Compliance-as-a-Service: Leap of Faith or Step into the Future

Joe Higginson spoke to The Fintech Times about the global payments revolution and what it means for banks.

For payments, the pressure is on. On the one hand, there’s the rush to prepare for ISO 20022 and benefit from global standards that open the door to growth while streamlining costs. On the other, there’s a rising tide of additional legislation that puts extreme stress on existing systems.

This is especially true of cross-border payments where new rules are driven by increasing fraud and financial crime, due in some part to accelerated digital adoption and the shift away from cash during the covid-19 pandemic. Meanwhile, the drive to prevent financing of terrorist activities is just as strong as ever. This has increased demand for more streamlined anti-money laundering processes.

But for many banks this brave new world of payments is underpinned by ageing legacy systems organised in silos. Each one typically supporting one of the multiple payments protocols that still proliferate: From closed loops that can only be used with a specific payee, to standards operated by RippleMastercard and Visa, and open platforms such as SWIFT.

The more silos, the more complex the piping required to consolidate all the information expected by the regulators. No wonder financial institutions are accelerating their move to digital to better leverage open banking and meet changing customer and regulatory demands.

Of course, that’s easier said than done. It’s easy to underestimate how hard it is for banks to make these changes when they are operating tens or hundreds of different interconnected systems that are decades old and so complex it’s impossible to simply turn one off so you can connect a new one. The result: 80% of data used by financial institutions is still unstructured, and spread across legacy technology systems,

Crossing the border, bridging the gap

As the demands of globalisation and the race to outpace cybercriminals mounts, what can banks do to bridge the gap between the growing demand for financial transaction information and the limitations of their legacy technology systems?

Many are now looking enviously at other sectors that have successfully adopted a software as a service (SaaS) model where the software is deployed on the service provider’s side, and the client accesses it through a web browser or similar secure portal.

In the past, banks have steered clear of adopting this model for payments and compliance (Compliance-as-a-Service or CaaS). On the one hand, the advantages of scalability, speed to deployment and reduced costs are highly appealing. On the other, how do you ensure that this more flexible model is equally secure and available than your legacy systems, and can meet the rigorous expectations of global regulators?

But we live in a very different world from a decade or even five years ago. Global cloud and SaaS platforms, run by tech giants such as MicrosoftAmazon and now Google, are not only fit for purpose but are also a long-term solution for banks who want to move from a reactive IT posture to a more purposeful stance. This is the long-awaited nirvana where IT becomes the business enabler, driving opportunity and providing a more agile platform that enables you to outperform competitors.

This opportunity also comes at a time when banks are revaluating their approach to IT projects and investment. Where once technology purchases were for large multi-year and multi-million-dollar implementations delivered on-site, today there are more targeted services from a range of specialist providers that solve specific challenges. Combined, such services enable institutions to move faster and more seamlessly to support growing customer demands and increased scrutiny from regulators. CaaS falls into this more targeted service category.

Cloud computing comes down to earth

How then do you use CaaS to overlay your existing payment systems and create a single view of compliance information across systems, formats, and message types so that it can be securely shared internally or with counterparties? And what are the benefits of this approach?

To begin with, CaaS enables banks to scale towards higher volumes of transactions at a reduced cost. They also free organisations from the burden of tech debt associated with traditional monolithic payments hubs. Put simply, the provider is responsible for the cost of upgrades and owns the software roadmap. The partner is also responsible for providing all the development, including APIs that that are compatible with multiple payment methods.

It also enables banks to move some of their capital expenditure to OPEX. A new payments hub, managed on premise costs millions of dollars whereas with CaaS, you pay for what is needed over time, significantly reducing total cost of ownership. Speed to market is another important advantage.  Traditional legacy hubs may take years to get to market, while you can be up and running in a matter of weeks with a third-party partner.

It also offers a transparent trail of payments that supports fast, cost-effective reporting. This, in turn, minimises compliance risk and the threat of expensive fines, again reducing the total cost of ownership.

Highly secure, highly transparent

What about security? While relinquishing control of technology to a third-party platform sounds somewhat risky in the high-stakes world of cross-border payments, it’s also true that greater integration, transparency, and automation eliminate many of the threats posed by disparate internal systems. For a start, there are far fewer manual processes and fewer spreadsheets to maintain and less reliance on unsecured emails.

These are replaced by secure digital workflows built on pre-defined business and regulatory rules. This, in turn, delivers a transparent trail of all payments that reduces time to reporting. This approach goes way beyond traditional KYC processes and helps bring banks up to speed with current and future anti-money-laundering and counter terrorist financing regulations.

At the same time, it creates a single view of compliance information across systems, formats, and message types, and enables it to be securely shared internally or with counterparties. This makes it easier to access and share the information needed to perform financial crime due diligence internally and for regulators, without needing to upgrade existing systems.

Above all, it represents a massive step forward with none of the cost, time and risk associated with migration of on-premise systems. No longer high in the sky and out of reach, CaaS has truly come down to earth. For institutions wrestling with the challenge of cross-border payments, now is the time to explore your SaaS options and take a leap into a more stable and cost-efficient future that drives transaction and revenue growth.

“For payments, the pressure is on. On the one hand, there’s the rush to prepare for ISO 20022 and benefit from global standards that open the door to growth while streamlining costs. On the other, there’s a rising tide of additional legislation that puts extreme stress on existing systems.”

This article was originally published by the FinTech Times.

Share On

Press Kit

We’ve pulled together some information that might be useful. If you can’t find what you’re looking for or would like to speak to someone, please get in touch [email protected]

Request a demo or just connect to learn more