Regulators are moving quickly in developing rules: driving rapid change to counter possible and true customer detriment. Nikhil Asthana and Martin Trotter explain how we supported a client to improve their regulatory change framework – reducing the risk of missing key updates.

A regulatory change framework, either process-based or tech-enabled, enables firms to stay on top of the ever-changing regulatory landscape. A regulatory universe incorporates both the licensing permissions with the client’s products or services offering, which is then overlaid on the jurisdictional footprint. 


The challenge

A UK-based asset management subsidiary of global investment bank required a clear understanding of their regulatory landscape to sensibly manage the workflow of all regulatory assessment and impact as it transitioned into business as usual.

This need arose because of several ongoing problems:

  • Missed regulations – occasionally regulations were missed as no one person had a complete understanding of the entire spectrum of products, jurisdictions, and client impact
  • Late identification of the regulations – in some instances, the regulatory impact was understood very late in the cycle, leaving little to no time for delivery
  • Lack of clarity on regulation tracking – unclear assignment of responsibilities across the group, business lines and jurisdictions meant there was a disorganised approach to regulatory compliance
  • Regulatory interpretation – items not being tagged for the applicable entity due to lack of understanding, or items being tagged incorrectly, resulting in unnecessary work for the first and second lines of defence

The client initially requested a review of their regulatory permissions to have confidence that they were capturing all necessary regulations. This incorporated the auto-inclusion of regulations specific to their activities, ultimately developing a regulatory universe with the capability to capture only regulations applicable to our client. To add further value, this can be segmented into jurisdictions, allowing the client to operate with clear governance and line of sight on their regulatory change.

The goal was to produce an automated and tested output, alerting the relevant teams to changes that could impact their products, services, processes and systems in a different jurisdiction.

The solution

Assessment phase 

The approach was to review the permissions in each jurisdiction; aligning the governance structure with the entities, ownership of existing regulations, and any gaps to be remediated. Engaging with the various stakeholders, which included teams such as horizon scanning, compliance and legal, we collaboratively mapped out the end-to-end processes, permissions, and governance structures.

The exercise allowed the organisation to clearly view their touch points across complex elements, and create a challenge and validation process to get the final position. We followed the below steps to understand and define their regulatory universe:

  • Gathered a high-level understanding of the client’s products, jurisdictions and regulators
  • Conducted detailed review with horizon scanning teams to validate the horizon scanning applicability
  • Conducted business line reviews to align the products, services, and client types with the regulators and non-regulators
  • Validated local jurisdictional requirements with local teams
  • Validated the overall outcome of the regulatory universe with the compliance and legal team
  • Aligned the outcome to the client’s group framework

Focus on horizon-scanning information

We reviewed the horizon-scanning process, mapped the permissions by jurisdiction, overlaid the client-selected third-party providers and taxonomies, and worked with the in-house horizon scanning team to embed the newly tech-enabled regulatory universe. To ensure that the horizon-scanning process captured all relevant rules and regulations, we mapped out the applicable regulators, according to the activities and services they have permissions for, in each jurisdiction our client operates in. This allowed the client an audit trail on all decisions made in the review – giving them the ability to adapt it for new permissions, products, and services going forward.

We delivered a regulatory change universe for the bank with global coverage which outlines the following:

  • Current state of in-scope regulated activities across businesses and jurisdictions
  • Regulators and non-regulatory bodies that set rules and guidance on the regulated activities, products and customer types for each jurisdiction

Delivering a targeted regulatory universe that outlines the regulated activities and scope across businesses and jurisdictions. Importantly, the universe was agreed and signed off to deliver a consistent understanding across the various areas. The regulatory universe is a living document that gives the first and second lines of defence an anchor to review emerging regulations efficiently.

Finally, as part of our Regulatory Change Framework, we put in place a robust assurance process for monitoring, that demonstrated oversight on the newly tech-enabled process. 


The result

In developing the regulatory change universe, our client benefitted from understanding their baseline universe. This helped the affected teams identify and demonstrate why services and products could be in and out of scope of new regulations. The universe provides a concise guide of what regulations, guidance or new feeds what the horizon scanning team need to focus on.

Minimising the time it takes to sort through the feed for applicability was just one of the desired outcomes, and the value adds ensures clear ownership across the group and highlight all the impacted touch points for new regulations. Using the regulatory change universe, we helped the client clearly identify the applicable regulations when regulatory changes come in, ensuring the impacted areas are understood and considered. This increases efficiency, improves responsiveness and minimises gaps. The approach has been broadly applied to the whole firm, helping it become more efficient in delivering regulatory changes.