Legacy trade surveillance and compliance systems can hinder a firm’s ability to respond nimbly to new market and regulatory pressures. In this Compliance in Focus Q&A, Jeff Bell, Chief Operating Officer at Eventus, and Josh Bosquez, the firm’s Chief Technology Officer, explore the advantages of moving to a more modern RegTech system.
How much do today’s firms rely on legacy RegTech systems for market surveillance and compliance?
Jeff Bell: Many capital markets firms historically built their own internal trade surveillance systems either for lack of suitable vendor options or for competitive advantage reasons. In recent years, the balance between build versus buy may have shifted as more vendor platforms have become available, but there remains a large proportion of firms that are using internal builds as their primary system or to supplement legacy vendors that are not keeping pace with their needs.
Josh Bosquez: When something is not part of a firm’s core business, it generally receives a lower budget for technology implementation. Often, when it came to compliance and trade surveillance, firms had to cobble together scripts and may not have been able to afford top talent. Firms built technology to handle their use cases, but these systems became outdated very quickly as industry trends moved on. They were missing the elements of scalability, resiliency, and elasticity, and the cost economics were not ideal.
Jeff: In that model, firms also spend little time thinking about the costs of building internally. These are sunk resources—they have hired the team so will use them as much as possible–but there are ongoing costs. Whereas it might be better to think about external software and to maximize those tools and resources.
What are the most common pitfalls that firms experience from relying heavily on legacy RegTech systems?
Josh: Generally, there is a lack of flexibility. When firms build these trade surveillance platforms, they are laser-focused on the problem at hand, and if they do not take the time to build in a modular fashion, it can be difficult to add new features later. This lack of flexibility impacts time to market, making the firms slower to react to market changes or new regulations. Similarly, a legacy vendor that was a good fit years ago maybe is no longer flexible and responsive to current needs.
Jeff: If a firm is slower than others to react to new regulation it can hurt their competitiveness. In a regulated environment, firms cannot advance their business or move into new markets without having the proper risk controls and trade surveillance in place. Firms need to think of surveillance in terms of meeting regulatory and compliance requirements but also how it enables their business to expand. Compliance teams do not want to be impediments to business growth.
“Firms need to think of surveillance in terms of meeting requirements but also how it enables their business to expand. Compliance teams do not want to be impediments to business growth.” – Jeff Bell
What is the biggest obstacle impeding a firm’s decision to move away from a legacy RegTech system?
Jeff: The biggest obstacle is probably a lack of full accounting of the costs of continuing to use a legacy system. Without a proper accounting, it may look like the trade surveillance vendor solution costs X, while the internal solution is just something the team of people downstairs takes care of.
We also hear some concerns about privacy and security matters. Surveillance tools take in sensitive information, including trading strategies. Security must go hand in hand with trade surveillance.
Josh: It is also about resources—whether that is cost, time, or people as a resource. Firms may have 30 different pain points with their old system, but they lack the time to even think of a new solution. Compliance teams are already constrained with the day-to-day operations. They have poured all their knowledge and efforts over the last 10 or 15 years into the legacy system, and migrating over to a new system can be a big project, which some may feel is too heavy a lift.
Jeff: There is also competition over resources within firms. Compliance teams may want to go with a vendor, but the technology team says they can build it in house. Eventus saw growth in its business when Covid hit, because technology teams were busy with new issues like teleworking and migration to the cloud, and they were less able to meet all the firm’s compliance technology needs. In truth, technology teams will always face new issues so they continually risk giving insufficient attention to existing systems.
What is the common catalyst for firms deciding to move to a vendor solution?
Jeff: Usually something has changed in their business that they cannot adapt to quickly. That could be a new business line, an acquisition, changes in the regulatory environment, new rules, or enforcement requirements. These are all primary drivers. It is not that they cannot do it, but more that they feel enough is enough and they require more flexibility.
Josh: Decisions are also driven by what is happening in the market in terms of layoffs and cost cutting, and the understanding of cost efficiencies that can be gained from a total cost of ownership perspective. They start to look at whether they can get a leap on their competition if they move to a RegTech vendor solution, while all firms are tightening their belts.
What advantages or benefits could a firm achieve by moving to newer compliance technologies?
Josh: In addition to scalability, flexibility, and resiliency, moving to newer technologies brings greater operational efficiency. Legacy systems may require compliance teams of up to 20 people just to keep them running. By leveraging newer technologies and platforms on the cloud, firms can focus less on maintenance and more on features that drive their business forward. They can handle customer demands and regulatory changes more easily.
How can a firm get started on a strategy to move away from legacy RegTech systems?
Jeff: They can start by making sure they truly know the TCO–total cost of ownership–of their existing systems and their current pain points. Then their compliance team should take a hard look at their risk assessment relative to their data and surveillance to identify any gaps. From there, they will be well-equipped to talk to several vendors, like Eventus, to ask for demos and ask hard questions about scale, surveillance coverage, and security of various options. The vendor can walk them through the advantages of using the system and help them build the business case to take back to internal stakeholders.
Within a firm there are often highly skilled experts, who are very focused on the way their firm operates. They understand their technology stack, their business unit, and their business. But sometimes it is helpful to get different perspectives on how else these problems can be solved. Vendors can bring those varied perspectives from across the marketplace.
Josh: Firms should shop the market, see what others are doing, and learn what modernization of these systems looks like. The more they educate themselves on where the market is and where it is going, the better they can navigate their business to a more modern approach.