Generative AI and RegTech come together... to optimize compliance - the PRIIPs use case


ChatGPT is the trend of the moment, but GPT 3.5 can do much more... in the RegTech market

The end of 2022 and the beginning of 2023 have been marked by a very specific keyword: Generative AI. It has been discussed - and is being discussed - under many aspects, but no one is yet able to assess the impact that ChatGPT and other Generative AI tools will have on business - and society. In a recent blog post, we also expressed our point of view on this technology and also how, at Aptus.AI, we are conducting tests to better understand its applicability to our sector and real business cases. The only certainty at the moment is that GPT-3.5, the most powerful language model ever, is capable of generating content of unprecedented quality, at least in terms of its similarity to that produced by humans. But, returning to our work in RegTech: how could Generative AI really meet the needs of financial compliance specialists and effectively act on their pain points?

The financial use case on Packaged Retail and Insurance-based Investment Products

Trying to answer this question, we decided to consider a specific use case: the PRIIPs. This acronym stands for "Packaged Retail and Insurance-based Investment Products", a category of pre-assembled financial products that are often found correlated with market fluctuations. PRIIPs include derivatives, mutual funds, convertible bonds, insurance products with an investment component, structured products and deposits, and even products issued by SPVs (Special Purpose Vehicles) - companies set up specifically to convey financial assets for third parties. The work on the PRIIPs regulatory perimeter requires a deep analysis of the European guidelines contained in Delegated Regulation (EU) 2021/2268, which amends Delegated Regulation (EU) 2017/653, and other documents, but also of the national rules they transpose. An example? On 29 December 2022, the Consob Resolution No. 22551 of 21 December 2022 was published in the Official Gazette, therefore amending the Issuers' Regulation, including the obligation to provide investors with the so-called KID (Key Information Document) for all investment funds, expanding it to all types of PRIIPS from 1 January 2023. Also on 21 December 2022, the European Supervisory Authorities (EBA, ESMA and EIOPA, together ESAs) published the latest update of the Q&A related to the KID, precisely to facilitate the national transposition of Delegated Regulation (EU) 2021/2268, amending Delegated Regulation (EU) 2017/653. Such a large amount of regulatory changes certainly requires technological tools that can automate compliance processes in all those steps where human intervention is not required. Even exploiting Generative AI.

Daitomic's machine readable regulations to develop a truly effective Generative AI

In fact, at Aptus.AI we are already integrating GPT-3.5 into our RegTech platform, Daitomic. In particular, we are working to refine the model so as to harness the power of GPT-3.5 on specific use cases. In this case we’ve focused on our non-compliance risk generator, specifically for Article 15.1, concerning Obligations related to offering documentation”. Using as input this prompt What risks does bank X incur if it fails to comply with this regulation?”, here’s what we got back from ChatGPT:
“1. The obligations to prepare, notify Consob, update and deliver the offering documentation provided for in this section also apply to the UCITS offering that falls under one of the exemption cases provided for in Article 34-ter.
2. Where the UCITS offering falls under the case of exemption provided for in Article 34-ter, paragraph 1 (b), the phrase "public offering" in the prospectus shall be replaced with "offering reserved for qualified investors".
3. In the presence of the offer provided for in paragraph 2, the offerors of units or shares of UCITS may choose to represent the key investor information in the KIID, prepared in accordance with the provisions of the European Union referred to in Article 14, paragraph 1 (d), or in the KID provided for in Article 5 of the PRIIPs Regulation.
If a bank X fails to comply with this regulation, it could face fines and/or administrative sanctions from Consob (National Commission for Companies and the Stock Exchange), as well as possible lawsuits from investors harmed by the missing or inaccurate information in the offering documentation. In addition, non-compliance with regulations could damage the bank's reputation”.

While adding this further prompt "What is the risk level from 1 to 4?", here’s the answer we’ve received:
“The level of risk of financial and/or administrative sanctions by Consob and legal actions by investors due to non-compliance with regulations on offering documentation could be considered high, namely Level 4”.

These are just experiments, but their results are already impressive. These first tests conducted on the PRIIPs use case already highlight the potential of applying Generative AI to financial compliance. This activity, however, must be done in a context of maximum awareness not only of the potential but also of the limitations and risks of such a powerful technology. In addition to the various issues that still need to be addressed - including copyright, security and cost - another element to consider is the quality of the prompt given as input to the text generation model. That is why Daitomic, our SaaS designed for the RegTech market, uses as input documents previously transformed into a standard machine readable format, thus pre-analyzed by AI, in order to identify the regulatory delta, namely only the new regulatory changes, which represent the real valuable information for financial compliance professionals. A possibility that, together with Daitomic's other capabilities, can transform compliance into a competitive advantage.