RegTech is often named as the solution for banks to deal with the wave of new regulations that has swept across the industry over the last couple years. In reality, the application of regulatory technology does not stop at financial institutions but on the other side of the table as well. Instead, innovative tech like Big Data Analytics, Artificial Intelligence or Blockchain can and must be used by regulators, too.

What is SupTech?

Supervisory Tech aka SupTech is dubbed RegTech for Regulators. Like financial institutions the authorities are facing the same problems. Too much data and poor data quality to understand what is going on in the industry they supervise and they have bombarded with thousands of new rules. Without the application of cutting edge technologies, regulators cannot keep up with their responsibilities. SupTech describes the solutions and services that improve on the management and execution of the regulatory process. In developed economies it is a powerful tool, but examples from less established financial systems show that the benefit can go way beyond better regulatory processes as the World Bank’s article about leveraging ‘SupTech’ for financial inclusion in Rwanda shows. A common phenomenon that is true for RegTech in general as well.

The 5 Use Cases of SupTech

Generally, we can classify the different use cases of SupTech into the following categories:


Reporting is an obvious choice for the application of innovative solutions. Automation can drive down costs and produce better results in the supervision of financial institutions. This area is the subject of the recent FCA Call for Input on using technology to achieve smarter regulatory reporting. The British regulator has invited all interested parties to voice their views on how the FCA can improve the reporting process and outline the technical steps that developed this proof of concept as well as on the broader issues surrounding the role technology can play in this field.


Monitoring with regard to various aspects, e.g. money laundering, market abuse and insider trading is another hot topic for SupTech. Thanks to advancements in big data analytics, regulators could go through vast amounts of structured and unstructured data, which could produce new insights and support more informed decision making. By using new visualization solutions patterns can be extracted and presented in a useful way out of the raw data. Simulating the impact of existing and new norms would help understand the consequences before any new regulation is implemented, preventing unintended results and improve the authorities’ understanding of compliance systems within the supervised firms. Now assume that everything happens in real-time and a regulator holds a powerful tool in its hands to prevent market rigging or to block suspicious transactions.

Automated regulation

The implementation of new rules costs like MiFID II or GDPR presents financial institutions with a massive regulatory burden both in terms of costs and use of resources. Imagine a way where lawmakers decide to change the existing rules and it gets transported into the policies and procedures automatically. Too good to be true?

Firms in the field work with semantic technology and data point to convert regulatory text into a programming language.

If regulation were machine-readable, it would allow more automation and could significantly reduce the cost of change. It would also harmonise policies  and ensure greater consistency between the intentions of a regulation and its implementation. The next step is even more exciting: based on the insights from regulatory monitoring as described above solutions using artificial intelligence can then ‘learn’ to produce better regulation.

Regulatory Products

AML, KYC and Financial Crime are one of the most popular areas for RegTechs. Considering how long it takes to onboard a new client and how much it costs, it is no wonder that clever start-ups have targeted this field to disrupt and take into the digital age. What if, for example, a regulator were to present a solution that would relieve financial institutions from this painful process and offer them a solution to do it for them? What if the authorities were to create a central client database that financial institutions could access and provide clients immediately with their services and products? Obviously, for a fee, which, however, would be significantly lower than what banks spend right now for the whole process in-house. So far, no regulator is offering this service, but shared services are a very promising area for SupTech (and RegTech if you can reach a critical mass). Considering that different systems for reporting, monitoring, or client onboarding, to name just a few, not only time consuming and expensive, but also create inefficiencies in terms of results and duplication, you clearly have a business case.

Proactive Regulators

The combination of the above and the general use of innovative technologies can also create additional effects for better supervision. Proactive Regulators means less fines as regulators can intervene in real-time where they discover a breach of rules. It also means a better understanding of the impact of regulations and more efficient collection of feedback on policy effectiveness. And it results in lower compliance costs for financial firms:  while it can lead to potentially higher IT costs, at least in the short term, in the long run it will reduce head count at firms. It will also put regulators in the driving seat with regard to the process of investor and consumer complaints. And it will make a financial ecosystem more attractive as it is easier and cheaper to do business there.

What lies ahead?

SupTech faces similar obstacles as the general RegTech sector. If you only think about the long

Regulators might also be more targeted by hackers. Think about the various – real or alleged – cyber attacks in relation to elections around the world and you have an idea that it would provide criminals with a lucrative target, so authorities must continue to make cyber security an absolute priority. Even without the risk of cyber security though, mistakes within the systems of a regulator could have far larger ramifications than an error, say, in the trading system of a financial institutions. While the latter might cause flash crashes and put entire companies out of business (think Knight Capital), one can only imagine the consequences of a serious glitch within an entire regulatory framework could have.

While the risks may be significant, but the reward could outweigh these easily and after all, isn’t good risk management at the centre of SupTech?!?