The crossover with SupTech
WealthBriefing asked Pfister about SupTech or supervisory technology – a term with which he was not familiar. SupTech allows regulators to monitor the activities of businesses. The Bank for International Settlements, the "central bankers' bank," defines it as the use of innovative technology by supervisory agencies to support supervision. It helps regulators to digitise reporting and regulatory processes.

Pfister commented: "There are regulators that are – it's not happened yet...the UK's Financial Conduct Authority (FCA) attempted this but it has not gone anywhere as far as I know – they said they are thinking of demanding formulated data sets of all firms. They want to say: 'put your data in a queriable set and I will query what I want to query.' Then the regulator can self-serve. We're talking about SupTech a little bit. But just as technology is enabling asset managers and clients to access regulation, the regulator is upping their game to do systemic risk analysis faster and look at it faster. The regulator is now asking itself: 'how can I get access to find the data I need to ask the questions that I might want to ask tomorrow?' They want to see a super-set of regulation without needing the right regulations. If they have subsequent questions, they can then ask [probe] that data themselves without auditing the firm and having to send it a letter first. That goes back to systems having to interact together."

When regulators dabble in a bank’s systems
A few financial firms on both sides of the Atlantic began giving their regulators direct, if partial, access to their own systems, the better to hand them the information that they wanted quickly, in the days before Covid-19. WealthBriefing asked Pfister whether this was still the case.

"To local regulators yes, to cross-jurisdictional regulators no. They've been doing it for years, but people do not want to talk about that. No bank wants to talk about any time when a regulator has asked it a clarifying question. The reputational consequence of saying that is [to imply] that something is amiss.

"The regulators are getting better at cross-questioning. No regulator has a single query. There are dozens, if not hundreds, of submissions that go through.

"They are getting better at looking across all these submissions. They often say "hey, you said x over here but you said y over there...why the disparity? I expected blah blah." [They are now] better at rationalising the total data that they get from the company. Is it creating risk to the investor/the capital markets/cross-border transfers? That's the thing that the regulators are working on right now with technology."

Whom to put in charge?
Pfister had wise words for any private bank that is looking for someone to head up its RegTech initiatives.

"The expectation is that you need in-house or serviced regulatory expertise to understand what you're being asked. The worst thing in the world is to take somebody who already has a job at your private bank and put him in charge. I'd rather not comment on whether banks actually do that.

"The second thing that they can do is to find tech vendors or create internal teams who can imbue their expertise into fulfilling their investments. It's a low-risk investment to have a team that's looking for regulatory change – it's easy. You're not going to negatively impact alpha [i.e. the return that a tracker fund might achieve above the benchmark/index that it is tracking]."

Pfister had not heard of the term "horizon scanning," which Cube Financial, the software vendor, defines as "the means of looking to the future to ascertain what challenges it might hold" in regulation. This, however, was the process to which he was referring. He commented further.

"Stabilising yourself for regulatory change is far easier if you have a professional team. Then the second thing that you would imbue in your design of your systems is investing in applications and investing in [bits of] that open architecture that are easily exportable or queriable or interactive with other applications, which means that the regulator's question comes from 10 systems, not one. So if you have 10 systems that talk to each other, it's far easier than if you have one."

WealthBriefing asked Pfister whether it was the eternal lot of private banks to have 60 to 70 systems that cannot talk to each other and therefore require software to bridge the gap, in both their compliance efforts and their other endeavours. This was certainly the case 20 years ago and nothing seems to have changed.

On the whole, Pfister agreed.

"That's a good question. [Banks have inherited this problem from the past.] You don't see pop-up private banks! They often do have 60 to 70 systems that are mired in the past. It's hard to do an overhaul."

He added that banks are also creating new stand-alone systems all the time because "you're still going to get new products, new investors. It's a trajectory, not an end state."

The Venn Diagram
When RegTech works well, one set of records goes one way – to the regulator – and another goes the other way – to the client. Most of the information in them is typically the same. Pfister was adamant that the bank in question should not be two-faced enough (or disorganised enough) to send off sets of data that contradict one another.

"They should not disagree. You should not keep two books of records. There are regulations [here he meant packets of regulatory information] that are 90 per cent [going to] the public and 10 per cent going to private individuals. There are regulations that are vice versa. The regulator often asks for a list of investors who own this-or-that product, but you wouldn't want to tell their names to other investors. You [also] wouldn't want to tell the investors the name of whoever owns most of this-or-that product. Many regulators recognise this. Many regulations are already split up between what goes to the public and what goes to the regulator. The latest ESG [environmental/social/governance-related] proposal in the UK – the SDR one – requires consumer-facing reports and regulator-facing reports."

'SDR' is the FCA's shorthand for sustainability disclosure requirements.