Alyne Offers RegTech Solution for Cyber Security, Risk Management and Compliance

Blog entry

Alyne is a Munich-based RegTech company offering a Software-as-a-Service (SaaS) solution designed to help organisations improve risk insight. Its proposition is built on a combination of providing a curated content library crafted by industry experts and highly usable functionality at an extremely competitive price. Its mission statement: We make gaining risk insights to your business as easy as browsing your social media.

To find out more about Alyne’s views on RegTech and its product, we talked to Stefan Sulistyo, co-founder and chief customer officer at the company. You can see Alyne in action during the RegTech showcase at A-Team Group’s RegTech Summit for Capital Markets in London on October 5th.

View the comprehensive agenda here

Q: What does RegTech mean to you?

A: In the tradition of other ‘Techs’, such as FinTech, we understand RegTech as digitisation of regulatory compliance processes. Digitisation is a buzzword itself, but it helps to frame RegTech in the context of automation. In other industries, there are visions to completely substitute manual processes at some point, or at least augment human capabilities and capacity, to rapidly scale and leverage the output of manual processes.

One prominent technology analyst firm lists technologies in something called the Hype Cycle. RegTech, in the form envisioned by non-experts, is rapidly rising towards the so-called ‘peak of inflated expectations’. However, it is worth mentioning that automation in the context of compliance controls is not really new. But as with many concepts in the governance-risk-compliance (GRC) arena, it has long been plagued by incomplete and ivory-tower implementations that neglect the human factor, i.e. people’s behaviours and daily decisions that so often make the difference between being compliant and an embarrassing press conference for the board and significant fines.

It should also be noted that RegTech should not just be seen in the context of the financial services industry. All organisations are subject to some form of regulation and the basic management methods and technical and organisational controls for operational risk are usually similar.

Q: What problem does the financial institution have that you believe you can solve?

The financial industry faces digital disruption and at the same time regulatory compliance is one of the industry’s biggest pain points. You could argue that risk management and compliance are already largely digital domains and digitalised, however it’s worth taking a second look when you consider the following characteristics we’ve encountered in these functions in companies around the world:

· Lots of manual interaction

Many risk management and compliance processes involve multiple spreadsheets, feedback and additions being sent back and forth via emails; spreadsheet outcomes pasted into slide decks; and probably some printouts with a busy executive’s hand-written comments.

· Labour intense processes

Compliance reporting and risk management requirements have developed so rapidly that highly regulated organisations like banks have solved an immediate need by hiring more people. Compliance and risk management departments have grown to enormous dimensions.

· Generic and outdated toolsets

While digital tools are used in risk management and compliance, they are often generic tools, such as spreadsheets or outdated solutions, like many GRC tools currently on the market. Processes are not necessarily streamlined and the quality of the output is highly dependent on the structuring and content of the user, as little guidance or content is provided.

Q: Why do they have this problem?

A: For big institutions and companies, it is often difficult to integrate new business models into their operations. Instead of finding a well-suited solution, they throw an insane amount of people at the problem and too many cooks always spoil the broth.

Q: What regulations are of primary concern to you and your customers?

A: We are focused on technology and operational risk topics. So relevant regulations come from financial regulators, but also data privacy rules such as General Data Protection Regulation (GDPR) and cyber security specific rule sets, which are a hot topic in all industries at the moment.

Q: How do you solve regulatory compliance problems?

A: We offer a deep content and rich context library with more than 850 control statements that enable organisations in all industries and of all sizes to mature their cyber security, risk management and compliance. You can bring this to live in our cloud software platform by using our smart workflows and intelligent risk analytics.

Q: What technology do you use?

A: Our SaaS is built on a pure Javascript tech stack leveraging state of the art frameworks and cloud services. In addition, we just launched Project Citadel, on which we are collaborating with the Technical University of Munich to develop the capability to match regulation, policy documents, questionnaires and more to our Alyne library by using natural language processing techniques. You can sign up for updates if you’re interested.

Q: How do you fit into a financial institution’s architecture and data flows?

A: We require no technical integration to start simple use cases. If clients are looking for deeper integration, we can offer various interfaces to existing databases such as user directories, asset libraries, customer management, and contract management.

Q: What other cool RegTech companies have you seen out there?

A: Most of the movers and shakers in the industry have joined the IRTA International RegTech Association - https://regtechassociation.org/

Q: Why are you taking part in the A-Team’s RegTech Summit for Capital Markets event?

A: It is always good to be in London for events as the city is one of the main FinTech and RegTech hotspots in the world. There is a high concentration of banks, financial service institutions and a supporting ecosystem.

Q: What type of people are you hoping to meet at the Summit?

Potential customers and partners.