Back to Blog

Compliance 4.0: Migrating from legacy to Regtech systems

Written by Michael Channing

Compliance 4.0: Migrating from legacy to Regtech systems

Making the Regtech switch

Looking back, what became known as “Big Bang” lit the blue touch paper to historic changes in share trading in London. There were similar seismic shifts in mainland Europe, the US, the Far East and further afield. Gone were the days of the old pit-style trading floor, replaced by vast computerised trading systems which brought investment to the masses. While these were monumental changes, we have since seen global stock markets and regulatory frameworks develop into structures which are unrecognisable today.

This has created several challenges for financial institutions providing investment services across a growing number of markets and traded instruments. 

Regulatory reporting solutions

Gone are the days of light-touch regulation and the effective self-policing of the financial services industry. These have been replaced by an ever-expanding regulatory system, with new regulations emerging on a regular basis that have to cope with lightning fast innovation and evolving customer demands. As competition continues to increase, this puts enormous pressure on the resources of financial service institutions. 

External drivers of increased compliance costs

A recent report by LexisNexis cast an interesting light on the ever-increasing cost of compliance, prompting many to look towards new and innovative regulatory compliance solutions. In order of importance, the external drivers include:

  • Increasing financial crime regulation/regulatory expectations
  • Evolving criminal threat
  • Overall cost of doing business
  • Increase in data privacy requirements
  • Customer demand
  • Impact of geo-political and socio-economic events

Expanding regulatory expectations and the fundamental requirement of operational efficiency in preserving suppressed profit margins are fuelling the need to continue upgrading and adapting legacy compliance systems.

Regtech revolution

The global Regulatory Technology market is forecast to be worth $28.83 billion by 2029, growing at a rate of 17.55% CAGR between 2023 and 2029. This is revolutionising how we monitor regulations and adhere to compliance in the investment world. Demand for cutting-edge regulatory compliance solutions has been influenced by the following:

Impact of the 2008 global financial crisis

The 2008 global financial crisis exposed a lack of joined-up regulatory control, a need for real time monitoring across multiple markets, tighter risk controls as a global industry and the requirement for innovative, automated technology to facilitate this. 

Technological advances and consumer demand

Integrating AI and machine learning into RegTech has led to compliance systems that can identify potential issues, learn for themselves, and adapt to new challenges.  However, alongside these advancements, there is a critical need to address the ‘black box’ nature of AI/ML systems to satisfy explainability requirements set forth by regulators. 

Consumers - and regulators on their behalf - are not only demanding greater transparency and protection but also require that the decision-making processes of AI systems be understandable and accountable. This ensures that compliance systems are not only effective but also aligned with regulatory standards that mandate clarity over the algorithms’ inner workings.

Lack of collaboration and fragmented regulation

Historically, stock markets were fragmented, but now we have a global investment market open for business 24/7. Unfortunately, global integration has not yet occurred in the areas of regulation and compliance, creating jurisdictional complexities. This has increased the cost of reporting and compliance systems for companies with international operations, many operating several country-specific legacy systems to fulfil the same function. 

Ineffectiveness of traditional compliance management systems

Such is the fast-moving pace of regulatory technology that traditional compliance management systems of years gone by now need to be updated. This not only reduces their effectiveness but is also having an impact on client confidence.

Growing importance of adaptive, flexible compliance management systems

Compliance management systems are one of the critical defences against fraud and market abuse. People are another, of course, but they must be adequately supported by the tech stack. This will, of course, be no surprise but as a consequence, companies failing to adhere to the latest regulatory changes face potentially huge fines and penalties. Tackling evolving, shifting problems with static solutions exposes a business to undue risk.

Legacy compliance systems: A modern-day millstone

Legacy compliance systems have become a modern-day millstone around the neck of many financial institutions. Firms often underestimate the costs of maintaining legacy systems, and overestimate the disruption and cost of migration to new more flexible, intelligent solutions.

But what could motivate a transition?

Rising compliance costs and challenges

Global financial services companies are experiencing an annual increase of 7% in compliance costs. In an ultra-competitive market, where it can be challenging to redirect resources, this places enormous pressure on staff, productivity and margin.

Resource intensive approach

Many companies using legacy compliance systems have no choice but to increase their staff count while also looking to outside consultants to provide an independent audit. A highly labour-intensive approach, this is costly and ultimately unviable going forward. It is estimated that the true cost of employment is upwards of 1.7 times a person’s annual basic salary. This has prompted a significant increase in those searching for innovative regulatory reporting solutions.

Inefficient processes

The wide-ranging use of electronic scanners to gather information from physical documents and electronic files has replaced many of the manual actions associated with legacy compliance processes. While dependence on manual processes is much lower today, this approach is prone to human error, which can be costly.

Manual processing and analysis of regulatory documents

There’s wide variation in the application of man versus machine when processing trade surveillance documentation across Tier Two institutions. Manual processing is inefficient enough for domestic only firms. For globally-focussed institutions, where the inefficiencies of manual analysis are compounded, this approach just isn’t serving the business effectively. 

Uncertainty and surveillance gaps

The greater the size and the more disparate the team involved in the compliance chain, the more potential there is for human error, which creates uncertainty and potential compliance gaps. This can also impact skilled staff, who are often overworked and under constant pressure. Indeed, an automated monitoring system by its very nature will systematically identify and close gaps. 

Audit and regulatory findings

Data shows that those who rely on manual compliance processes are more at risk of audit and exam findings, supervisory rulings and enforcement actions. It is not only the pressure on finances which can impact the company, but perhaps more importantly, the reputational damage can be difficult to rectify.

Challenges with legacy compliance software

Those who are persevering with legacy compliance software will face many challenges in the future regarding reliability, compatibility and the ever-growing cost of IT additions. If your systems are optimised for today’s digital, cloud computing environment, it will become easier to keep up-to-date.

Lack of specialisation

Many older compliance packages in use today were created for multiple industries and are bereft of specialist knowledge. This one size fits all approach is incompatible with the modern-day financial industry compliance/regulatory structure. 

In today’s regulatory environment, the question has evolved beyond ‘do you have a system in place?’ to ‘how effective is that system in relation to your specific trading activity and style?’ The effectiveness of compliance solutions is now under greater scrutiny, with a focus on their adaptability to the unique operational needs and the intricacies of individual trading strategies.

Retrofitting challenges

While some of the traditional GRC systems have undertaken retrofitting to address modern-day challenges, it isn’t easy to retain optimisation and efficiency going forward. Many older systems are incompatible with automatic updates and cloud-based functionality, removing much of their value to companies and providing a drag on resources. 

Furthermore, even cloud-based solutions that are built from scratch can fall by the wayside. As the regulatory landscape evolves, these systems often require updates or reconfigurations, leading to a situation where all clients are queued behind each other, waiting for critical changes. This delay can result in compliance solutions that are outdated by the time they are implemented, failing to keep pace with the rapid evolution of regulatory requirements.

What are the opportunities?

As compliance and regulatory obligations continue to increase, the remit of inhouse compliance teams looks set to both grow and take on ever greater operational relevance. Consequently, utilising cutting-edge technology to streamline and reduce the cost of compliance has many benefits. These include:-

  • Less capex and lower running costs 
  • Reduced IT costs as you’re not layering additional processes onto legacy systems
  • Significant reduction in manual work
  • Enhanced monitoring and reporting will improve compliance efficiency
  • Less time spent hiring and training staff
  • Automated regulatory/compliance updates
  • Enhanced flexibility and options to personalise overall packages
  • Maintained and improved compliance record

As a natural consequence, the enhancement of your company’s reputation due to improved compliance will directly feed into commercial benefit.

What types of solutions are available?

Regulatory technology solutions develop at a rapid pace in response to emerging challenges. An area that has attracted significant attention is transaction reporting and trade surveillance and is, of course, our specialism. In theory, the solutions are relatively straightforward, but in practice, they incorporate detailed analysis and testing against similar trading environments. The eflow suite of services includes several elements, such as:

Trade surveillance for market abuse

This package is not only compatible with regulations across the globe, from the FCA, SEC, FINRA, MAS, regulators under ESMA, to the AMF, but it is also designed with adaptability in mind to accommodate the ever-changing landscape of global compliance requirements. 

It processes trading on and off exchange data from over 250 global exchanges and many other sources. Our solution rigorously tests this data against 40 different forms of market abuse, ensuring a comprehensive surveillance scope. Upon detection, suspicious trades are flagged, facilitating a swift review process. The system’s advanced analytics and reporting capabilities allow for efficient processing and reporting of these activities as required by the relevant authorities. 

Best execution and transaction cost analysis

Again compliant with global regulations, this service is a cornerstone for any compliance department. It enriches uploaded trade data with insights from numerous exchanges and compares it against industry benchmarks. Should a trade deviate from expected parameters, it is flagged for further analysis, enabling the production of detailed TCA reports that highlight areas requiring attention.

Transaction reporting

eflow’s transaction reporting solution elevates a firm’s regulatory processes by offering in-built exception management and full reconciliation capabilities within its user interface. This approach streamlines the correction process, allowing firms to directly amend and reconcile trades, which subsequently enhances operational efficiency. The system ensures accuracy and provides a complete audit trail for every action taken, simplifying compliance and reducing the risk of reporting errors. With eflow, firms receive a comprehensive package that not only identifies discrepancies but also facilitates their immediate resolution, all within a single, efficient platform.

eComms surveillance

eflow’s eComms surveillance system is highly adept at sifting through the complexities of both structured and unstructured data, providing a comprehensive view of various communication channels and enabling informed decision-making. 

By capturing the full spectrum of electronic interactions, including those between clients, advisers and staff, the platform highlights not just the content, but also the intent and context surrounding each trade. This deep analysis extends beyond simple keyword triggers, employing advanced algorithms to detect anomalies and patterns that are indicative of suspicious behaviour.

The system’s robust linkage capabilities draw meaningful connections between communication data and trade activity, painting a clear picture of each transaction’s background. This holistic approach is crucial for identifying and documenting potential compliance issues, ensuring that firms can act on the most accurate and complete information available.

Record-keeping is an integral part of this surveillance service, with the platform maintaining detailed logs of all communications and actions taken. This not only aids in immediate issue resolution but also ensures long-term compliance with regulatory record-keeping requirements.

eflow’s regulatory compliance platform has been engineered with scalability and adaptability at its core. It has been built on a robust operating system that offers scalable solutions that meet the diverse needs of our clients, while its cloud-based infrastructure is designed for agility. 

This approach ensures that as regulatory requirements evolve, updates can be deployed rapidly and seamlessly across the platform. In doing so, the platform enables firms to continuously align themselves with current regulations, eliminating the need for costly and time-consuming custom software developments. With eflow, clients benefit from a compliance system that is comprehensive, up-to-date, and scalable, ensuring they can efficiently adapt to the ever-changing regulatory environment.

Bridging the gap

For many institutions, the theoretical benefits of modern-day regulatory compliance solutions can be overshadowed somewhat by concerns about the transition to a new system. This is a short-term outlook to long-term changes in the regulatory and compliance of financial services. 

There are many issues to take into consideration when looking at a switch from legacy systems to a sophisticated tech-driven approach:

  • Audit and risk assessment

The first step in transitioning to a new system is to audit and risk assess your current compliance tech stack and processes. This will give you the opportunity to compare and contrast against new tech-based regulatory platforms with less manual operations.

  • Cost of maintaining and updating

To put this into context, in 2020 global financial services companies spent an estimated $180 billion on compliance operations. The average global split of compliance costs was 57% labour, 40% technology and 3% “other” factors. This highly labour intensive approach saw global financial institutions spend nearly $321 billion extra on compliance enforcement actions between 2008 and 2016.

The outcome of this analysis as it relates to your firm would make it worth the time investment alone. 

  • Identifying gaps

One serious issue with legacy compliance and regulatory systems is the fact that many were built to work on a stand-alone silo basis. Separate from other departments it has proven difficult to align these legacy systems with regulatory demands, in order to address institutional reporting obligations. Consequently, many gaps have emerged over the years which have increased compliance risks and proved expensive to address.

  • Research new solutions

Regardless of the priorities which emerge from your audit, there will be a ready made solution amongst the plethora of options. The ability to centrally update systems for future regulatory and compliance changes ensures that all financial institutions are immediately working under their new obligations. The transition process is now a well-worn path, straightforward with flexible data transfer and back testing to confirm accuracy.

  • Plan the switch over

Regardless of the complexity of the transition, the ease with which a migration - phased or otherwise - is able to be completed will surprise most. The incoming provider will be pivotal in taking the strain off your internal resource.


When looking at the latest regulatory compliance solutions, it is essential to appreciate what they offer today and what they can provide tomorrow. The element of flexibility with these new systems is groundbreaking; the ability to extract and manipulate data is priceless, as is the ability to identify and report trades of interest.

We know that legacy systems cost the industry hundreds of millions of pounds a year, diverting time and resources to areas which have moved onto a new, more efficient platform. Creating add-ons and sticky plasters to extend the life of legacy systems is counterproductive and more costly in the long term.

The practical and financial benefits of migrating from a legacy compliance system to a cutting-edge service are well-documented. If you are considering updating your compliance system, get in touch to discuss the options available.