Your web browser is out of date. Update your browser for more security, speed and the best experience on this site.

Update your browser
CapTech Home Page

Blog August 1, 2018

Robotic Process Automation + Financial Institutions: How RPA and Consulting are Changing Risk and Compliance

For most financial institutions (FIs), Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations have resulted in a laborious customer onboarding process. FIs typically require their front offices to collect and manually review numerous documents and enter relevant customer information across various systems. Back offices are simultaneously asked to conduct their own reviews and functions to ensure compliance and consistency. Once onboarded, customers require continuing Customer Due Diligence (CDD), resulting in similar labor-intensive processes to those used in onboarding. Collectively, these processes require considerable resource hours by both front and back office staffs and are exposed to the human error factor, which includes everything from simple typos, to intentional process deviation.

Robotics process automation (RPA), sometimes referred to as robotics or digital labor, is a type of Regulatory Technology (RegTech) that provides FIs an effective alternative. Bots, the "workforce" of RPA, are software programs that follow defined internal business rules and policies and can be trained on essentially any repeatable process. By training bots to follow standardized compliance-related processes, FIs can improve efficiency, increase throughput, and reduce errors.

Common Financial Usages for RPA

The most immediate use for bots is to input basic customer information across multiple systems. including information obtained from reviewing customer documentation. Utilizing advances in computer vision and natural language processing (NLP), bots can review customer documentation, extract and verify relevant information, and input this data wherever required, all without human involvement.

Screening automation is another promising area for RPA. Bots can search relevant systems, both internal and external, and then sort search results via basic heuristics such as name, location, and/or timeframe mismatches. FIs can tailor their preferred ambiguity threshold for mismatches, training bots to escalate potential mismatches or issues based on the programmed risk tolerance. Similarly, FIs can default their bots to escalate to a human reviewer when they encounter unique documentation or other unexpected instances, while also capturing the results of the human review so that future similar instances can be processed by the bot.

By automating much of the onboarding workflow through bots, FIs can greatly reduce the amount of time spent dedicated to manual, repeated processes. Additionally, RPA can help better meet quality standards by ensuring that every customer follows the same standard process without the risk of human error or deviation.

RPA is not limited to automating onboarding, however. As enforcement actions continue, FIs tasked with large-scale remediation or lookback efforts can effectively deploy RPA to more efficiently handle workloads and reduce their reliance on both external vendor staff and internal support staff. By design, enforcement actions generally require FIs to complete work either deemed incorrect or insufficient by regulators, and this work is equally manual. Rather than scrambling to identify external vendors, and the relevant internal employees needed to support them, FIs can utilize RPA to accomplish many of these same remediation tasks, significantly reducing costs and increasing productivity.

The key benefit of using RPA to address remediation issues is its ability to quickly reach targeted production and quality levels. Rather than relying on dozens or hundreds of individuals to each gain the necessary domain and systems knowledge, RPA is reliant only on a small group of programmers to adapt the preferred RPA platform to the specific enforcement action requirements. Additionally, by using RPA to eliminate individual human error and deviation, resulting in costly re-work and uplift, FIs can further reduce their chances of missing deadlines and possible further regulatory action.

Expertise Shortages

Unfortunately, although there are marked performance gains to be made by employing RPA, many FIs lack the internal resources to successfully implement these solutions. To address this talent shortage, FIs will have three primary approaches: train and upskill their current workforce, contract outside firms to assist with the implementation of RegTech, and wholly outsource certain processes and functions. Of the three, contracting outside firms to solve immediate problems while beginning the upskilling process provides the best opportunity for both short- and medium-term wins and long-term sustainability.


Upskilling will produce the longest lasting results, as it will result in a trained, long-term internal workforce. Additionally, the experience gained while upskilling will prove valuable for addressing future opportunities and obstacles. However, upskilling is a lengthy process, requiring significant investments in training and hiring. For many FIs, their risk and compliance problems are pressing, and many FIs simply cannot wait until their workforce has been sufficiently upskilled before solving problems.

Contracting Implementation

For more immediate results, FIs are likely to turn to outside firms, including consulting firms and external technology providers, who already possess the requisite knowledge to quickly integrate RegTech with existing internal procedures and systems. Outside firms can be tasked with the implementation of short to medium-term solutions, while the FI can leverage the outside firm's expertise to assist with the upskilling process and growth towards long-term sustainability.


Lastly, FIs will likely determine that certain processes and functions are sufficiently simple and standard enough to wholly outsource to existing RegTech providers. By doing so, FIs lose the ability to maintain expertise in and day-to-day direct supervision over the outsourced processes and functions, but this approach can also free up resources for more mission critical items.

In reality, most FIs will leverage a hybrid approach, outsourcing what they can, bringing in third parties to provide short- to medium-term solutions, while simultaneously upskilling internal staff for long-term functionality. This is supported by a Thomson Reuters 2017 study, which found that 41% of FIs would use a mixed approach to RegTech adoption, compared to 22% that planned to handle this work entirely internally, and 20% which would exclusively outsource. Going it alone or entirely outsourcing tactics have their advantages, but the balanced approach of upskilling internal resources for long term sustainability while leveraging the existing experience and knowledge of outside firms to implement short- to medium-term solutions will produce the most valuable results.

Ultimately, while financial institutions are still determining how they will implement RegTech solutions, they can longer debate if they should implement RegTech solutions. Those that ignore or delay the implementation of regulatory technology risk losing their competitive positioning, while those that embrace the efficiency and cost-savings of these technologies will position themselves for long term competitiveness.