Regulatory technologies in traditional industries as an element of the digital transformation: perspectives for development

Размещено на http://allbest.ru

18

Regulatory technologies in traditional industries as an element of the digital transformation: perspectives for development

A.I. Altynov, Y.V. Turovets



Abstract

The article considers regulatory technologies as one of the key topics in finance digitalization due to the consistent growth of fraud, compliance rules, and procedures. It also gains attention in other traditional industries to answer similar scope of challenges. Regulatory technologies have become a common element of digitalization which allows for effective management of a growing administrative burden and reduces associated risks. At the same time, regulatory technologies adoption can be considered as an indirect indicator of the digitalization effects, including the growth of regulatory burden.

This paper identifies the main objectives of regulatory technologies adoption relevant to traditional industries (telecommunication, trade, manufacturing, transport, construction, energy and utilities, healthcare, public administration). Based on the results, the study offers the prospects for regulatory technologies development in these industries according to the proposed composite index. It comprises nine indicators in four groups measuring financial losses from fraud and data leakages, administrative compliance workload, the digital maturity of sectors. The results indicate that the highest potential for regulatory technologies adoption, apart from service (finance, telecommunication, trade), is significant for manufacturing and healthcare due to a high frequency of fraud, data breaches, high compliance costs, and new regulatory requirements associated with the increasing pace of digitalization.

Keywords: regulatory technologies, financial services, digital transformation, traditional sectors, composite index.



Introduction

There is a constant growth in regulatory and compliance rules. Vast collections of financial rules lead to resource-intensive manual processing, lengthy reporting lag, which results in significant gaps in regulatory coverage [Waye, 2019]. Banks have to spend a lot of resources on compliance: 10% of the workforce of financial organizations in 2018 were focusing on governance, regulations, and compliance [Von Solms, 2020].

According to the survey of compliance officers in financial institutions in Germany, 89% of respondents need new technological solutions to manage the increasing amount and complexity of regulations [Becker, Merz, Buchkremer, 2020]. Financial authorities have to constantly update regulatory regimes to answer new risks and frauds, which causes growth in compliance costs for banks. It is expected that regulatory technologies (RegTech) will enable automation of control over financial markets, as well as cost savings, improvements in compliance for all stakeholders.

RegTech is a new domain of financial technologies (FinTech), being at an early stage of development [Becker, Merz, Buchkremer, 2020; Kurum, 2020; Von Solms, 2020]. The RegTech concept was introduced in 2015 by the United Kingdom Financial Services Authority [Turki et al., 2020]. Since then the transformative nature of RegTech is shaped by the large amounts of data, digital solutions, regulation, and new techno-economic challenges. RegTech is commonly understood as the adoption of digital technologies both by financial authorities and financial market players (banks, insurance organizations, hedge-funds, etc.) to facilitate delivery of regulatory management more effectively and cheaply than non-digital forms [Waye, 2019].

Higher accuracy of transaction screening due to automation positively affects cost and time, spent on fraud prevention and compliance [Buckley et al., 2020; Turki et al., 2020]. Traditional approaches towards regulation require labor-intensive manual processing of rules that lead to inefficiency and errors. Hence, RegTech becomes the next stage of digital transformation in the financial sector [Waye, 2019; Becker, Merz, Buchkremer, 2020].

This new might be considered with its specificity from two sides -- financial market players and authorities. Banks and other financial organizations can cut compliance costs, caused by labor and money, and focus personnel on more value-added services and strategic objectives. Effective money laundering prevention leads to an increase in revenue and lower risks of probable reputational damages, penalties, and fines [Michel- er, Whaley, 2020; Von Solms, 2020]. In the last decade financial institutions all over the world were imposed 26 billion dollars in fines for non-compliance with anti-money laundering, Know-your-Customer, and relevant sanctions [Turki et al., 2020].

From the side of financial authorities, RegTech improves financial market monitoring, preventive measures and enables higher flexibility of administration. Annually world economy losses are accounted for 2-5% of world GDP or 0.8-2 trillion US dollars due to money laundering Money laundering. 2021. UNODC. URL: https://www.unodc.org/unodc/en/money-laundering/ overview.html (accessed: 19.03.2021).. However, analysis tends to underestimate the total amount of money that goes through the laundering cycle. In growing legal complexity of the financial landscape, it gives new tools for communication and dialog with industry. For example, new tools may help authorities to detect crises and data leaks in advance [Loi- acono, Rulli, 2021].

Due to digitalization regulatory difficulties which arise in the financial area become similar across different sectors. Based on the practice of twenty leading banks and supervisory entities, this paper explores the main areas and features for the RegTech adoption and its application in a larger set of traditional industries. Our analysis unfolds the two most frequent fields of the RegTech -- fighting with fraud and interaction with supervisory entities. The former comprises risk management, anti-money laundering, Know-your-Customer, while the latter is about secure data communication channels, simplification of compliance, and reporting.

Few studies analyze prospects for RegTech development outside the financial sector. In empirical studies this concept is connected only with the financial industry. This research suggests a novel analytic framework for the quantitative evaluation of prospects for RegTech development in traditional industries. We elaborate a holistic quantitative approach to compare major regulatory issues in traditional sectors via a composite index. It follows the experience of using composite indexes as a convenient instrument for the comparison of digitalization levels among industries. Our index includes nine indicators in four groups that assess losses from fraud, data leakages, compliance costs, digital technologies adoption in industries. Nine traditional industries are considered: communications, finance, trade, manufacturing, transport, construction, energy and utilities, healthcare, public administration.



Theoretical background

There are few strands towards the definition and study of RegTech in the scientific literature. The first group of articles focuses on the adoption of digital technologies for specific challenges in banks and financial organizations, regulatory entities, financial industry [Miglionico, 2020; Singh, Lin, 2020]. These studies try to reveal RegTech peculiarities and propose recommendations for different levels: corporate, regulatory, or national [Arner, Barberis, Buckey, 2016; Goncharenko, Miglionico, 2020]. Such papers focus on one technology or application, leaving behind RegTech broader architecture [Anagnostopoulos, 2018].

Future scenarios and impacts of the RegTech are intensively discovered, while the analysis of previous evolution is missed. The second group presents articles, that consider RegTech as the single technological dimension with its main technologies and tools, practical areas, challenges, and benefits. They often use bibliometric methods and analysis of companies' databases [Nasir, Saeedi, 2019; Becker, Merz, Buchkremer, 2020].

Table 1 illustrates major definitions of RegTech in the context of its usage and technological solutions.

Table 1. Main approaches of RegTech definition in the literature

Source	Area for implementation	Digital technologies
[Butler, Brooks, 2018]	Management of non-financial risks	Semantic technologies Machine learning
[Kavassalis et al., 2018]	Control under financial transactions Financial risk reporting	Cutting-edge computing Distributed ledger technologies Data mining and analytics
[Turki et al., 2020]	Money laundering prevention	Artificial intelligence Digital signatures Biometric technologies
[Becker, Merz, Buchkremer, 2020]	Compliance management and regulatory reporting Risk management Identity management and control Transaction monitoring and fraud detection	Distributed ledger technologies Artificial intelligence Data mining and analytics Machine learning Cloud computing
[Brand, 2020]	Whistleblowing systems	Data mining and analytics Predictive analytics Natural language processing Deep learning
[Kurum, 2020]	Money laundering prevention	Artificial intelligence
[Singh, Lin, 2020]	Money laundering prevention Combating the financing of terrorism	Artificial intelligence

The most popular areas are anti-money laundering, fraud detection, including transaction monitoring and identity management and control, as well as compliance management and regulatory reporting [Becker, Merz, Buchkremer, 2020; Turki et al., 2020; Waye, 2019].

Being a complex issue, RegTech is more about architecture, organization, interoperability of different solutions and its elements [Butler, Brooks, 2018]. Financial services are one of the most widely studied sectors in terms of digitalization. However, there is a lack of analysis dedicated to the dissemination of regulatory technologies in other industries.

This paper aims at closing this gap by considering RegTech as a common concept in different sectors that helps to solve similar problems with frauds and compliance burden automation.

Research is related to a large body of studies on the digital transformation of industries and reveals new general issues that allow comparing these sectors. Results show digitalization of sectors is associated with the growth of administrative burden from the one side and higher risks of data leakages and frauds from the other side. digital regulatory risk financial fraud

Hence, the higher the level of industry digitalization, the more relevant are drivers for RegTech adoption. The analysis illustrates that service industries, especially finance, telecommunication, trade, are the early adopters of RegTech due to active digitalization, resulting in frequent data leakages and growing administrative burden associated with compliance.

Manufacturing and healthcare are characterized by the high potential of RegTech development, driven by significant financial losses from fraud and data leakages, coupled with the active use of digital technologies.

The structure of the paper is following (Figure 1).

Figure 1. Methodological approach of the study

The first part gives a brief overview of existing literature in the area. In the second part the results of the case analysis are described. In the third part we bridge RegTech in finance and a broad set of industries providing common problems and features. Finally, the proposed index helps to assess RegTech prospects for traditional industries.

Cases of the leading banks and regulators

In order to reveal major areas of RegTech application, we selected several cases based on the international indexes as one of the common tools for comparative analysis and ranking Handbook on Constructing Composite Indicators: Methodology and User Guide. 2008. OECD, JRC EU. URL: https://www.oecd.org/sdd/42495745.pdf (accessed: 19.03.2021)..

The largest financial companies (more than 10 000 employees) are considered as early adopters of innovative solutions, as well as in other traditional industries [Pavitt, 1984]. Following this statement, we identify ten financial regulators and twenty largest banks. For detailed information on the selection of banks selection consult.

For the analysis we choose the first 25 countries in the Global FinTech Index 2020, proposed by Findexable, Crunchbase, Startup Blink, Semrush are chosen [The Global Fintech Index..., 2019]. This index is aimed at the evaluation of FinTech industry development in different countries. Next, countries were ranked according to the Global Financial Centres Index 2021 [The Global Financial., 2021]. This index assesses the position of countries in the global market of financial services.

We assume, that regulators in countries, where the largest financial centers are located, will be more likely to develop and adopt RegTech. For the final criterion ranking “Fintech 100” is used [Fintech100..., 2019]. All countries are ranked according to the number of companies, included in “Fintech 100”. A number of companies in the ranking illustrates the innovative environment in the financial industry in a particular country.

The average rank of the aforementioned indexes is considered as the criterion for the selection of the leading regulators and banks for the analysis (Appendix 1, Table 1).

For the analysis the first 10 countries with the less average (since the position in the ranking is considered) among all rankings were taken. Almost all other countries are members of the European Union (EU). In order to enlarge the sample, we include the European Central Bank as the united institution for the European countries and take into consideration countries outside top-10 and, thus, national authorities that are responsible for the regulation of financial markets.

To identify world leading banks following criteria are used: total value of assets (date of information release -- December, 2020), return on assets (ROA) (September, 2020); market capitalization (July, 2019), return on equity (ROE) (September, 2020) (Appendix 1, Table 2).

These indicators are usually applied for the evaluation of performance and efficiency of financial institutions [Fethi, Pasiouras, 2010; Sharma, Shebalkov, Yukhanaev, 2016]. Total assets and market capitalization are the absolute measures, that reflect profitability and efficiency of a financial organization, while ROE and ROA are fundamental performance ratios [Walsh, 2008; Sharma, Shebalkov, Yukhanaev, 2016].

All together these indicators reflect the efficiency of the banks, which cannot be achieved in the absence of modern technologies.

This paper is based on the document analysis for the review of public and private initiatives in the RegTech sector. Data sources include official corporate and public documents, such as annual reports, strategies, and press releases. All data sources were manually selected and analyzed due to the high specificity of the topic. Overall, around 100 sources were reviewed.

Every bank/supervisor case is analyzed according to the adopted solution, goals of implementation, budget, operational area for implementation, barriers for implementation, achieved results, and benefits.

These factors allowed us to identify major areas and directions for RegTech adoption in the financial sector (Figure 2).

Fighting with fraud and money laundering, in particular, is the most popular area for studies [Kurum, 2020; Singh, Lin, 2020; Turki et al., 2020]. It includes assessing historical and current customer information and interactions to provide a complete picture of customers' activity [Micheler, Whaley, 2020].

Intelligent risk management systems allow banks to detect risks before they appear, that is why the system is called “intelligent” or “early warning” Supervision and regulation in the age of Big Data and artificial intelligence. 2019. BaFin. URL: https://www.bafin.de/SharedDocs/Veroeffentlichungen/EN/Reden/re_191018_ESE_Conference_P_ en.html (accessed: 19.03.2021)..

AI algorithms identify different patterns of financial activities and find anomalies in these activities, that can be characterized as potentially fraudulent [We've partnered with Regulatory Technology..., 2018; Big data meets artificial intelligence., 2019; Previous PIVOT challenges, 2020; Transforming data collection., 2020].

Figure 2. Directions for RegTech development

Money laundering is related to the use of sophisticated concealment methods designed to legitimate deceptive funds. Fighting these issues is one of the main aims of financial institutions [Kurum, 2020].

Constant aspiration of banks to have detailed information about their clients' identity, risk tolerance, investment knowledge, and financial activity is covered by the Know- your-Customer concept [Arner et al., 2019]. Continuous growth in financial data leads to control over all customers' activities [Previous PIVOT challenges, 2020; Regulatory technology..., 2021].

All tasks, connected with the analysis of customers, are grouped under the Know-your-Customer concept. The development of this concept is a priority in the USA, Singapore, Switzerland, China, Germany, Japan, and South Korea. The initial goal of all three areas (risk management, anti-money laundering, Know-your- Customer) is the same -- screen all activities, performed by all clients⁴.

The second area of RegTech adoption deals with interaction between banks and financial supervisors, namely management activities and demands [Miglionico, 2020; Von Solms, 2020; Zetzsche, Arner, Buckley, 2020]. RegTech helps to understand regulatory requirements and imperatives, assess its impacts on functional activities, and further transformation of business processes [Zetzsche, Arner, Buckley, 2020].

From the regulators' side, RegTech can help to establish a nearly real-time regulatory regime that identifies and addresses risk, while facilitating more efficient regulatory compliance. These developments will require the reconceptualization of financial regulation, and relevant reforms [Arner Barberis, Buckey, 2016].RegTech has its specificity but gains attention in other areas due to globally growing compliance of green and environmental agenda. The synthesis of these features is presented in the Table 2.

Table 2. Main objectives of RegTech adoption

Direction	Area	Objective
1	2	3
	Risk management	Financial data analysis (US FINRA) Early warning risk management (Bank of China, BaFin)
		Identification of financial risks (Agricultural Bank of China) Identification of cyberattacks and data leakages (Bank of America, JP Morgan Chase)
Fighting	Anti-money laundering	Screening of financial transactions (Monetary Authority of Singapore) Analysis of documents and contracts (Australian Securities and Investment Commission)
with fraud		Creation of patterns in financial data (Bank of Canada) Identification of anomalies and fraudulent activities (International Commercial Bank of China)
		Screening and profiling of clients (Japanese Financial Services Agency)
	Know-your-Customer	Identification and authentication of clients (Bank of America, Citigroup) Collection of biometric data (China Construction Bank) Screening and profiling of clients (China Construction Bank)
Interaction between banks and supervisors	Compliance and reporting	Control of changes in rules and regulations (US FINRA) Automation of reports preparation (Bank of China, Bank of England)
		Daily monitoring of financial requirements (Mitsubishi UFJ Financial Group)
	Data exchange and communication	Automation of data collection (Securities and Futures Commission Hong Kong) Establishment of secure data exchange channels (European Central Bank)
		Establishment of secure data exchange channels (BNP Paribas)

China Construction Bank Corporation: Annual Report. 2019. China Construction Bank. URL: http://www.ccb.com/en/newinvestor/upload/20200428_1588066796/20200428214237304314.pdf (accessed: 19.03.2021).

Banks have to monitor financial requirements daily and prepare reports for authorities. For the document analysis and identification of requirements artificial intelligence techniques (machine learning and natural language processing) are applied. US Financial Industry Regulatory Authority introduced the term “regulatory intelligence”, which assumes regulatory analysis software, based on AI, to identify and interpret changes in rules and regulations to ensure regulatory compliance Technology Based Innovations for Regulatory Compliance (“RegTech”) in the Securities Industry.

2018. FINRA. URL: https://www.finra.org/sites/default/files/2018_RegTech_Report.pdf (accessed: 19.03.2021)..

Automation technologies are implemented to simplify reporting and reduce the number of routine processes BaFin's Digitalisation Strategy. BaFin. 2018. URL: https://www.bafin.de/dok/13477874 (accessed: 19.03.2021..

Due to cyberattacks RegTech solutions should be implemented by both banks and supervisors to establish secure data exchange channels. Usually, special Application Programming Interfaces are adopted to fully automate processes of report submission and evaluation [Transforming data collection..., 2020], but the question about the security of these channels has been recently raised [FINMA Guidance., 2019, Contingency Planning., 2020].

This triggered the interest to distributed ledger technologies. Currently, banks are using blockchain platforms for documents exchange and reporting, cloud platforms with encryption technologies IBM and Bank ofAmerica Advance IBM Cloud for Financial Services, BNP Paribas Joins as Anchor Client in Europe. 2020. IBM. URL: https://newsroom.ibm.com/2020-07-22-IBM-and-Bank-of-America-Advance- IBM-Cloud-for-Financial-Services-BNP-Paribas-Joins-as-Anchor-Client-in-Europe (accessed: 19.03.2021)., and many other solutions.

Regtech and digital transformation of traditional sectors

Previous section of the paper illustrates that fighting with fraud and establishment of interactions between organizations and public entities are currently the main directions for RegTech. In this section we provide the relevance of these directions for other industries with quantitative data.

Traditional industries, like telecommunications, finance, trade (retail and wholesale), manufacturing, transport, construction, energy and utilities, healthcare, public administration, face similar difficulties as the financial sector. They are induced by the appearance of new risks in cyberspace, exponential growth of data, and regulation activities.

Approach for measuring RegTech relevance in the sectors is presented in (Appendix 2). The set of indicators is developed to assess these features of RegTech application (Figure 3), that are synthesized in an integrated index (Appendix 2, Table 1 for details).

All indicators are divided in four groups: 1) losses from fraud (index 1, 2); 2) losses from data leakages (index 3, 4); 3) compliance burden (index 5, 6); 4) digital technologies adoption (index 7, 8, 9) (Table 3).

All indicators are transformed into indexes via the normalization procedure with min-max formula (Appendix 2, Table 2).



Figure 3. Proposed approach to measure RegTech in traditional sectors

Based on: [Digital Transformation Index..., 2018; Data leaks..., 2019; Measuring the Digital Transformation..., 2019; The Costs of an Unnecessarily., 2019; Cost of a Data Breach Report, 2020; Report to the Nations., 2020; Chander et al., 2021].

Table 3 shows, that there are two sectors in which RegTech is especially in demand -- telecommunications and finance. Healthcare, trade, and manufacturing may be interpreted as sectors with average readiness and need in RegTech solutions.

Table 3. RegTech potential relevance in traditional sectors

Industry	Losses from fraud	Losses from data leakages	Compliance burden	Digital technologies adoption	Overall index
	Index 1	Index 2	Index 3	Index 4	Index 5	Index 6	Index 7	Index 8	Index 9
Group 1. The sectors with the highest readiness and need in RegTech solutions
Telecommunications	0.21	0.42	1.00	0.65	1.00	0.10	1.00	1.00	1.00	6.38
Finance	1.00	0.00	0.20	0.79	0.64	0.00	0.78	0.91	1.00	5.31
Group 2. The sectors with average readiness and need in RegTech solutions
Healthcare	0.26	0.42	1.00	1.00	0.17	0.10	0.44	0.55	0.33	4.28
Trade	0.16	0.03	0.06	0.58	0.57	0.62	0.56	0.91	0.67	4.15
Manufacturing	0.45	1.00	0.00	0.65	0.58	0.10	0.44	0.27	0.50	3.99
Group 3. The sectors with comparatively smaller readiness and need in RegTech solutions
Energy and utilities	0.14	0.50	0.20	0.88	0.40	0.29	0.56	0.27	0.00	3.24
Transport	0.00	0.21	0.00	0.41	0.38	1.00	0.78	0.09	0.00	2.87
Construction	0.05	0.42	0.20	0.46	0.18	0.10	0.67	0.36	0.00	2.43
Public administration	0.40	0.00	0.71	0.00	0.00	0.10	0.00	0.00	0.67	1.88

Based on: [Digital Transformation Index..., 2018; Data leaks..., 2019; Measuring the Digital Transformation..., 2019; The Costs of an Unnecessarily., 2019; Cost of a Data Breach Report, 2020; Report to the Nations.ACFE, 2020; Chander et al., 2021].

The most numerous and encompasses sectors with high regulation burden, but a lower level of digital technologies adoption, are energy and utilities, transport, construction, and public administration.In more detail, the first group includes the number of fraudulent cases (index 1) and median loss from frauds (index 2), counted by the Association of Certified Fraud Examiners in 2020 [Report to the Nations., 2020]. Industries suffer from different types of frauds. Within the survey of 5000 respondents, it was found that losses during the last 24 months across industries account for more than 42 billion US dollars.

The most common are customer fraud, cybercrime, asset misappropriation, accounting/financial statement fraud Fighting fraud: A never-ending battle. PwC's Global Economic Crime and Fraud Survey. PwC.

2020. URL:https://www.pwc.com/gx/en/forensics/gecs-2020/pdf/global-economic-crime-and-fraud-

survey-2020.pdf (accessed: 19.03.2021).. The manufacturing industry faces an average loss equal to 337 thousand US dollars, energy, and utilities sector -- 219 thousand US dollars. RegTech solutions might be useful primarily in manufacturing with its diverse activities and value chains. In 89% of cases fraud occurs in manufacturing, where the median loss is equal to 337 thousand US dollars and relates to asset misappropriation [How to Identify and Mitigate..., 2020].

Companies in the sectors invest actively in new tools and techniques for fighting fraud. AI has become the most often technology for this purpose, where almost 60% of organizations, that use AI, see values in it as a fraud-fighting tool thanks to opportunities towards data analysis Hacking corruption in the digital era: How tech is shaping the future of integrity in times of crisis. 2020. WEF. URL: http://www3.weforum.org/docs/WEF_GFC_on_Transparency_and_AC_Agenda_for_ Business_Integrity_pillar_3_2020.pdf (accessed: 19.03.2021)..

However, the pace of digital transformation poses additional challenges, where “old” fraudulent schemes can be realized online.

Such problems cannot be solved by companies in industries in the nearest future due to the quality of available data, the lack of existing analytical models, and the need to increase knowledge about fraud mechanisms [Rossy, Ribaux, 2020].

Another important area for the RegTech development is the establishment of secure information exchange channels (systems for the reports, documents, and data exchange between banks and supervisors).

To assess this aspect two indicators are chosen -- distribution of data leaks among industries (index 3), the average total cost of a data breach in billions of US dollars (index 4) [Data leaks., 2019; Cost of a Data Breach Report, 2020]. For both indicators healthcare is leading the list. Individual cases of implementing cybersecurity solutions, based on fog computing, new authentication protocols, and blockchain in healthcare are already described in the literature [Gu et al., 2019; Tariq et al., 2020; Xie, Zhang, Cheng, 2020].

At the same time, the financial industry, energy and utilities sector follow leaders representing critical infrastructure.

The movement towards distribution energy systems, Internet of Things applications will result in the growth of energy devices, where data protection for the whole network is required [Zhong, Xiong, 2021]. By comparison, in trade, manufacturing, and construction sectors cyber-frauds are not so frequent and significant.

A unique situation is observed in the public administration, where the frequency of data leakages is high (even higher than in finance), but the costs of data leakages are the lowest. To tackle this, public administration organizations may implement early warning emergency management systems based on AI [Luo, 2020].

Projects of blockchain integration for secure communication channels appear in different sectors, as it gives the opportunity to “tokenize” both financial and “non-fi- nancial” assets How can Blockchain ecosystems serve SMEs? in The Digital Transformation of SMEs. 2021. OECD. URL: https://www-oecd-ilibrary-org.proxylibrary.hse.ru/docserver/18ac5acb-en.pdf?expires=161 7896347&id=id&accname=oid008831&checksum=AD2AED44C576E0AEB65E26C571C91620 (accessed: 19.03.2021)..

Governments and international organizations examine possibilities to integrate blockchain solutions into public administration, which is dictated by the need for security and data consistency, efficiency gains Blockchain now and tomorrow. 2020. European Commission. URL: https://publications.jrc. ec.europa.eu/repository/bitstream/JRC117255/blockchain_online.pdf (accessed: 19.03.2021).. Digitalization of compliance via blockchain might secure management of land and property, taxation, identity management, allocation of public benefits, certification, and accreditation Blockchain for digital government: An assessment of pioneering implementations in public services. 2019. European Commission. URL: https://op.europa.eu/en/publication-detail/-/publication/e76bbeb9- 7650-11e9-9f05-01aa75ed71a1/language-en/format-PDF/source-198676888 (accessed: 19.03.2021)..

RegTech is also aimed at the decrease of compliance costs through the simplification of procedures. Laws and acts always impose some constraints on businesses, which require additional expenditures on designing, enforcing (for governments), and complying (for business, consumers, governments) Regulatory Policy Outlook. 2018. OECD. URL: https://www.oecd-ilibrary.org/governance/oecd- regulatory-policy-outlook-2018_9789264303072-en (accessed: 19.03.2021).. The assessment of compliance burden with the common indicators for all industries is a rather complicated task since different industries are regulated by different rules and induce different administrative costs.

Some laws and regulations relate to system failures, generate additional costs for business, and are hardly estimated, as it was empirically proven on the European legislative frameworks for the financial sector Study on the costs of compliance for the financial sector. 2020. European Commission. URL: https:// op.europa.eu/en/publication-detail/-/publication/4b62e682-4e0f-11ea-aece-01aa75ed71a1/language-en/ format-PDF/source-198669820 (accessed: 19.03.2021).. We choose two most general metrics to evaluate administrative burden:

1) costs of GDPR compliance in millions of US dollars (index 5); and

2) estimated inefficiencies associated with reduced access to data (index 6) [The Costs of an Unnecessarily..., 2019; Chander et al., 2021]. Both of these indicators reflect a negative impact of excessive data protection measures.

Estimations of data regulations compliance costs, proposed in the EU and the US, show different results. GDPR creates a significant administrative burden for telecommunications.

The medium impact is observed in such industries as finance, trade, and manufacturing [Chander et al., 2021]. Alternatively, the US Federal Data Privacy Law poses an additional administrative load on such industries as transport, trade [The Costs of an Unnecessarily., 2019].

Looking at integral calculation, companies in transportation, trade, and telecommunications sectors experience the highest compliance costs. It means that on average regulated industries per se should carry a higher burden in comparison with private sectors.

The matrix summarizes and classifies traditional sectors according to the main reasons for RegTech adoption and the current level of digitalization. By using the frequency of frauds, data leakages, compliance costs, and digital technologies adoption, a simple visualization describes sectoral patterns of RegTech perspective adoption.

All industries are divided into several groups (Table 4).



Table 4. Sectoral RegTech adoption opportunities

Drivers for RegTech adoption	Level of digital technologies dissemination in the sector
	High	Middle	Low
Frequency of frauds	High	Finance	Manufacturing
	Middle	Telecom	Healthcare	Energy & Utilities
	Low	Trade		Transport, Construction, Public Administration
Frequency of data leakages	High	Telecom, Finance	Healthcare	Energy & Utilities
	Middle	Trade	Manufacturing	Construction, Public Administration
	Low			Transport
Compliance costs	High	Telecom, Trade		Energy & Utilities, Transport
	Middle	Finance	Manufacturing
	Low		Healthcare	Construction, Public Administration

Notes: based on the results, under the “high” we assume the value of indexes greater than 0.55; “middle” falls within the interval from 0.3 to 0.55; all values lower than 0,3 are considered as “low”.

Telecommunications and finance are the leaders of the sectoral ranking with the highest value of the index. These sectors undergo frequent fraud and cyber-frauds, high costs of compliance, and show a high level of digital maturity. Telecommunications is closely related to digital solutions and physical basis for its operation and, thus, often suffer from data incidents. In summer 2021 large Singapore telecommunication provider StarHub faced a data breach, where data of 57 191 individual customers leaked. Breached data covers identity card numbers, mobile numbers, and email addresses Singaporean telco StarHub discloses data leak affecting 57,000 customers. 2021. The Daily Swig. URL: https://portswigger.net/daily-swig/singaporean-telco-starhub-discloses-data-leak-affecting-57-000-cus- tomers (accessed: 19.03.2021)..

Telecommunications, along with finance and trade form a RegTech core since they have common features related to service sectors (lower capital expenditures, higher level of intangible assets, etc.). For financial organizations fighting with fraud and cyber-fraud are the most important task, that requires constant updates of technology. In doing so, they cooperate with digital leaders or build their own digital infrastructure. In summer 2020 BNP Paribas has become the largest client of IBM Cloud services in the EU Digital Transformation: Financial Giant BNP Paribas to Use IBM Cloud for Financial Services Framework for Improved Security, Compliance. 2020. Crowdfund Insider. URL: https://www. crowdfundinsider.com/2020/07/164403-digital-transformation-financial-giant-bnp-paribas-to-use-ibm- cloud-for-financial-services-framework-for-improved-security-compliance/ (accessed: 19.03.2021)..

Trade sector shows low frequency and costs of frauds in comparison with other industries and average values of data leakages. AI technologies will allow the companies to expand compliance metrics and data analytics through the analysis of behavioral characteristics of customers. Companies can develop real-time risk management systems and raise its explainability Compliance priorities for digital transformation in consumer & retail. KPMG. 2019. URL: https:// advisory.kpmg.us/content/dam/advisory/en/pdfs/2019/digital-experience-whitepaper.pdf (accessed: 19.03.2021)..

Leading industries closely followed by healthcare and manufacturing. In manufacturing two main issues cause it -- expansion of industrial IoT platforms and new business models “as-a-Service” The vision for service transformation in manufacturing. 2021. Frost & Sullivan, Oracle. URL: https://www.oracle.com/middleeast/a/ocom/docs/manufacturing-industry-transition-service-mindset.pdf (accessed: 14.01.2022).. Such regulation differs from those in services or infrastructural sectors and appears in the form of industrial consortia or alliances which develop standards or guidelines. Another area is closely tied with automation of production floor and human secure communication with robotic equipment Unlocking the potential ofindustrial human-robot collaboration: A vision on industrial collaborative robots for economy and society. 2020. European Commission. URL: https://op.europa.eu/en/publication- detail/-/publication/407d1cee-5225-11ea-aece-01aa75ed71a1/language-en (accessed: 19.03.2021).. All these issues make the regulatory landscape in manufacturing heterogeneous and sensitive to digital incidents. In terms of compliance, costs for manufacturing are similar to the financial sector.

From the side of regulatory drivers, manufacturing is currently in significant losses from fraudulent activities. In 89% of cases fraud occurs in manufacturing, where the median loss is equal to 337 thousand US dollars and relates to asset misappropriation [How to Identify and Mitigate..., 2020]. Adoption of digital technologies for the control under assets is an efficient remedy and enhances cybersecurity in manufacturing firms [ElMamy et al., 2020], but needs a regulatory basis.

Digitalization of healthcare at a large extent induced by the COVID-19 opens new challenges for the sector. It leads in the frequency of data leakages as telecom and finance and has the highest costs of data breaches. The main categories for data breaches in healthcare are hacking and IT incidents (malicious hackers and low level of cybersecurity), unauthorized disclosure of information, loss or theft of endpoint devices. In 2020, annual increase in the number of healthcare breaches was 55.1%. The average cost per breached record increased from 429 US dollars in 2019 to 499 US dollars in 2020 Healthcare Breach Report 2021: Hacking and IT Incidents on the Rise. 2021. Bitglass. URL: https://pages. bitglass.com/rs/418-ZAL-815/images/CDFY21Q1HealthcareBreachReport2021.pdf (accessed: 19.03.2021)..

The level of digitalization of energy and utilities firms, in general, is estimated lower in comparison with other industries. There is a set of global trends that force the adoption of digital technologies (carbon neutrality, recycling, etc.). This industry shows a higher than the average value of losses from fraudulent activities and data leakages. In the last year ransomware has become one of the main attacks in the energy sector, where 25% of the energy sector is highly susceptible to a such type of attack. For example, in the US 77% of the energy sector has at least one leaked credential within the last 90 days (statistics in September 2021), and 49% of the energy sector has a critical vulnerability due to out-of-date systems The 2021 Ransomware Risk Pulse: Energy Sector Ransomware on the Rise Across Critical Infrastructure. 2021. Black Kite. URL: https://blackkite.com/wp-content/uploads/2021/09/The-2021- Ransomware-Risk-Pulse-_-Energy-Sector.pdf (accessed: 19.03.2021).. Being more regulated by nature, the energy and utilities sector experiences significant compliance costs and administrative burden.

Transport, construction, and public administration undergo even higher risks due to its priory regulated nature and larger amounts of requirements, but the perspectives of RegTech are not fully exploited due to the comparatively lower level of digitalization. Transport relies on digital tools mostly for simplification of compliance and decrease in administrative costs. For example, the platformization of urban transport services will make it more accountable [Chen, Qiu, 2019]. In construction RegTech can deal with fraud fighting and data leakages. The frequency of data breaches is very high for public administration organizations, 69% of which are aimed at stolen credentials, that can be used to the attacker's presence in the victim's network and systems Data Breach Investigation Report. 2021. Verizon. URL: https://enterprise.verizon.com/content/

verizonenterprise/us/en/index/resources/reports/2021-data-breach-investigations-report.pdf (accessed: 19.03.2021)..

RegTech may be demanded almost in all traditional sectors and serve as an appropriate tool to compare through the lens of functional areas the level of digital transformation. Explicit or implicit RegTech becomes a part of companies' strategies. Financial sector remains a source of best practices and pioneer in the digital agenda and may assist in understanding the nature of digitalization in other sectors.



Conclusion

This study sheds light on possibilities for RegTech adoption in a set of traditional industries as a specific mark of digital transformation. Based on the RegTech concept which takes roots in financial services, the paper suggests an original framework to assess RegTech perspectives through the lens of digital transformation.

There is a range of common regulatory issues across the economy, and the demand in regulatory technologies grows with the level of digitalization in industries. According to the financial sector, there are two major areas of RegTech application: fighting with fraud (risk management, anti-money laundering, Know-your-Customer) and interaction with supervisory entities (secure data communication channels, simplification of compliance and reporting). All these topics are common for telecommunications, trade, manufacturing, healthcare, energy and utilities, transport, construction, and public administration, which face significant costs, but at different extent. All of them suffer from financial frauds, data leakages, and compliance burden.

We try to measure RegTech use in major economic sectors as an indicator of digital transformation. In doing so, we rely on the existing financial indexes and its combination into a single synthetizing metric. RegTech could be even more demanded in other sectors (and primarily, in manufacturing and healthcare) due to the dissemination of industrial platforms, servitization, growing attention to data, and new regulative issues.

For manufacturing and healthcare frequency of data leakages and frauds are the main contributors to automation. RegTech may enhance the effectiveness of the energy and utilities sector, but currently, these possibilities are constrained due to a lower level of overall digitalization of the sector.

Our results as a first attempt to match the RegTech market with the broad topic of digitalization, indicate that it is an important part of the overall cross-country assessment of sectoral digital transformation and effects related to it. However, there is a need to study this approach in other functional areas, for example, HR management.

The study provides some insights for scholars and managers interested in the digital transformation of industries. The proposed quantitative framework allows measuring RegTech relevance for industries and comparing different sectors. An increase in the level of digitalization in a sector is associated with extensive administrative burden, higher risks of fraud, and data leakages. Practitioners can also find relevant cases of automation and digital technologies adoption for data management and compliance simplification.

The study has several limitations. Firstly, we rely only on the experience of a limited number of leading organizations. Further analysis with a larger sample of organizations is needed. Secondly, since the proposed index for the assessment of RegTech adoption is based on different open sources, all of them use different methodologies. This impacts on years, when data is calculated, approaches towards calculation and results obtained. In order to overcome these limitations, a special survey of representatives from different industries and countries may be appropriate. Such a survey can be a logical step towards further study of RegTech in a broad theoretical and empirical context.



References

Anagnostopoulos I. 2018. Fintech and regtech: Impact on regulators and banks. Journal of Economics and Business 100: 7-25.

Arner D. W., Barberis J., Buckey R. P. 2016. FinTech, RegTech, and the reconceptualization of financial regulation. Northwestern Journal of International Law & Business 37: 371.

Arner D. W., Zetzsche D. A., Buckley R. P., Barberis J. N. 2019. The identity challenge in finance: From analogue identity to digitized identification to digital KYC utilities. European Business Organization Law Review 20 (1): 55-80.

Becker M., Merz K., Buchkremer R. 2020. RegTech -- The application of modern information technology in regulatory affairs: Areas of interest in research and practice. Intelligent Systems in Accounting, Finance and Management 27 (4): 161-167.

Big data meets artificial intelligence -- results of the consultation on BaFin's report. 2019. BaFin. URL: https://www.bafin.de/SharedDocs/Veroeffentlichungen/EN/BaFinPerspektiven/2019_01/ bp_19-1_Beitrag_SR3_en.html;jsessionid=95E7B787354782FF7728EEC47F6693D4.1_cid370 (accessed: 19.03.2021).

Brand V. 2020. Corporate whistleblowing, smart regulation and RegTech: The coming of the whistle- bot? University of New South Wales Law Journal 43: 801.

Buckley R. P., Arner D. W, Zetzsche D. A., Weber R. H. 2020. The road to RegTech: The (astonishing) example of the European Union. Journal of Banking Regulation 21 (1): 26-36.

Butler T., Brooks R. 2018. On the role of ontology-based RegTech for managing risk and compliance reporting in the age of regulation. Journal of Risk Management in Financial Institutions 11 (1): 19-33.

Chander A., Abraham M., Chandy S., Fang Y., Park D., Yu I. 2021. Achieving Privacy: Costs of Compliance and Enforcement of Data Protection Regulation. Policy Research Working Paper 9594. World Bank Group. URL: http://documents1.worldbank.org/curated/en/890791616529630648/ pdf/Achieving-Privacy-Costs-of-Compliance-and-Enforcement-of-Data-Protection-Regula- tion.pdf (accessed: 19.03.2021).

Chen J. Y., Qiu J. L. 2019. Digital utility: Datafication, regulation, labor, and DiDi's platformization of urban transport in China. Chinese Journal of Communication 12 (3): 274-289.

Contingency Planning for a Central Bank Digital Currency. 2020. Bank of Canada. URL: https:// www.bankofcanada.ca/2020/02/contingency-planning-central-bank-digital-currency/ (accessed:

19.03.2021) .

Cost of a Data Breach Report. 2020. IBM. URL: https://www.capita.com/sites/g/files/nginej291/ files/2020-08/Ponemon-Global-Cost-of-Data-Breach-Study-2020.pdf (accessed: 19.03.2021).

Data leaks. Russia. 2019. InfoWatch. URL: https://www.infowatch.ru/sites/default/files/analytics/files/ InfoWatch_%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D1%8F%D0%A3%D1%82%D0% B5%D1%87%D0%BA%D0%B8_%D0%B7%D0%B02019.pdf (accessed: 19.03.2021).

Digital Transformation Index II. 2018. Dell. URL: https://www.delltechnologies.com/resources/en-us/ asset/analyst-reports/solutions/dell_technologies_digital_transformation_index_ii_full_find- ings_report.pdf (accessed: 19.03.2021).

ElMamy S. B., Mrabet H., Gharbi H., Jemai A., Trentesaux D. 2020. A survey on the usage of block- chain technology for cyber-threats in the context of industry 4.0. Sustainability 12 (21): 9179.

Fethi M. D., Pasiouras F. 2010. Assessing bank efficiency and performance with operational research and artificial intelligence techniques: A survey. European Journal of Operational Research 204 (2): 189-198.

FINMA Guidance 02/2019 Payments on blockchain. FINMA. 2019. URL: https://www.finma.ch/ en/~/media/ finma/dokumente/dokumentencenter/myfinma/ 4dokumentation/finma-aufsicht- smitteilungen/20190826-finma-aufsichtsmitteilung-02-2019.pdf?la=en (accessed: 19.03.2021).

Fintech100: Leading Global Fintech Innovators. 2019. KPMG. URL: https://assets.kpmg/content/dam/ kpmg/ch/pdf/fintech100-report-2019-en.pdf (accessed: 19.03.2021).

Goncharenko I. A., Miglionico A. 2020. Artificial intelligence and automation in financial services: The case of Russian banking sector. Law and Economics Yearly Review 8 (1): 125-147.

Gu J., Huang R., Jiang L., Qiao G., Du X., Guizani M. 2019. A fog computing solution for context-based privacy leakage detection for android healthcare devices. Sensors 19 (5): 1184.

How to Identify and Mitigate Fraud Risk in Manufacturing. 2020. SYSPRO. URL: http://ca.syspro.com/ dl/WP/SYSPRO-how-to-decode-identify-and-mitigate-fraud-risk.pdf (accessed: 19.03.2021).

Kavassalis P., Stieber H., Breymann W., Saxton K., Gross F. J. 2018. An innovative RegTech approach to financial risk monitoring and supervisory reporting. The Journal of Risk Finance 19 (1): 39-55.

Kurum E. 2020. RegTech solutions and AML compliance: What future for financial crime? Journal of Financial Crime: 1359-0790. https://doi.org/10.1108/JFC-04-2020-0051.

Loiacono G., Rulli E. 2021. ResTech: Innovative technologies for crisis resolution. Journal of Banking Regulation: 1-17. https://doi.org/10.1057/s41261-021-00154-4.

Luo H. 2020. An Emergency Management System for Government Data Security Based on Artificial Intelligence. Ingenierie des Systemes d'Information 25 (2): 207-213.

Macrotrends. Official website. 2021. URL: https://www.macrotrends.net/ (accessed: 19.03.2021).

Measuring the Digital Transformation: A Roadmap for the Future. 2019. OECD. URL: https://www. oecd-ilibrary.org/science-and-technology/measuring-the-digital-transformation_b045289f-en (accessed: 19.03.2021).

Micheler E., Whaley A. 2020. Regulatory technology: Replacing law with computer code. European Business Organization Law Review 21 (2): 349-377.

...