4 November 2016

Address to the Fintech Australia Summit, Melbourne


Check against delivery


It's great to be here today at the FinTech Australia's inaugural national summit, 'FinTech Australia Collab/Collide 2016'.

Today I want to talk further about the collision and collaboration between regulation and technology – RegTech – especially in financial services.

In a world of mounting cynicism and growing mistrust, our institutions must find ways to build trust with their customers and the community.

In response to cases of corporate scandals, governments around the world have imposed ever heavier compliance requirements on business, especially those in financial services.

There is of course an important role for increased compliance and we must ensure the strictest governance and macro-prudential regulation of our financial institutions but we must always be mindful in public policy of unintended consequences.

By automatically defaulting to increase the compliance burden on the financial sector, we need to acknowledge that this also ultimately increases the cost burden on the consumer and the economy.

And the costs on the financial sector have certainly increased.

According to industry estimates, financial institutions globally spend more than US$70 billion on compliance annually and the costs for regulatory compliance and governance software across the global industry are expected to approach US$120 billion by 2020, more than half of which will occur in consulting and business services.

It is estimated that from the 2008 financial crisis through 2015, the annual volume of regulatory publications, changes, and announcements increased a staggering 492 per cent.

Rising and excessive regulatory and compliance costs can act as a barrier to new entrants which can deny competition and protect entrenched players as well as frustrating the development of innovative solutions that can benefit consumers and our economy.

Together, these inefficiencies impact negatively on our productivity and curtail Australia's economic growth, which in turn undermines our standard of living.

Also, when you look at the forest of regulation and compliance that currently exists you have to wonder who is it really trying to help? Is it really seeking to protect and ensure a more informed consumer, or simply tick boxes to indemnify the regulator or service provider?

As consumer expectations and commercial offerings are changing and advances in FinTech place new pressures, our risk, regulation and compliance systems need to adapt and evolve.

Better utilising technology in regulation can help us better achieve our regulatory goals, avoid the drag effects on productivity, competition and innovation and deliver lower costs and more reliable protections for consumers and the economy. That's our RegTech mission.

Consumer Benefits of RegTech

When I launched the Turnbull Government's FinTech position paper, Backing Australian FinTech, I set out the enormous potential benefits of new technology in our financial sector.

As we move through the implementation and progress of many of the issues and recommendations contained in that paper, we are also identifying and trying to capture the potential benefits of technological developments and innovation in regulation.

Already we are seeing our financial institutions, both start-ups and incumbents, applying FinTech solutions such as cloud computing, blockchain, machine learning, Application Programming Interfaces and innovations in cryptography to reduce costs and friction, enhance security and enable new products and services.

At the same time as they support innovation in products and services, these digitised transactions support greater audit capability, transparency in payments systems and security in transactions by reducing risks that can actually help reduce some of the burden of regulation.

In the online and digitised world, de-risking and de-regulating an environment actually go hand in hand.

In this digital and online environment RegTech can provide enhanced regulatory compliance by building it into an organisation's key business practices and operations.

All financial institutions, including FinTech start-ups, need to realise that operational risk includes poor conduct and lack of control and not just systems and processes.

Conduct risk is a key emerging area of focus and opportunity within financial institutions as the very real costs of scandals and the compliance with regulatory responses impacts on tight margins and low growth forecasts.

Banks especially need to integrate the disparate, often functional and sometimes ad hoc data generated by or provided to the risk, audit or other areas of the business.

The regulatory technology of FinTech can combine compliance, risk, business strategy and corporate culture objectives to drive performance.

With seamless integration of commercial and regulatory activities, compliance and risk management have become part of the day-to-day business activities of our financial institutions.

This embedded RegTech capability of 'compliance by design' helps to drive down the overall cost of compliance and improve the accuracy of risk assessments and commercial activities.

RegTech can support an organisation's systems and processes and support the controls that help mitigate these risks. So when successfully implemented, 'compliance by design' can increase the confidence of regulators, consumers and the community in the activities and behaviour of Australia's financial institutions.

Combined with the use of adaptive RegTech solutions such as Artificial Intelligence and machine learning, financial services providers can reduce error and fraud and improve consumer protections.

These systems can monitor trades in real time and even adaptively, learn behaviour patterns and raise the alarm when individuals, and thereby the system, does something outside of the protocols.

RegTech can help overcome what ASIC Deputy Chairman Peter Kell identified as the 'traditional' approaches to retail financial market regulation, which involved a heavy reliance on the use of disclosure as a regulatory tool.

When a customer ticks the box confirming that they understand the terms and conditions of the offer, we need to be really sure that they do understand what they're committing to.

Through 'compliance by design' financial systems and processes can have checks or proof-points built in the system that would give real effect to these consumer protection measures and in a much better way than what Deputy Chairman Kell has called the "anything goes as long as you disclose" approach of the past.

For example, if a customer ticks "yes" to understanding the financial offering but then as an applicant they make an obvious mistake in an online form, then an automated red flag would be raised about their true level of understanding.

In this way the system can identify risks and have mitigation protocols to manage and reduce those risks without resorting to producing larger amounts of disclose documents.

This is consistent with the Government's approach to compliment disclosure with other consumer protection tools, such as through the financial product design and distribution obligations recommended by the Financial System Inquiry.

This could also apply to the accuracy of information provided and/or entered.

Imagine the accuracy and certainty of an online application system where the customer or the employer doesn't manually enter any financial data.

A recent UBS survey found that more than a quarter of Australian home buyers admit misstating some information when submitting a home loan application.

The automated populating of recent and average salary data, with loan history, could remove overestimating or incorrectly entered information of repayment capacity.

In this way the use of more sophisticated and adaptive RegTech can assist credit providers in meeting their responsible lending obligations.

The National Consumer Credit Protection Act 2009 provides that holders of a credit licence must make reasonable inquiries and conduct an assessment that the credit contract is not unsuitable for the consumer.

The contract will be unsuitable where either it:

  • does not meet the consumer's requirements and objectives; or
  • where the consumer will be unable to meet their financial obligations under the loan, either at all, or only with substantial hardship.

Certain steps that credit providers must take in meeting their responsible lending obligations could be automated, such as checking a customer's existing financial situation and automatically populating data, potentially providing for a more accurate, complete picture of a consumer's circumstances.

In this way RegTech has the potential to reduce the human resource required to maintain compliance through the automation of low-value processes, enabling verified complex data to be accessed quickly, and formatted to aid analysis.

Using new technologies to solve regulatory and compliance burdens more effectively and efficiently has the potential to create new efficiencies in the financial system because it will help create a regulatory system in Australia which is more technologically advanced.

The automation of compliance with RegTech has the potential to overcome individual foibles and human error in a way that provides the quantum leap in culture and compliance that our regulators, customers, policy makers and the community are increasingly demanding.

Community Benefits of RegTech

RegTech offers to both enhance consumer confidence through a better customer experience and promote more seamless compliance reporting through a more sustainable regulatory technology landscape.

According to KPMG FinTech global co-lead, Ian Pollari:

"I think we'll see a lot more in that RegTech space. Because big banks have thrown bodies at getting over the compliance burden, but that's not sustainable in a world where there's a lot of pressure on returns and reducing costs."

Regulatory technology helps market participants and operators comply with regulations as efficiently and effectively.

Advanced regulatory data analytics allows big data to be examined in new ways, leading to more meaningful Management Information (MI) and insights into regulatory practices, rationale and further enhancements.

RegTech uses analytic tools to intelligently mine big data to maximise the potential benefits of consumers going digital and the data they generate and use.

Digitalisation is nothing new, but the ever-increasing expectations of customers and their speedy acceptance of digital tools is.

With mobile devices offering the same functionality as desktop computers, users expect to be able to complete all their tasks in a single process.

If they need to prove who they are, they don't want to go back to finding paper copies of birth certificates and going through the hassle of getting them verified.

We all want and expect in the modern age a simple process of verifying our identity online.

Today's customers are far more comfortable with the prospect of biometric forms of identification and verification documents to create accounts, which they then access and use on mobile devices.

In the United States, the Office of the Comptroller of the Currency is encouraging "responsible innovation" as central to its mission to ensure financial institutions operate in a safe-and-sound manner, provide fair access to financial services, treat customers fairly, and comply with applicable laws and regulations.

Our regulatory system needs to stay up to date to ensure that we are covering off on technological developments in financial services through associated advances in regulatory technology.

A Stronger Financial System

The strength of our banking and financial system is not something you can take for granted or allow to be used as a populist, political plaything. It is core to securing our economic resilience in an uncertain global environment.

The Turnbull Government recognises that ensuring Australians retain faith in our financial institutions and the decisions they are taking is central to ensuring the ongoing strength of our banking and financial system.

That is why we have taken action through our conduct and ongoing response to the Murray Financial System Inquiry. It is why we have strengthened the powers and resources of ASIC, which has not just the investigative and reporting powers of a Royal Commission but also the ability to prosecute and otherwise act against those responsible for malfeasance in the banking and financial sector.

It is why the Ramsay Review will soon make recommendations to the Government for a more accessible, streamlined system for consumers to have their cases heard and resolve disputes with their banks and other financial service providers on a more level playing field.

It is why our major banks are now required to participate, at least annually, in public hearings of the House of Representatives Standing Committee on Economics. As we saw in the first round of hearings, this process provided an opportunity for the banks to recognise their broader accountabilities, explain their decisions and practices, acknowledge where there have been failures and explain what they are doing to restore community trust and faith and achieve culture change in their profession.

A proactive RegTech agenda builds on these initiatives to strengthen our banking and financial system and thereby increase our economic resilience.

According to the Institute of International Finance the following issues in compliance and regulatory reporting could benefit from the development of RegTech solutions:

  1. Provide greater risk data aggregation as required for capital and liquidity reporting, for RRP and for stress testing.
  2. Support improved modelling, scenario analysis and forecasting as required for stress testing and risk management.
  3. Address bottlenecks in monitoring payment transactions (particularly in real-time) that complicates automated interpretation of transactions metadata to recognise money laundering and terrorism financing.
  4. Improved identification of clients and legal persons, as required by know-your-customer regulations.
  5. Greater monitoring of a financial institution's internal culture and behaviour and ensuring compliance with customer protection processes.
  6. Conducting regulatory tasks such as margins calculation, choice of trading venue, choice of central counterparty, and assessing the impact of a transaction on their institution's exposures.
  7. More automated identification of new regulations, interpretation of their implications and allocation of the different compliance obligations to the responsible units across the organisation.

All of these RegTech opportunities can help better manage, operational risk, trading risk, credit risk, reputational risk, payment risk, fraud and crime prevention, and systemic risk.

Commercial Benefits of RegTech

RegTech also helps regulation add value for business.

At the blockchain summit in Melbourne this year one financial service provider observed;

"Compliance isn't just a nuisance that comes along afterwards and shuts down all the good and exciting work you've done. Done properly, a strong GRC [governance, risk, compliance] framework enables the delivery of disruptive technology, keeps you ahead of the competition, and proves a differentiator in the market."

Through the ever evolving power of new technology and innovation, RegTech offers much more than improved compliance, or even continuous reporting monitoring.

New and innovative RegTech systems can deliver insights that have the potential to significantly improve services and reduce costs.

RegTech has the potential to deliver close to real-time insights, through deep learning and artificial intelligence filters, into the functioning of the market.

New regulatory technology can change culture and behaviours to improve compliance and productivity. It can potentially identify problems in advance to avoid negative incidents, misdemeanours and poor performance which harms the market and consumers.

Machine learning can help compliance algorithms become more powerful over time so that instead of relying on pre-programmed indicators of non-compliant behaviour, the RegTech system self-adjusts and the predictive capability improves through use, evolving from the obvious to the truest predictors of risk.

A financial institution or regulator can analyse previous breaches and use this learning to predict potential risk but also have the regulatory technology evolve and adapt.

In this way RegTech programs have the potential to not just apply regulations but to interpret them and anticipate changes and events.

Analytics could be harnessed to forecast firm-specific operational and regulatory risks, or prepare for known events.

Robotics can further automate the control of other IT processes including machine learning, data flow and storage to enhance speed and efficiency, and minimise human error.

Some FinTech start-ups are looking at how new regulations could be formulated in machine-readable code so that new rules can be updated automatically.

So there is good reason for us to be excited and optimistic at the potential for RegTech to align the interests of financial institutions, including FinTech disrupters and large banks, and regulators.

Policy support for RegTech

The Turnbull Government wants to offer home-grown and offshore FinTech innovators an opportunity to develop and refine new products and services in the Australian market through a regulatory system that allows them to be frictionless through their scale journey while still becoming regulatory match fit for deployment into domestic and global markets.

The upcoming New Payments Platform from the Reserve Bank of Australia and the banking and payment industry will enable funds to be processed in near real-time speed, even between different financial institutions.

It will introduce a data rich transaction format, allowing parties to pass-on more information about the transactions, and even to include contracts or supporting documents with the transaction.

The ATO meanwhile will introduce a Single Touch Payroll Initiative which will require larger employers (with 20 or more employees) to report payroll and superannuation to the ATO at the time payments are made to employees and funds — streamlining the reporting process.

ASIC is working with consumer groups and the FinTech industry to create a meaningful and world-leading regulatory sandbox that strengthens our international competitiveness, fosters new innovative enterprises and delivers appropriate consumer protections.

I expect the regulatory sandbox operational by the end of this year.

In Australia RegTech applications are being developed in areas including data aggregation, risk modelling, scenario analysis and forecasting, payment transactions monitoring and identification of clients.

Local RegTech startups include WordFlow, which is helping companies with complex online documents like prospectuses and product disclosure statements.

Designed to manage supply chain risks, startup SimpleKYC aims to simplify and consolidate the client onboarding process and the heavy compliance requirements placed on businesses in this area by regulators.

RedMarker uses machine learning models to power its real-time compliance platform.

Artemis is already being used by a range of Australian Financial Services Licensees.

The Holy Grail is when we start to actually write regulation and legislation in code. Imagine the productivity gains and compliance savings of instantaneous certified compliance.

Open access data

One of the most important changes we need to make to realise our ambitions in these areas is to embrace open access data.

Providing financial sector customers with better access to data about their own financial affairs puts them in the driving seat. It will empower them to seek more tailored financial advice, find better financial deals and ultimately can be expected to lead them to make better decisions for their circumstances.

This approach to data is becoming more common. For example in August this year the UK's Competition and Markets Authority (CMA) announced 'open banking' reforms.

These reforms:

  • require banks to make customers' financial data easily available to third parties through an information exchange standard (with the customer's permission), for better price and product comparisons;
  • foster greater transparency around fees and products so that customers can make informed decisions about the fees they pay; and
  • make it easier to switch providers, through regular prompts reminding customers to check they are getting the best deal and a better functioning switching service for bank accounts.

I am supportive of these reforms. I want Australians to be in a position to make better decisions.

The Government understands the importance of a move towards unified open aggregated financial data standards in order to legitimise the current practices employed by FinTech innovators and give Australians better ways to understand, manage and maximise their finances.

In Australia, guidelines have not kept pace with practices by innovators, particularly those that rely on big data.

There are a number of FinTech companies already using aggregated financial data to power their innovations.

These companies cut across many parts of the FinTech ecosystem, including personal finance, banking, loans, wealth and advice solutions and accounting.

There is ambiguity around legitimacy and the standards by which they currently access customer financial data, especially where a user's banking credentials are required.

There is a need to reform the code and implement a strict standard to protect Australian customers while allowing them the benefit of technology innovations.

I have no doubt the empowered financial consumer of the future will be able to access their own financial data simply, efficiently and in ways that enable them to understand their full financial picture so they can make more informed financial decisions.

The innovators of today are bringing these consumers valuable ways to understand, manage and maximise their finances.

They also enable people to compare, negotiate and quickly take up better-fit financial products and services. Standardised, equitable and open access to data is fundamental to the delivery of many of these services.

In March I tasked the Productivity Commission (PC) to look at the benefits and costs of making public and private datasets more available, and examining options for collection, sharing and release of Australian data.

The PC's draft report was released yesterday and suggests there is enormous untapped potential in Australia's data. The PC notes that the financial sector is currently riding a wave of innovation and change driven by digital technology and new sources of data, which is being capitalised on by new and innovative FinTech companies. For this to continue and for Australia to establish itself as a global FinTech leader we need to let the data flow.

The draft report supports such an approach but importantly the Commission recommends putting the consumer in the driver's seat. What better way to ensure that open data policies are about improving outcomes for consumers.

The draft recommendations give individuals more control over data about themselves; enable broader access to datasets of national interest; and create a culture in which non-personal and non-confidential data is released by default.

The PC is on the right track. Their work provides a credible path to position Australia as a world leader in fostering a data driven economy.

I know many of you have already provided submissions that informed the draft report and I would encourage all of you to take a look at the PC's work and provide them with further feedback to inform their final report, which will in turn inform the Government's future policy work.


We are now in one of the most exciting phases in the development of FinTech since the inception of e-banking.

Realising our FinTech potential will transform our economy, not just in the financial services sector, but by providing the tools our economy needs to continue our successful transition from the mining investment boom to a more diversified economy. This is how we can deliver higher real wages and improved living standards for all Australians.

That is why development of FinTech is a key component of our national plan for jobs and why we are committed to financial technology and are excited about what you are doing and trying to achieve.

It is also why we are providing $200,000 to FinTech Australia to promote Australia internationally as a FinTech destination.

As the peak industry organisation that is bringing together Australia's FinTech community, including through this summit, and successfully advocating on the industry's behalf, FinTech Australia is very well placed to promote Australian FinTech with a national voice overseas.

This funding will assist in promoting the Australian FinTech sector to international FinTech talent and investors, and will provide an avenue to connect Australian FinTech businesses with opportunities overseas.

In this context we cannot allow our financial regulatory framework to act as a handbrake to this innovation. Excessively stringent rules and obligations result in less business, less competition and ultimately worse outcomes for consumers.

RegTech can equip us to avoid these outcomes.

It enables a close to real-time and proportionate regulatory regime that identifies and addresses risk while also facilitating far more efficient regulatory compliance.

It has the potential to improve the customer experience, reduce the incidence of error and fraud, both on the part of the financial institution and that of the customer.

It helps to drive down the cost of compliance by simplifying and standardising compliance processes that reduce the need for manual and duplicate checks.

And it can reinforce necessary culture change and improve corporate behaviour through enhanced monitoring and reduced risk points in financial systems and processes.

Thank you for your attention.