Last week I attended an event at Revolut’s offices where the CEO Nik Storonsky and some of his team took us through their approach to managing risk and compliance. They were joined by ClauseMatch, a great RegTech startup who are helping them with smart policy management.
I love to see how new fintech companies are approaching risk and compliance as they tend to think very logically and use technology creatively. This is certainly true of Revolut who have established Compliance Product teams which are made up of a responsible product owner who also knows compliance, front and back end developers, data scientists and a designer. They also have Compliance Service teams who manage manual exceptions. Their objective is to automate as much of risk and compliance as possible to reach a goal of 1 Compliance agent per 100,000 users.
Each team has 6 month goals, Key Performance Indicators (KPIs)and Key Risk Indicators (KRIs) which can be tracked in realtime. They monitor risk indicators in realtime and automatically escalate breaches of their appetite to the Head of the team, the Risk Enterprise Committee or the Board depending on the severity of the breach.
By creating engineering capabilities within the Risk and Compliance teams and producing technology to solve regulatory related problems, they are in effect creating internal RegTechs.
It’s not just Revolut who are building technology and using data to improve their risk and compliance capabilities. Monzo are currently hiring for a Risk Data Analyst and one of the questions the role is meant to help with is:
“What are the high impact automation tools that can be built for the risk team so we minimise time spent on recurring processes?”
Spending large amounts of time on recurring risk and compliance processes is something which I have seen in many organisations and indeed an opportunity which RegTechs are responding to.
In Chris Skinner’s recent blog, he was talking about the important of data to banks and a comment he made resonated a lot with the risk and compliance approach Revolut had showcased:
“But what is new is a bank being organised around data and analytics; the very design of the bank starting with the customer and their data; the basic premise of the bank being an enterprise data store of information and leveraging that information through automated intelligence to win and differentiate itself from the rest of the pack.”
I believe that the approaches these digital banks are spearheading for risk and compliance will eventually become the norm across the industry and the larger organisations looking at opportunities with RegTechs will have a head start on adopting these.