Banks as Delegated Regulators of Technology
Canada’s largest banks rely on private developers of regulatory technology (RegTech) to comply with the requirements of the Office of the Superintendent of Financial Institutions (OSFI). RegTech’s algorithms allow banks to organize unstructured data, identify, assess and mitigate risk, and generate and submit reports. While the use of RegTech significantly facilitates financial reporting and compliance, it also presents risks. The unsupervised process of translating the language of regulations into computer code may lead to the misinterpretations of regulatory requirements. Also, due to the opacity of private algorithms, mistakes of RegTech instruments may go unnoticed, resulting in systemic failures.
In light of these risks, this article examines the potential of Canada’s federally regulated banks to act as delegated regulators of RegTech. Drawing on OSFI’s previous initiatives, this article suggests that the regulator create RegTech quality standards and delegate the enforcement of these standards to banks through outsourcing contracts. These contracts should contain publicly mandated RegTech specifications and clauses that reserve the banks’ rights to monitor, audit, and punish non-compliant RegTech companies and share information with OSFI.
This article also discusses the benefits and policy implications of delegated regulation of RegTech. First, by imposing a public duty on the banks, delegated regulation causes changes in corporate governance. Second, it allows the under-resourced regulator to use banks as regulatory resources. Third, it extends the application of public norms to those RegTech companies that otherwise would have avoided public oversight. Fourth, it reshapes the market for RegTech services by forcing banks to develop in-house technology that, in the long term, may be a cheaper and less risky alternative to outsourcing.
In conclusion, this article addresses the arguments that may be levelled against the delegated regulation of RegTech and discusses opportunities for more direct involvement of the regulator in technology-driven reporting and compliance.
Author(s) retain original copyright in the substantive content of the titled work, subject to the following rights that are granted indefinitely:
- Author(s) grant the Alberta Law Review permission to produce, publish, disseminate, and distribute the titled work in electronic format to online database services, including, but not limited to: LexisNexis, QuickLaw, HeinOnline, and EBSCO;
- Author(s) grant the Alberta Law Review permission to post the titled work on the Alberta Law Review website and/or related websites.
- Author(s) agree that the titled work may be used for educational or instructional purposes and/or in educational or instructional materials. The author(s) acknowledge that the titled work is subject to other such "fair dealing" provisions and applicable legislation.
- Author(s) grant a limited license to those accessing the titled work from an electronic database or an Alberta Law Review website to download the titled work onto their computer and to print a copy for their own personal, non-commercial use, subject to proper attribution.
To use the journal's content elsewhere, permission must be obtained from the author(s) and the Alberta Law Review.