If businesses are realising digital transformation needs to happen sooner, rather than later, regulators are also waking up to it. Case in point, the US Department of Justice recently issued guidance
which, according to our panelists, will make the case for regtech even more compelling.
"The guidance says you need to be able to demonstrate your compliance programme was effective — Who has access to the policies? Who read them? Were they understood? How have you trained staff? "They want to see what was assessed, dates and times, what has been communicated… and it all has to stand up in court. So you need a foolproof system of record and audit trails.
Regulated businesses, finishes Rasmussen, are unlikely to achieve this without technology. Similarly, in Europe, says Helgeson:
"I'd say the big takeaway for me, is that… the folks that have been most successful at adapting to huge regulatory changes like GDPR, have approached it using automation.
That said, the practical realities of the markets in which businesses operate is also hugely important.
"What Europe proves over and over again
," says Farhadi, "is that the infrastructure that's been put in place to adhere to regulations matters.
"It's a simple process
[In Europe]. You've got the directives, which each member state has time to implement. But then you've got the regulations where there's no scope for interpretation.
"In the US, things are more complex, because there may be regulations at state level that aren't adopted at federal level. This creates a lot of challenges