author. After data extraction, a data descriptor describing the data set was constructed, as shown in Table 5. Hrynaszkiewicz (2014) suggested that data descriptors make the data open, discoverable, and transparent. One of the 10 articles was from grey literature, and the other nine were scholarly publications. Out of the 10 articles, five articles used a quantitative methodology, and the rest used a qualitative methodology. Five articles analyzed the impact of RegTech on banks, and the other five analyzed the impact of RegTech on regulatory agencies. All articles indicated a positive effect of using RegTech, with only four articles warning about the negative impacts of RegTech.
9 Coding
The inductive coding method was used to code the articles since the study is exploratory. Skjott and Korsgaard (2019) stated that inductive coding is most effective in exploratory studies. Five coding cycles were executed on each article's findings and discussion section, as shown in Fig. 3. If the article was a case study, the case details are analyzed through coding to identify any details or concepts not presented in the findings. Atkinson (2002) suggested that coding case study details provide valuable research information. Skjott and Korsgaard (2019) suggested that inductive coding generates much code, so computer-assisted qualitative data analysis software (CAQDAS) should be used to code the data better. ATLAS.ti was chosen as the CAQDAS tool since it is widely used for qualitative data analysis. Though grounded theory inspired its conception, it is used for all approaches, including thematic analysis (Friese et al., 2018).
A thematic synthesis of the codes extracted indicated that the timeliness, data processing speed, and automation of RegTech solutions impact banks by reducing reporting time and quality by providing quick, high-quality data, detecting fraud early, improving operating costs, and improving the safety and stability of the bank. Table 6 shows the categories that formed each theme.
10 Findings
This section discusses this research's findings and answers the research question, ‘What are the impacts of RegTech on detecting financial misconduct in the US banking industry?’ CERQual (Confidence in Evidence from Reviews of Qualitative Methods) was used to assess each of the findings to increase the confidence and transparency of this review. Lewin et al. (2018) suggested that CERQual is an evidence-to-decision framework that is structured and provides transparency to the qualitative review. Findings presented in eight or more good-quality articles are considered high confidence, while those presented in four or more good-quality articles are considered moderate confidence. Any remaining findings are considered low confidence.
The coding process uncovered two positive impacts and one negative impact of RegTech on detecting financial fraud in the US banking industry.
Finding 1: Positive impact: Automated risk assessment and monitoring lead to less compliance risk and hence higher stability in the banking industry by reducing risk due to financial misconduct. (High CERQual confidence).
This finding was supported by nine of the 10 articles reviewed. RegTech provides better assessment and monitoring of risk by providing a means for assessing capital adequacy and liquidity requirements for banks (Anagnostopoulos 2018; Barefoot 2020; McGlosson and Enriquez 2023; Suwardi and Tohang 2017). Sefried and Riepe (2023) implied that the use of RegTech helped assess loan loss provisions better and reduced risk, while Anagnostopoulos (2018) and Rapp (2018) indicated that RegTech could be used to assess and mitigate market risks by detecting fraud.
Researchers elucidated the benefits of RegTech in minimizing risk by facilitating continuous reporting through the provisioning of APIs and automating multiple compliance processes that are critical to detecting and preventing fraud, like automation of Know-Your-Customer (KYC) requirements for AML and terrorist funding (Arner et al. 2017; Barefoot 2020; Jayasuriya et al. 2023; Mousa and Pinsker 2020). McGlosson and Enriquez (2023) indicated that the introduction of RegTech also triggered the hiring of data analysts, mathematicians, and financial economists who help to better regulate and stabilize the industry by better assessing risk. Overall, the consensus was that RegTech solutions have helped financial institutions better assess and mitigate risk, increasing the banking system’s stability.
Finding 2: Positive impact: Higher transparency, intelligent and fast processing, quality, and retention of data to detect fraud leads to less compliance risk and higher profitability in the banking industry (High CERQual confidence).
All 10 articles reviewed supported this finding. RegTech provides better data quality for reporting fraud, which uses automated procedures to validate the data (Anagnostopoulos 2018; Arner et al. 2017; Hao and Kohlbeck 2013; Mousa and Pinsker 2020; Rapp 2018; Suwardi and Tohang 2017). The presence of central data repositories increased the availability of data and facilitated the use of data analytics to correlate data across multiple, voluminous data sources to find financial fraud patterns more efficiently (Anagnostopoulos 2018; Arner et al. 2017; Barefoot 2020; Jayasuriya et al. 2023; McGlosson and Enriquez 2023; Mousa and Pinsker 2020; Rapp 2018).
The ability to correlate across multiple data sources indicated that RegTech facilitates the quick processing of volumes of data each day to detect fraud which is not possible through human effort, thus reducing operating costs and increasing profitability (Hao and Kohlbeck 2013; Jayasuriya et al. 2023; Mousa and Pinsker 2020). The use of RegTech for compliance procedures led to higher data quality and lower operating costs (Anagnostopoulos 2018; Arner et al. 2017; Barefoot 2020; Jayasuriya et al. 2023; Mousa and Pinsker 2020). Also, Hao and Kohlbeck (2013) suggested that using RegTech for compliance boosts investor confidence resulting in higher trading volume and lower compliance fines, which increased profitability. Overall, the consensus was that RegTech provided higher transparency, intelligence, fast processing, quality, and data retention to detect fraud, leading to better compliance and confidence in the banking industry, which resulted in higher profitability.
Finding 3: Negative impact: RegTech usage leads to information privacy risk (Moderate CERQual confidence).
Four of the 10 articles reviewed, provided evidence to support this conclusion. Anagnostopoulos (2018), Arner et al. (2017), and Barefoot (2020) indicated that the transformation of the financial industry into a digitized data-based industry increases the risk of fraud and cyber-attacks while Jayasuriya et al. (2023) suggested that the use of digital footprints by lenders increases discriminatory lending practices. RegTech uses volumes of data, and anytime data is involved, a lack of appropriate security practices can lead to data leaks, facilitating financial fraud. Subsequently, it is essential to be cautious and control this risk when utilizing RegTech solutions.
To validate the findings, the author used the technique of data triangulation. The findings were triangulated with FINRA’s annual reports (FINRA 2018) and FinCEN’s Suspicious Activity Reports (FinCEN 2023). Comparing findings from this rapid evidence review with the conclusions of the FINRA annual reports indicated that they were similar. Also, FinCEN’s Suspicious Activity Reports (SAR) were checked between 2010 and 2023 to strengthen the findings. Figure 4 shows a 200% increase in SAR filings in 2013 when e-filing (RegTech) was mandated for suspicious activity reports. This correlation suggests that RegTech has played a crucial role in higher levels of detecting and reporting financial fraud and increases the validity and reliability of the findings.
11 Conceptual framework including findings
The conceptual framework in Fig. 5 uses the CIMO model and includes study results. The context of the study is the US banking industry which consists of regulations, regulatory agencies, and financial institutions. The intervention applied is the introduction of RegTech. RegTech usage helped increase the profitability and stability of the US banking industry by providing automated risk assessment and data monitoring, high-quality, transparent data retention, and availability.
12 Conclusions
This research identified that RegTech usage facilitates compliance by banks and consumers leading to higher profitability and stability to the US banking industry by providing better risk assessment and monitoring which helps detect and prevent financial misconduct faster, with lower operating costs and improved compliance with regulations. Vanini et al. (2023) indicated that US banks could lose up to $200 billion in online banking fraud between 2020 and 2024. This loss is in addition to fines of over $200 billion since 2008 for non-compliance with regulations. Identifying weaknesses in compliance with regulations prevents fraud or misconduct from occurring in the future.
Von Solms (2021) suggested that regulatory compliance is critical for financial institutions' market stability and profitability. RegTech plays a crucial role in identifying weaknesses or risks to the banking industry by automating compliance procedures, providing shared databases for reporting, and fast processing of volumes of data to identify patterns indicating fraud. Though RegTech plays a crucial role in detecting financial misconduct and improving the stability and profitability of banks, the regulations were the real drivers of financial stability and profitability.
Regulations without compliance are of no use. Financial institutions would incur significant operating costs to enforce compliance without RegTech (Raghavan, 2007). Enforcement of regulations using RegTech facilitates compliance, thus minimizing the risk of fraud and improving stability and profitability. RegTech usage had positive and negative impacts, but the negative ones were highlighted less.
The significant negative impact of information privacy risk was due to cyber-security issues. In 2014, hackers accessed approximately 83 million accounts in one of the leading financial institutions in the US—J.P. Morgan Chase (Callen-Naviglia and James 2018). In 2019, the accounts of 100 million Capital One customers were accessed (Barrett 2020). These events led to the loss of reputation and hence the profitability and stability of banks and therefore are essential to consider. Also, only one article highlighted discriminatory practices among lenders using digital footprint data, indicating that more research is needed to determine the strength of this concern. Discriminatory practices could lead to discriminatory lawsuits, which again decrease the profitability of financial institutions making discriminatory practices a high priority to investigate and restrict.
13 Practical implications
Three actionable recommendations are suggested based on the evidence presented by this study. These recommendations guide banking industry management, regulatory agencies, and RegTech solution providers.
-
1.
Financial institutions and regulating agencies should use RegTech solutions to:
-
2.
Quickly detect and report fraud patterns (Grassi and Lanfranchi 2022).
-
3.
Assess the risk due to financial misconduct (McGlosson and Enriquez 2023).
-
4.
Automate enforcement of compliance with regulations (Grassi and Lanfranchi 2022).
-
5.
Improve decision times through quick processing and displaying of relevant data. (Anagnostopoulos 2018).
-
6.
Financial institutions and regulating agencies should adhere to the following best practices:
-
a.
Validate RegTech solutions for information privacy risk and other cybersecurity issues before adoption (Regtech Adoption Practice Guide 2023).
-
a.
-
7.
Use solutions that implement MFA (multi-factor authentication).
-
8.
Use solutions that encrypt data in transit.
-
9.
Implement solutions that prevent hacking of central database repositories.
-
10.
Sufficiently mask the information gathered by RegTech/SupTech solutions to avoid discriminatory practices.
-
3.
Evaluate and update RegTech/SupTech solutions based on changing regulations.
-
3.
-
11.
Organize meetings between RegTech/SupTech providers, regulators, and banks to discuss changing regulations and seek a RegTech solution to check for compliance with the regulation before implementation of the regulation. Bagby and Packin (2021) indicated a lag between the legislation and the implementation and adoption of RegTech solutions, leading to lax monitoring. Regular communication between regulators and RegTech providers can prevent this lag.
-
12.
Test implementation of regulations on sandboxes before adopting them.
-
13.
Test AI solutions on sandboxes before implementing them (Truby et al. 2022).
RegTech has positively and significantly impacted the US banking industry by minimizing financial misconduct and hence improving the profitability and stability of the industry. However, RegTech solutions should evolve with the changing regulations and technology and address information privacy risk concerns to continue the positive impact on the banking industry.
14 Theoretical implications
The agency theory was adapted to explain banking governance using RegTech solutions. The agency theory postulates that a. the agency reduces its loss by resolving the conflict between the agency and the principal b. there is information asymmetry between the principal and agent since the agent has more information than the principal c. there is agency risk since the activities of the agent may not align with the interests of the principal. This study’s findings indicated that resolving the conflict of interests between the regulating agency (principal) and the banking industry (agency) through RegTech solutions reduced financial fraud and operating costs, thus reducing the loss for the banking industry and confirming the agency theory's postulates. The study indicates that RegTech helped resolve conflicts of interest between regulatory authority and financial institutions, and between consumers and financial institutions by minimizing information asymmetry between the agent and the principal. RegTech’s ability to sift through massive data helped align the interests of the principal and agent by highlighting discrepancies in an automated manner.
15 Limitations and future research
There are limitations to this study. The first limitation is that the rapid evidence assessment methodology utilized may require the inclusion of more articles to gain a complete perspective. Multiple databases were queried with different search strings to overcome this limitation. The second limitation is that the study is limited to the US banking industry, governed by a separate set of regulations from other countries; hence, it may not be possible to generalize the study to other countries. The third limitation is that the study looks solely at the impact of regulatory technology and does not consider the impact of regulations and the growth of financial technology on financial misconduct.
Potential areas for future research would be to analyze the impact of AI-based RegTech solutions in detecting fraud and formulating banking regulations, analyze the impact of regulations, RegTech, and FinTech on financial misconduct, and analyze if high data availability leads to discriminatory practices.
Availability of data and materials
All data generated or analyzed during this study are available from the corresponding author upon reasonable request.
Abbreviations
- AI:
-
Artificial intelligence
- AML:
-
Anti-Money laundering
- API:
-
Application programming interface
- BSA:
-
Bank secrecy act
- CAQDAS:
-
Computer-Aided qualitative data analysis software
- CEO:
-
Chief executive officer
- CERQual:
-
Confidence in the evidence from reviews of qualitative research
- CFT:
-
Counter financing of terrorism
- CIMO:
-
Context, intervention, method, outcome
- FCA:
-
Financial conduct authority
- FDI:
-
Federal deposit insurance
- FDIC:
-
Federal deposit insurance corporation
- FinCEN:
-
Financial crime enforcement network
- FinTech:
-
Financial technology
- FINRA:
-
Financial industry regulatory authority
- KYC:
-
Know your customer
- JSTOR:
-
Journal storage
- MFA:
-
Multi-Factor authentication
- MMAT:
-
Mixed methods appraisal tool
- NLP:
-
Natural language processing
- OMI:
-
Office of market intelligence
- PRISMA:
-
Preferred reporting items for systematic reviews and meta-analyses
- REA:
-
Rapid evidence analysis
- RegTech:
-
Regulatory technology
- SAR:
-
Suspicious activity reports
- SEC:
-
Security and exchange commission
- SR:
-
Systematic review
- SSRN:
-
Social science research network
- SupTech:
-
Supervisory technology
- TAPUPASM:
-
Transparency, accuracy, purposivity, utility, propriety, accessibility, specificity, modified objectivity
- US:
-
United States
- XBRL:
-
Extensible business reporting language
References
Anagnostopoulos, I. 2018. Fintech and Regtech: impact on regulators and banks. Journal of Economics and Business 100: 7–25. https://doi.org/10.1016/j.jeconbus.2018.07.003.
Arner, D. W., Barberis, J., & Buckley, R. (2017). Fintech, Regtech, and the reconceptualization of financial regulation. Northwestern Journal of International Law & Business, 37(3). https://scholarlycommons.law.northwestern.edu/cgi/viewcontent.cgi?article=1817&context=njilb
Atkinson, J. (2002). Four steps to analyse data from a case study method. ACIS Proceedings. https://aisel.aisnet.org/acis2002/38/
Bagby, J., & Packin, N. (2021). Regtech and predictive lawmaking: Closing the Reglag between prospective regulated activity and regulation. Michigan Business & Entrepreneurial Law Review, 10(2), 127. https://doi.org/10.36639/mbelr.10.2.regtech
Barefoot, J. A. (2020). Digitizing financial regulation: Regtech as a solution for regulatory inefficiency and ineffectiveness. https://www.hks.harvard.edu/centers/mrcbg/publications/awp/awp150
Barends, E., Rousseau, D. M., & Briner, R. B. (2017). CEBMa guideline for rapid evidence assessments in management and organizations. Center for Evidence Based Management. www.cebma.org/guidelines/
Barrett, D. (2020). Capital One fined $80 million for 2019 hack of 100 million credit card applications. The Washington Post. https://www.washingtonpost.com/national-security/capital-one-fined-2019-hack/2020/08/06/90c2c836-d7f3-11ea-aff6-220dd3a14741_story.html
Bhattacherjee, A. (2012). Social science research: Principles, methods, and practices. Open Textbook Library. https://digitalcommons.usf.edu/oa_textbooks/3
Blankespoor, E., B. Miller, and H. White. 2014. Initial evidence on the market impact of the XBRL mandate. Review of Accounting Studies 10: 1468–1503. https://doi.org/10.1007/s11142-013-9273-4.
Brooks, D., and M. McNeely. 2013. The importance of transparent reporting of systematic reviews. Physiotherapy Canada 65 (1): 1–2. https://doi.org/10.3138/ptc.65.1.GEE.
Bustin, S.A., and T. Nolan. 2016. Improving the reliability of peer-reviewed publications: We are all in it together. Biomolecular Detection and Quantification 7: A1–A5. https://doi.org/10.1016/j.bdq.2015.11.002.
Callen-Naviglia, J., & James, J. (2018). Fintech, Regtech and the importance of cybersecurity. Issues In Information Systems, 19(3), 220–225. https://doi.org/10.48009/3_iis_2018_220-225
Chaly, S., Hennessy, J., Menand, L., Stiroh, K., & Tracy, J. (2017). Misconduct Risk, Culture, and Supervision. Federal Reserve Bank of New York.
Chen, Lu., and H., & Sougiannis, T. 2012. The Agency problem, corporate governance, and the asymmetrical behavior of selling, general, and administrative costs*: The agency problem and SG&A costs. Contemporary Accounting Research 29 (1): 252–282. https://doi.org/10.1111/j.1911-3846.2011.01094.x.
Chen, Y.-C. (2010). Realizing the Full Potential of XBRL in Government: Case Studies of XBRL Implementation. Financial Management Series: IBM Center for the Business of Government. https://www.businessofgovernment.org/sites/default/files/ChenXBRLReport.pdf
Costa, E., Soares, A. L., & de Sousa, J. P. (2018). Exploring the CIMO-Logic in the Design of Collaborative Networks Mediated by Digital Platforms. In L. M. Camarinha-Matos, H. Afsarmanesh, & Y. Rezgui (Eds.), Collaborative Networks of Cognitive Systems (Vol. 534, pp. 266–277). Springer International Publishing. https://doi.org/10.1007/978-3-319-99127-6_23
Crawford, C., C. Boyd, S. Jain, R. Khorsan, and W. Jonas. 2015. Rapid Evidence Assessment of the Literature (REAL©): Streamlining the systematic review process and creating utility for evidence-based health care. BMC Research Notes 8 (1): 631. https://doi.org/10.1186/s13104-015-1604-z.
di Castri, S., Grasser, M., & Kulenkampff, A. (2018). Financial authorities in the era of data abundance Regtech for regulators and Suptech solutions. SSRN. https://bfaglobal.com/wp-content/uploads/2020/01/R2AWhitePaper-1.pdf
Dodd-Frank Act’s effects on financial services competition. (2012). https://www.govinfo.gov/content/pkg/CHRG-112hhrg74976/pdf/CHRG-112hhrg74976.pdf
Drgon, M., Georgiou, L., & Kiayias, A. (2021). Securing DLT-based KYC via randomised audits. Journal of Digital Banking, 6(2), 181–192. https://ideas.repec.org/a/aza/jdb000/y2021v6i2p181-192.html
FDIC. (2023). Risk management manual of examination policies. FDIC. https://www.fdic.gov/regulations/safety/manual/section15-1.pdf
Ferreira, C., Jenkinson, N., & Wilson, C. (2019). From Basel I to Basel III (IMF Working Paper) [Working Paper]. IMF. https://www.imf.org/en/Publications/WP/Issues/2019/06/14/From-Basel-I-to-Basel-III-Sequencing-Implementation-in-Developing-Economies-46895
Feyen, E., Natarajan, H., Heffernan, R. P., Saal, M., & Sarkar, A. (2022). World Bank Group Global Market Survey: Digital Technology and the Future of Finance. World Bank. https://documents.worldbank.org/en/publication/documents-reports/documentdetail/099735404212273637/p1730060bfa4c60010b833091f0f2fe2fc8
FinCEN. (2023). Suspicious Activity Report Statistics . FinCEN. https://www.fincen.gov/reports/sar-stats
FINRA. (2018). Technology based innovations for regulatory compliance (RegTech) in the securities industry (Regtech Report, p. 13). FINRA. https://www.finra.org/sites/default/files/2018_RegTech_Report.pdf
Fletcher, E., Larkin, C., & Corbet, S. (2021). Countering money laundering and terrorist financing: A case for bitcoin regulation. Research in International Business and Finance, 56. edselp. https://doi.org/10.1016/j.ribaf.2021.101387
Friese, S., J. Soratto, and D. Pires. 2018. Carrying out a computer-aided thematic content analysis with Atlas.ti. 18. https://pure.mpg.de/rest/items/item_2582914_5/component/file_2582912/content
Goodman, J., M. Gary, and R. Wood. 2014. Bibliographic search training for evidence-based management education: A review of relevant literatures. The Academy of Management and Education 13 (3): 322–353. https://doi.org/10.5465/amle.2013.0188.
Gough, D. 2007. Weight of evidence: A framework for the appraisal of the quality and relevance of evidence. Research Papers in Education 22 (2): 213–228. https://doi.org/10.1080/02671520701296189.
Gough, D., J. Thomas, and S. Oliver. 2012. Clarifying differences between review designs and methods. Systematic Reviews 1 (1): 28. https://doi.org/10.1186/2046-4053-1-28.
Gough, D., Oliver, S., & Thomas, J. (2017). An introduction to systematic reviews (2nd ed.). SAGE Publications Ltd.
Grassi, L., and D. Lanfranchi. 2022. RegTech in public and private sectors: The nexus between data, technology and regulation. Journal of Industrial and Business Economics 49 (3): 441–479. https://doi.org/10.1007/s40812-022-00226-0.
Grewal, A., H. Kataria, and I. Dhawan. 2016. Literature search for research planning and identification of research problem. Indian Journal of Anaesthesia 60 (9): 635. https://doi.org/10.4103/0019-5049.190618.
Haddaway, N.R., M.J. Page, C.C. Pritchard, and L.A. McGuinness. 2022. PRISMA2020: An R package and Shiny app for producing PRISMA 2020-compliant flow diagrams, with interactivity for optimised digital transparency and open synthesis. Campbell Systematic Reviews 18 (2): e1230. https://doi.org/10.1002/cl2.1230.
Hao, L., and M.J. Kohlbeck. 2013. The market impact of mandatory interactive data: Evidence from bank regulatory XBRL filings. Journal of Emerging Technologies in Accounting 10 (1): 41–62. https://doi.org/10.2308/jeta-50634.
Haynes, R.B., and N.L. Wilczynski. 2004. Optimal search strategies for retrieving scientifically strong studies of diagnosis from Medline: Analytical survey. BMJ 328 (7447): 1040. https://doi.org/10.1136/bmj.38068.557998.EE.
Hong, Q.N., S. Fàbregues, G. Bartlett, F. Boardman, M. Cargo, P. Dagenais, M.-P. Gagnon, F. Griffiths, B. Nicolau, A. O’Cathain, M.-C. Rousseau, I. Vedel, and P. Pluye. 2018. The Mixed Methods Appraisal Tool (MMAT) version 2018 for information professionals and researchers. Education for Information 34 (4): 285–291. https://doi.org/10.3233/EFI-180221.
Howell, B. 2022. Regtech rising [NASDAQ]. https://www.nasdaq.com/articles/regtech-rising
Hrynaszkiewicz, I. (2014). Data Descriptors: Providing the necessary information to make data open, discoverable and reusable. https://blogs.lse.ac.uk/impactofsocialsciences/2014/10/22/data-descriptors-open-discoverable-nature/
Iqbal, J., S. Strobl, and S. Vähämaa. 2015. Corporate governance and the systemic risk of financial institutions. Journal of Economics and Business 82: 42–61. https://doi.org/10.1016/j.jeconbus.2015.06.001.
Jayasuriya, D.D., M. Ayaz, and M. Williams. 2023. The use of digital footprints in the US mortgage market. Accounting & Finance 63 (1): 353–401. https://doi.org/10.1111/acfi.12946.
Karpoff, J.M. 2021. The future of financial fraud. Journal of Corporate Finance 66: 101694. https://doi.org/10.1016/j.jcorpfin.2020.101694.
Kepes, S., A. Bennett, and M. Mcdaniel. 2014. Evidence-based management and the trustworthiness of our cumulative scientific knowledge: Implications for teaching, research, and practice. Academy of Management Learning and Education, the 13: 446–466. https://doi.org/10.5465/amle.2013.0193.
Kurum, E. 2023. RegTech solutions and AML compliance: What future for financial crime? Journal of Financial Crime 30 (3): 776–794. https://doi.org/10.1108/JFC-04-2020-0051.
Lewin, S., M. Bohren, A. Rashidian, H. Munthe-Kaas, C. Glenton, C.J. Colvin, R. Garside, J. Noyes, A. Booth, Ö. Tunçalp, M. Wainwright, S. Flottorp, J.D. Tucker, and B. Carlsen. 2018. Applying GRADE-CERQual to qualitative evidence synthesis findings—paper 2: How to make an overall CERQual assessment of confidence and create a Summary of Qualitative Findings table. Implementation Science 13 (S1): 10. https://doi.org/10.1186/s13012-017-0689-2.
Lynn, T., Mooney, J. G., Rosati, P., & Cummins, M. (Eds.). (2019). Disrupting finance: Fintech and strategy in the 21st century. Springer International Publishing. https://doi.org/10.1007/978-3-030-02330-0
Marina A. Aksenova. (2022). Legal support of anti-money laundering and terrorism financing regime in the conditions of new technologies integration. RUDN Journal of Law, 26(1), 112–128. edsdoj. https://doi.org/10.22363/2313-2337-2022-26-1-112-128
McGlosson, C., & Enriquez, M. (2023). Financial industry compliance with Big Data and analytics. Journal of Financial Compliance, 3(2), 103–117. https://www.sec.gov/dera/academic-publications
McGrath, J., & Walker, C. (2022). Regulating ethics in financial services: Engaging industry to achieve regulatory objectives. Regulation & Governance, rego.12482. https://doi.org/10.1111/rego.12482
Micheler, E., & Whaley, A. (2020). Regulatory Technology: Replacing Law with Computer Code. European Business Organization Law Review, 21(2), 349–377. asn. https://doi.org/10.1007/s40804-019-00151-1
Mitnick. (2006). Origin of the theory of agency. https://sites.pitt.edu/~mitnick/agencytheory/agencytheoryoriginrev11806r.htm
Moons, P., E. Goossens, and D.R. Thompson. 2021. Rapid reviews: The pros and cons of an accelerated review process. European Journal of Cardiovascular Nursing 20 (5): 515–519. https://doi.org/10.1093/eurjcn/zvab041.
Mousa, R., and R. Pinsker. 2020. A case study of XBRL implementation and development at the Federal Deposit Insurance Corporation (FDIC). Qualitative Research in Accounting & Management 17 (2): 263–291. https://doi.org/10.1108/QRAM-12-2018-0096.
Munro, A.K., E.C. Hunter, S.Z. Hossain, and M. Keep. 2021. A systematic review of the menstrual experiences of university students and the impacts on their education: A global perspective. PLoS ONE 16 (9): e0257333. https://doi.org/10.1371/journal.pone.0257333.
Phillips, P. J., & McDermid, B. (2021). FinTech, terrorism-related fund transfers and behavioural finance. Dynamics of Asymmetric Conflict, 14(3), 226–246. pbh. http://ezproxy.umgc.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=pbh&AN=153023695&site=eds-live&scope=site
Raghavan, K. 2007. A survey of corporate governance and overlapping regulations in banking. International Journal of Disclosure and Governance 4 (3): 181–194. https://doi.org/10.1057/palgrave.jdg.2050058.
Rapp, G. C. (2018). Intelligence design: An analysis of the SEC’s new office of market intelligence and its goal of using big data to improve securities enforcement. University of Cincinnati Law Review, 82, 415–441. https://ssrn.com/abstract=2473576
Regtech adoption practice guide. (2023). Hong Kong Monetary Authority. https://www.hkma.gov.hk/media/eng/doc/key-information/press-release/2021/20210617e5a1.pdf
RegTech market—Global forecast to 2026. (2022). Markets and Markets. https://www.marketsandmarkets.com/Market-Reports/regtech-market-63447434.html
Rousseau, D.M. 2006. Is there such a thing as “Evidence-Based Management”? Academy of Management Review 31 (2): 256–269. https://doi.org/10.5465/amr.2006.20208679.
Ryan, G., and J. Rutty. 2019. Philosophy and quality? TAPUPASM as an approach to rigour in critical realist research. Nurse Researcher 27 (1): 33–40. https://doi.org/10.7748/nr.2019.e1590.
Sater, S. 2020. Do we need KYC/AML: The Bank Secrecy Act and virtual currency exchanges. Arkansas Law Review 73 (2). https://scholarworks.uark.edu/alr/vol73/iss2/5
Sefried, M., and J. Riepe. 2023. The benefits of banks’ IT investments in times of trouble: Evidence from loan loss accruals during the Covid-19 pandemic. Journal of Business Economics 93 (1–2): 149–171. https://doi.org/10.1007/s11573-022-01100-0.
Siering, M. 2022. Explainability and fairness of RegTech for regulatory enforcement: Automated monitoring of consumer complaints. Decision Support Systems 158: 113782. https://doi.org/10.1016/j.dss.2022.113782.
Skjott, M., and S. Korsgaard. 2019. Coding qualitative data: A synthesis guiding the novice. Qualitative Research Journal 19 (3): 259–270. https://doi.org/10.1108/QRJ-12-2018-0012.
Smolenski, N. (2023). Regulators shutdown banks raising questions about neutrality. Forbes. https://www.forbes.com/sites/digital-assets/2023/03/17/regulators-shut-down-banks-raising-questions-about-neutrality/
Soldatos, J., & Kyriazis, D. (2022). Big Data and Artificial Intelligence in Digital Finance. Springer Nature; edsdob. https://doi.org/10.1007/978-3-030-94590-9
Suwardi, A., & Tohang, V. (2017). An analysis of XBRL adoption towards systemic risk of financial institutions listed in NYSE. Australasian Accounting, Business and Finance Journal, 11(4), 23–37. https://doi.org/10.14453/aabfj.v11i4.3
Thakor, A.V. 2020. Ethics, culture and higher purpose in banking: Post-crisis governance developments. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3554121.
Truby, J., R.D. Brown, I.A. Ibrahim, and O.C. Parellada. 2022. A sandbox approach to regulating high-risk artificial intelligence applications. European Journal of Risk Regulation 13 (2): 270–294. https://doi.org/10.1017/err.2021.52.
Tsang, C.-Y., & Yang, Y.-P. (2018). Regtech and the new era of financial regulators: Envisaging more public-private-partnership models of financial regulators. University of Pennsylvania Journal of Business Law, 21(2), 51. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3382005
Tuch, A. F. (2018). The self-regulation of investment bankers. The George Washington Law Review, 83. https://doi.org/10.2139/ssrn.2432601
Turki, M., Hamdan, A., Cummings, R. T., Sarea, A., Karolak, M., & Anasweh, M. (2020). The regulatory technology “RegTech” and money laundering prevention in Islamic and conventional banking industry. Heliyon, 6(10). edselp. https://doi.org/10.1016/j.heliyon.2020.e04949
U.S.C. (1950). Federal Deposit Insurance Act. FDIC. https://www.govinfo.gov/content/pkg/COMPS-265/uslm/COMPS-265.xml
U.S.C. (1970). Bank Secrecy Act. https://www.ots.treas.gov/topics/supervision-and-examination/bsa/index-bsa.html
Vanini, P., S. Rossi, E. Zvizdic, and T. Domenig. 2023. Online payment fraud: From anomaly detection to risk management. Financial Innovation 9 (1): 66. https://doi.org/10.1186/s40854-023-00470-w.
Varker, T., D. Forbes, L. Dell, A. Weston, T. Merlin, S. Hodson, and M. O’Donnell. 2015. Rapid evidence assessment: Increasing the transparency of an emerging methodology. Journal of Evaluation in Clinical Practice 21 (6): 1199–1204. https://doi.org/10.1111/jep.12405.
Von Solms, J. 2021. Integrating Regulatory Technology (RegTech) into the digital transformation of a bank Treasury. Journal of Banking Regulation 22 (2): 152–168. https://doi.org/10.1057/s41261-020-00134-0.
Acknowledgements
The author thanks Dr. Denise Breckon for her valuable support.
Funding
Not applicable.
Author information
Authors and Affiliations
Contributions
The author read and approved the final manuscript.
Corresponding author
Ethics declarations
Competing interests
The author declares that they have no competing interests.
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Jeyasingh, B.B.F. Impact of RegTech on compliance risk due to financial misconduct in the United States banking industry. DESD 1, 24 (2023). https://doi.org/10.1007/s44265-023-00024-z
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s44265-023-00024-z